Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf

Arctic Wolf

Business Email Compromise Attacks (BEC) Keep Growing - Here's How to Increase Your BEC Cybersecurity

Nov 21, 2023 By Arctic Wolf In Arctic Wolf

This spring, Australian authorities were able to arrest a cybercrime syndicate that had conducted BEC attacks on at least 15 individuals and organizations with stolen profits totaling $1.7 million (USD). If those numbers seem shocking, they’re part of a growing upward trend of BEC attacks that shows no sign of slowing down.

Read Post
Arctic Wolf

7 Ways to Strike Balance Between Technical Debt and Security Posture in The World of Open Source

Nov 17, 2023 By Karan Goenka and Michael Fischer In Arctic Wolf
Software development at the speed of business is a constant balance of tradeoffs, and managing the risk of open-source software is one of the most emerging prominent examples. This is driven home by high-profile supply chain attacks such as the ones on SolarWinds, Log4J, and MoveIt. Each of these examples represents a different type of abuse, including.
Read Post

The Howler - Episode 3 - Dan Schiappa, Chief Product Officer

Nov 16, 2023 By Arctic Wolf In Arctic Wolf
In this episode, our hosts sit down with Dan Schiappa, Chief Product Officer at Arctic Wolf. Dan is responsible for driving innovation across product, engineering, alliances, and business development teams to help meet demand for security operations through Arctic Wolf’s growing customer base—especially in the enterprise sector.
View Video

The Howler - Episode 1 - Brian NeSmith, Co-Founder and Executive Chairman of Arctic Wolf

Nov 15, 2023 By Arctic Wolf In Arctic Wolf
In the first Howler podcast episode, our hosts sit down with Brian NeSmith, Co-Founder and Executive Chairman of Arctic Wolf. Brian NeSmith is an internationally recognized business leader, bringing more than 30 years of cybersecurity leadership, including extensive experience driving revenue growth and scaling organizations globally. Before founding Arctic Wolf, he served as CEO of Blue Coat Systems, and prior to Blue Coat, CEO of Ipsilon Networks (acquired by Nokia), which became the leading appliance platform for Check Point firewalls.
View Video

The Howler - Episode 2 - Adam Marrè - Chief Information Security Officer

Nov 15, 2023 By Arctic Wolf In Arctic Wolf
In this episode, our hosts sit down with Adam Marrè, Chief Information Security Officer at Arctic Wolf. Prior to joining Arctic Wolf, Adam was the Global Head of Information Security Operations and Physical Security at Qualtrics. With deep roots in the cybersecurity space, Adam spent almost 12 years with the FBI, holding positions like SWAT Senior Team Leader and Special Agent. In this episode, Adam gives us a peak into the life of a CISO, what keeps him up at night, how he manages stress, and what he believes is foundational to leadership.
View Video
Arctic Wolf

CVE-2023-23368 & CVE-2023-23369: Critical Command Injection Vulnerabilities in QNAP Products

Nov 14, 2023 By James Liolios In Arctic Wolf
On November 4, 2023, QNAP published security advisories for two critical command injection vulnerabilities impacting multiple versions of QNAP operating systems and applications related to the vendor’s network-attached storage (NAS) devices. Both vulnerabilities have been given critical CVSS scores (CVE-2023-23368: 9.8, CVE-2023-23369: 9.0) and both can lead to unauthenticated, remote threat actors executing commands if successfully exploited.
Read Post
Arctic Wolf

CVE-2023-47246: 0-day Remote Code Execution Vulnerability Actively Exploited in SysAid On-Premises

Nov 14, 2023 By Adrian Korn In Arctic Wolf
On November 2, 2023, SysAid was notified by Microsoft of a zero-day path traversal vulnerability allowing for remote code execution, which affects their on-premises ITSM solution. In the investigation conducted by SysAid, it was determined that the vulnerability was being actively exploited by a ransomware affiliate group known as Lace Tempest (DEV-0950), a group known for deploying the CL0P ransomware payload.
Read Post
Arctic Wolf

CVE-2023-38547 & CVE-2023-38548: Two Critical Vulnerabilities in Veeam ONE

Nov 14, 2023 By Steven Campbell In Arctic Wolf
On November 6, 2023, Veeam published security hotfixes for two critical-severity vulnerabilities impacting Veeam ONE. At this time, Arctic Wolf has not identified active exploitation of either vulnerability, nor a published proof of concept (PoC) exploit. Although threat actors have not historically targeted Veeam ONE products, obtaining RCE on the monitoring and analytics platform will likely increase the potential for threat actors to create a working PoC exploit and attempt exploitation.
Read Post
Arctic Wolf

How to Improve Your Cloud Security with AWS

Nov 10, 2023 By Sule Tatar In Arctic Wolf
The cloud offers major benefits to organizations, helping increase business agility, better serve their customers’ needs, and cut their costs. This is why the typical modern business now uses public, infrastructure-as-a-service (IaaS) cloud platforms for its major business and organizational functions. However, the cloud also introduces new risks that can increase your costs should you fall victim to a breach.
Read Post
Arctic Wolf

CVE-2023-46604: Critical RCE Vulnerability in Apache ActiveMQ

Nov 3, 2023 By Andres Ramos In Arctic Wolf
On October 27, 2023, Apache published a security advisory addressing that a critical remote code execution (RCE) vulnerability has been fixed in the latest updates for Apache ActiveMQ products, CVE-2023-46604. This vulnerability was rated with a maximum Common Vulnerability Scoring System (CVSS) score of 10.0, as it can be exploited remotely by an unauthenticated threat actor in low complexity attacks.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.