Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf

Arctic Wolf

Anatomy of a Cyber Attack: The PAN-OS Firewall Zero-Day

Oct 7, 2024 By Arctic Wolf In Arctic Wolf
On April 12, 2024, Palo Alto Networks published a security advisory detailing an actively exploited maximum severity zero-day vulnerability affecting the GlobalProtect feature of PAN-OS. Dubbed CVE-2024-3400, it was assigned the maximum critical severity score of 10.0 through the Common Vulnerability Scoring System (CVSS), meaning the potential for damage was large and the path to exploit was easy for cybercriminals.
Read Post
Arctic Wolf

Rackspace Breach Linked to Zero-Day Vulnerability in ScienceLogic SL1's Third-Party Utility

Oct 4, 2024 By Andres Ramos In Arctic Wolf
On September 24, 2024, Rackspace, a managed cloud computing company providing cloud hosting, dedicated servers, and multi-cloud solutions, reported an issue with their Rackspace Monitoring product in the ScienceLogic EM7 (ScienceLogic SL1) Portal. Rackspace utilizes the ScienceLogic application as a third-party tool for monitoring certain internal services.
Read Post
Arctic Wolf

Understanding and Detecting Lateral Movement

Oct 3, 2024 By Arctic Wolf In Arctic Wolf
A ransomware attack is underway. The threat actor has gained initial access to an endpoint and executed malicious code on it. As far as the threat actor is concerned, things are going well. However, the next stage is critical to a ransomware attack’s success. Without the ability to spread throughout the entire environment, encrypting or locking up all systems, threat actors are unlikely to be able to extort payment from an organization.
Read Post
Arctic Wolf

Multiple Vulnerabilities Disclosed in Linux-based CUPS Printing Service

Sep 27, 2024 By Stefan Hostetler In Arctic Wolf
On September 26, 2024, a security researcher disclosed several vulnerabilities affecting Common UNIX Printing System (CUPS) within GNU/Linux distributions. CUPS is an open-source printing system that allows Unix-like operating systems, including Linux and MacOS, to manage printers and print jobs across local and networked environments. The newly identified CUPS vulnerabilities identified are.
Read Post
Arctic Wolf

Critical RCE Vulnerabilities Impacting HPE Aruba Networking Access Points

Sep 26, 2024 By Andres Ramos In Arctic Wolf
On September 24, 2024, Hewlett Packard Enterprise (HPE), the parent company of Aruba Networks, released a security bulletin addressing three critical command injection vulnerabilities affecting Aruba Networking Access Points. These vulnerabilities, identified as CVE-2024-42505, CVE-2024-42506, and CVE-2024-42507, could allow remote unauthenticated attackers to execute code with privileged access.
Read Post

The Howler Episode 13: One Year Anniversary Live

Sep 23, 2024 By Arctic Wolf In Arctic Wolf
Join hosts Chelsea and Mary as they celebrate one year of The Howler Podcast! From sharing their meet-cute story to interviewing various pack members, this episode is full of both heartwarming & funny moments highlighting the people & programs that make Arctic Wolf so special! Interested in running with the pack? Explore careers at Arctic Wolf—one of the fastest-growing and exciting cybersecurity companies in the world, to learn about how you can join our Pack, create impact, and influence what’s next in security operations.
View Video
Arctic Wolf

Top Government Cyber Attacks

Sep 19, 2024 By Arctic Wolf In Arctic Wolf
Government entities were in the top five industries targeted by both ransomware and business email compromise (BEC) attacks in 2023, according to Arctic Wolf. Additionally, the FBI reported that government entities were the third most-targeted sector by ransomware in 2023, and Arctic Wolf’s own research saw the average ransom for government organizations top $1 million USD that same year. It’s clear that cyber threats are plentiful for these entities.
Read Post
Arctic Wolf

CVE-2024-38812: Critical RCE Vulnerability Fixed in VMware vCenter Server and Cloud Foundation

Sep 18, 2024 By Andres Ramos In Arctic Wolf
On September 17, 2024, Broadcom released fixes for a critical vulnerability impacting VMware vCenter Server and Cloud foundation, tracked as CVE-2024-38812. This vulnerability is a heap-overflow flaw in the implementation of the DCERPC protocol that a remote attacker can use to send specially crafted network packets to vCenter Server, potentially leading to Remote Code Execution (RCE).
Read Post
Arctic Wolf

Five Hidden Costs of Cyber Attacks

Sep 17, 2024 By Arctic Wolf In Arctic Wolf
In the modern, interconnected world, no organization is immune from a cyber attack. Indeed, most experts agree that it is a matter of “when,” not “if” an organization will be targeted by threat actors. If an attack is successful, the immediate costs — including potential ransom payments, lost revenue, and costs associated with remediation and restoration — can be substantial.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.