Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Howler Episode 14: Jeff Green, Senior Vice President, R&D

Nov 7, 2024 By Arctic Wolf In Arctic Wolf
This month we sit down with Jeff Green, Senior Vice President of R&D, as he shares his experience helping open our brand-new India office, leadership advice he swears by, and more! Jeff is an industry veteran with over 30 years of experience in building world-class products and technologies for enterprises and consumers primarily focused in security. Currently as Senior Vice President of R&D, Jeff leads Arctic Wolf’s global research and engineering organization with a focus on delivering security outcomes for customers and ending cyber risk at high scale.
View Video
Arctic Wolf

CVE-2024-42509, CVE-2024-47460: Critical RCE Vulnerabilities Impacting HPE Aruba Networking Access Points

Nov 7, 2024 By Andres Ramos In Arctic Wolf
On November 5, 2024, Hewlett Packard Enterprise (HPE), the parent company of Aruba Networks, released a security bulletin addressing two critical-severity vulnerabilities affecting Aruba Networks Access Points. These vulnerabilities, identified as CVE-2024-42509 and CVE-2024-47460, could allow unauthenticated command injection.
Read Post
Arctic Wolf

CVE-2024-10443: Critical Zero-Click RCE Vulnerability Discovered in Synology NAS Devices

Nov 4, 2024 By Andres Ramos In Arctic Wolf
On November 1, 2024, details of a critical vulnerability affecting Synology NAS devices, which had been patched a few days earlier, were publicly disclosed. This vulnerability, tracked as CVE-2024-10443 is classified as a zero-click flaw, meaning no user interaction is required for exploitation. The issue originates from the SynologyPhotos application, which comes pre-installed and enabled by default on Synology’s BeeStation storage devices and is also widely used among DiskStation users.
Read Post
Arctic Wolf

How to Secure Your Network Infrastructure

Oct 31, 2024 By Arctic Wolf In Arctic Wolf
With governments across the globe gearing up for major elections, experts have been predicting an increase in distributed denial of service (DDoS) attacks from nation-states and, so far, those predictions have paid off. According to Forbes, a recently thwarted DDoS attack found hackers sending traffic at 3.8 terabytes per second to a target server, peaking at 2.14 billion packets per second, making it the largest DDoS attack ever recorded.
Read Post
Arctic Wolf

CVE-2024-50388: Critical OS Command Injection Vulnerability in QNAP HBS 3 Hybrid Backup Sync

Oct 30, 2024 By Andres Ramos In Arctic Wolf
On October 29, 2024, QNAP issued a security advisory regarding a critical OS command injection vulnerability, tracked as CVE-2024-50388. Discovered by researchers at the Pwn2Own conference, this vulnerability affects HBS 3 Hybrid Backup Sync, a backup and disaster recovery solution used by organizations for secure data protection across multiple locations. The flaw allows remote attackers to execute arbitrary commands.
Read Post
Arctic Wolf

Why SIEM Is Not Right for SaaS Security

Oct 25, 2024 By Arctic Wolf In Arctic Wolf
When security information and event management (SIEM) tools came to the market over a decade ago, many practitioners considered the combination of information management and event management groundbreaking. Since then, the technology has gone through iterations to improve and enhance its capabilities, including the incorporation of user and entity behavior analytics (UEBA), machine learning and AI capabilities, and “out-of-the-box” configurations for smaller organizations to rely on.
Read Post
Arctic Wolf

Arctic Wolf Labs Observes Increased Fog and Akira Ransomware Activity Linked to SonicWall SSL VPN

Oct 24, 2024 By Steven Campbell, Akshay Suthar, and Stefan Hostetler In Arctic Wolf
In early August, Arctic Wolf Labs began observing a marked increase in Fog and Akira ransomware intrusions where initial access to victim environments involved the use of SonicWall SSL VPN accounts. Based on victimology data showing a variety of targeted industries and organization sizes, we assess that the intrusions are likely opportunistic, and the threat actors are not targeting a specific set of industries.
Read Post
Arctic Wolf

CVE-2024-47575: Critical Vulnerability in FortiNet FortiManager Under Active Exploitation

Oct 24, 2024 By Andres Ramos In Arctic Wolf
On October 23, 2024, Fortinet published an advisory disclosing an actively exploited vulnerability (CVE-2024-47575) affecting FortiManager and FortiManager Cloud. The critical-severity vulnerability can be exploited on FortiManager instances exposed to the internet via port 541. Successful exploitation could allow a remote, unauthenticated threat actor to execute arbitrary code or commands via specially crafted requests.
Read Post
Arctic Wolf

Understanding Human Risk in Cybersecurity

Oct 24, 2024 By Adam Marrè In Arctic Wolf
One of the most challenging elements of securing an organization from cyber threats is ensuring that their employees aren’t placing themselves or their colleagues at risk. But as Arctic Wolf’s new Human Risk Behavior Snapshot shows, even security practitioners and IT leaders aren’t always model citizens when it comes to mitigating their own cyber risk.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.