Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf

Critical RCE Vulnerabilities Impacting HPE Aruba Networking Access Points

Sep 26, 2024 By Andres Ramos In Arctic Wolf
On September 24, 2024, Hewlett Packard Enterprise (HPE), the parent company of Aruba Networks, released a security bulletin addressing three critical command injection vulnerabilities affecting Aruba Networking Access Points. These vulnerabilities, identified as CVE-2024-42505, CVE-2024-42506, and CVE-2024-42507, could allow remote unauthenticated attackers to execute code with privileged access.
Read Post

The Howler Episode 13: One Year Anniversary Live

Sep 23, 2024 By Arctic Wolf In Arctic Wolf
Join hosts Chelsea and Mary as they celebrate one year of The Howler Podcast! From sharing their meet-cute story to interviewing various pack members, this episode is full of both heartwarming & funny moments highlighting the people & programs that make Arctic Wolf so special! Interested in running with the pack? Explore careers at Arctic Wolf—one of the fastest-growing and exciting cybersecurity companies in the world, to learn about how you can join our Pack, create impact, and influence what’s next in security operations.
View Video
Arctic Wolf

Top Government Cyber Attacks

Sep 19, 2024 By Arctic Wolf In Arctic Wolf
Government entities were in the top five industries targeted by both ransomware and business email compromise (BEC) attacks in 2023, according to Arctic Wolf. Additionally, the FBI reported that government entities were the third most-targeted sector by ransomware in 2023, and Arctic Wolf’s own research saw the average ransom for government organizations top $1 million USD that same year. It’s clear that cyber threats are plentiful for these entities.
Read Post
Arctic Wolf

CVE-2024-38812: Critical RCE Vulnerability Fixed in VMware vCenter Server and Cloud Foundation

Sep 18, 2024 By Andres Ramos In Arctic Wolf
On September 17, 2024, Broadcom released fixes for a critical vulnerability impacting VMware vCenter Server and Cloud foundation, tracked as CVE-2024-38812. This vulnerability is a heap-overflow flaw in the implementation of the DCERPC protocol that a remote attacker can use to send specially crafted network packets to vCenter Server, potentially leading to Remote Code Execution (RCE).
Read Post
Arctic Wolf

Five Hidden Costs of Cyber Attacks

Sep 17, 2024 By Arctic Wolf In Arctic Wolf
In the modern, interconnected world, no organization is immune from a cyber attack. Indeed, most experts agree that it is a matter of “when,” not “if” an organization will be targeted by threat actors. If an attack is successful, the immediate costs — including potential ransom payments, lost revenue, and costs associated with remediation and restoration — can be substantial.
Read Post
Arctic Wolf

Types of Security Scans Every Organization Should Be Using

Sep 12, 2024 By Arctic Wolf In Arctic Wolf
In 2023, nearly 60% of incidents investigated by Arctic Wolf Incident Response involved a vulnerability that was two — or more — years old. That means the organization had 24-plus months to find and remediate the vulnerability before threat actors took advantage. Why do vulnerabilities remain persistent? There’s a number of reasons, not the least of which is that more of them pop up each day, creating a mountain of vulnerabilities that feels too difficult to summit for most businesses.
Read Post
Arctic Wolf

CVE-2024-6678: GitLab Fixes Critical Pipeline Execution Vulnerability

Sep 12, 2024 By Andres Ramos In Arctic Wolf
On September 11, 2024, GitLab released patches for a critical vulnerability affecting various versions of GitLab CE/EE, identified as CVE-2024-6678. This flaw allows a remote attacker to trigger a pipeline as an arbitrary user under specific conditions. A GitLab pipeline is a collection of automated processes that run in stages to build, test, and deploy code.
Read Post
Arctic Wolf

How Manufacturing Organizations Can Increase Their Cybersecurity

Sep 11, 2024 By Arctic Wolf In Arctic Wolf
When Clorox was hit with a ransomware attack in 2023, the impact went beyond just the infected endpoints. Threat actors succeeded in taking many of the organization’s automated systems offline and impacted large retailers’ ability to order products from the manufacturer. There was significant operational downtime as it took Clorox over a month to contain the breach, and the resulting financial loss was in the tens of millions.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.