Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf

Arctic Wolf

Three Critical Vulnerabilities Impacting VMware Workspace ONE Assist Server CVE-2022-31685, CVE-2022-31686 and CVE-2022-31687

Nov 10, 2022 By Steven Campbell In Arctic Wolf
On Tuesday, November 8, 2022, VMware disclosed three critical-severity vulnerabilities impacting VMware Workspace ONE Assist Server versions 21.x and 22.x. If successfully exploited, the reported vulnerabilities could lead to a threat actor obtaining administrative access to the application without the need to authenticate.
Read Post
Arctic Wolf

CVE-2022-27510: Citrix Gateway and Citrix ADC Critical Authentication Bypass Vulnerability, along with CVE-2022-27513 & CVE-2022-27516

Nov 9, 2022 By Adrian Korn In Arctic Wolf
On November 8th, 2022, Citrix disclosed a critical authentication bypass (CVE-2022-27510), a remote desktop takeover (CVE-2022-27513), and a user login brute force protection functionality bypass (CVE-2022-27516) vulnerability affecting several versions of Citrix ADC and Citrix Gateway. This bulletin only applies to customer-managed Citrix ADC and Citrix Gateway appliances as Citrix-managed cloud services are not affected. A threat actor could leverage these vulnerabilities in specific circumstances.
Read Post
Arctic Wolf

What Is Cloud Detection and Response and Why Do You Need It?

Nov 7, 2022 By Britt Serra In Arctic Wolf
Cloud adoption is vastly increasing. Right now, 9o% of businesses are using or plan to use a multi-cloud environment. While the cloud, which refers to internet-accessed servers that are not directly managed by the business, can help organizations scale in a cost-effective manner, they also create new cybersecurity risks.
Read Post
Arctic Wolf

The Top Cyber Attacks of October 2022

Nov 4, 2022 By Arctic Wolf In Arctic Wolf
We’ve made it through spooky season once again, but there is still plenty of scary business unfolding in the world of cybersecurity. October offered several useful cautionary tales for organizations, including a company that took fast action and averted a threat, one that overlooked a security gap for far too long, another that offered a crucial reminder about improper conduct, and one more that … well, we’re not quite sure what the heck happened with that one.
Read Post
Arctic Wolf

CVE-2022-3602 and CVE-2022-3786 - OpenSSL 3.0.X Critical Vulnerabilities

Nov 2, 2022 By Adrian Korn In Arctic Wolf
On October 25, 2022, the OpenSSL project announced the existence of a critical vulnerability in the OpenSSL library affecting OpenSSL versions 3.0.0 and above, as well as any application with an embedded, impacted OpenSSL library. This announcement did not include any details on what this vulnerability is or how it can be exploited. On November 1, 2022, a cryptographic library used for encrypting communications in a wide variety of applications on the internet.
Read Post
Arctic Wolf

CVE-2022-36537 - Critical RCE Vulnerability & Supply Chain Risks in ConnectWise Recover and R1Soft Server Backup Manager

Nov 1, 2022 By Adrian Korn In Arctic Wolf
On October 28th, 2022, ConnectWise disclosed a critical remote code execution (RCE) vulnerability affecting ConnectWise Recover (version 2.9.7 and earlier) and R1Soft Server Backup Manager (version 6.16.3 and earlier). A threat actor could leverage an authentication bypass vulnerability in these products (CVE-2022-36537) to leak server private key files, software licenses, and system configuration files and ultimately achieve RCE as the system superuser.
Read Post

Cloud Security Posture Management

Oct 31, 2022 By Arctic Wolf In Arctic Wolf
Arctic Wolf Cloud Security Posture Management security operations identify cloud resources at risk and provide guidance on hardening their posture, simplifying cloud security. Arctic Wolf Cloud Security Posture Management was built to make sure nothing gets missed; to give you greater context into your cloud platforms, identify gaps, and deliver posture hardening recommendations to keep your information safe.
View Video

Arctic Wolf Managed Risk

Oct 31, 2022 By Arctic Wolf In Arctic Wolf
Arctic Wolf Managed Risk enables you to discover, benchmark, and harden your security across your networks, endpoints, and cloud environments. At the core of Arctic Wolf Managed Risk is our Concierge Security Team, providing you with personal security experts who deliver a quantified, real-time understanding of your cyber risk. From technical vulnerabilities like software defects and system misconfigurations, to unsafe practices like reusing passwords, our Concierge Security Team helps focus your team’s efforts to quickly improve your security posture and reduce risk.
View Video
Arctic Wolf

What Security Teams Want from MDR Providers

Oct 31, 2022 By Arctic Wolf In Arctic Wolf
As security teams struggle to scale security programs to meet both attack surface and threat landscape growth and complexity, many are engaging managed detection and response (MDR) providers to accelerate their operating models. With no end in sight for the cybersecurity skills shortage, MDR services can bring immediate expert resources online, together with proven, best-of-breed processes and tools that can help security teams gain control and set themselves up for future security program success.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.