Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf

CVE-2024-21887 and CVE-2023-46805: Actively Exploited Vulnerabilities in Ivanti Secure Products Chained Together to Achieve Unauthenticated RCE

Jan 16, 2024 By Steven Campbell In Arctic Wolf
In mid-December 2023, Volexity observed UTA0178–a potential Chinese nation-state threat actor–leveraging two zero-day vulnerabilities in Ivanti Connect Secure (formerly known as Pulse Connect Secure) VPN appliances to steal configuration data, modify and download files, establish a reverse tunnel, and ultimately place webshells (GLASSTOKEN) on multiple internal and external-facing web servers.
Read Post
Arctic Wolf

CVE-2024-20272: Critical Unauthenticated Arbitrary File Upload Vulnerability in Cisco Unity Connection

Jan 16, 2024 By Steven Campbell In Arctic Wolf
On January 10, 2024, Cisco disclosed a critical vulnerability, CVE-2024-20272, with a CVSS score of 7.3, in their Cisco Unity Connection software. This vulnerability allows an unauthenticated remote attacker to upload arbitrary files and execute commands on the underlying operating system. Cisco has released a patch to address the issue.
Read Post

The Howler - Episode 5: Nick Schneider, President & CEO at Arctic Wolf

Jan 12, 2024 By Arctic Wolf In Arctic Wolf
In this episode, our hosts sit down with Nick Schneider, President & CEO at Arctic Wolf. As President and CEO of Arctic Wolf, Nick Schneider brings more than 15 years of experience in building global, high-growth technology companies spanning both emerging and established markets. As a veteran in the security industry, Nick has developed expertise in creating best-of-breed technology platforms and world-class sales organizations, which have been the driving force behind Arctic Wolf’s explosive growth and leadership position in the security operations market.
View Video
Arctic Wolf

CVE-2023-39336: SQL Injection Vulnerability in Ivanti Endpoint Manager

Jan 9, 2024 By Andres Ramos In Arctic Wolf
On January 4, 2024, Ivanti published a security advisory regarding a SQL injection vulnerability in their Endpoint Manager (EPM) solution, CVE-2023-39336. The vulnerability was rated with a CVSS of 9.6, as an attacker with access to the internal network can exploit this vulnerability to execute arbitrary SQL queries without authentication.
Read Post
Arctic Wolf

Behind the Ballot: Insights from Arctic Wolf's 2024 Election Security Survey

Jan 9, 2024 By Arctic Wolf In Arctic Wolf
As the United States gears up for the 2024 election, the significance of cybersecurity for state and local governments cannot be overstated. In an era where digital threats are increasingly sophisticated, robust cybersecurity measures are essential to protect both the critical election infrastructure and the integrity of elections itself.
Read Post
Arctic Wolf

Follow-On Extortion Campaign Targeting Victims of Akira and Royal Ransomware

Jan 4, 2024 By Stefan Hostetler, Steven Campbell In Arctic Wolf
Arctic Wolf Labs is aware of several instances of ransomware cases where the victim organizations were contacted after the original compromise for additional extortion attempts. In two cases investigated by Arctic Wolf Labs, threat actors spun a narrative of trying to help victim organizations, offering to hack into the server infrastructure of the original ransomware groups involved to.
Read Post

The Howler Bonus Episode - Mental Health & Wellbeing Roundtable

Dec 22, 2023 By Arctic Wolf In Arctic Wolf
In this bonus episode, pack members from around the globe have a conversation about what it looks like for them personally to prioritize mental health and wellbeing. Interested in running with the pack? Explore careers at Arctic Wolf—one of the fastest-growing and exciting cybersecurity companies in the world, to learn about how you can join our Pack, create impact, and influence what’s next in security operations.
View Video
Arctic Wolf

CVE-2023-41727, CVE-2023-46220, CVE-2023-46261, and More: Multiple Critical Vulnerabilities Patched in Ivanti Avalanche

Dec 22, 2023 By Andres Ramos In Arctic Wolf
On December 20, 2023, Ivanti announced that 20 vulnerabilities in Ivanti Avalanche On-Prem were patched in the product’s latest update. Arctic Wolf has highlighted 13 of these vulnerabilities in this bulletin that were rated as critical severity and could lead to remote code execution (RCE) or Denial of Service (DoS).
Read Post
Arctic Wolf

Should Your Organization Rely on XDR For Cybersecurity?

Dec 20, 2023 By Arctic Wolf In Arctic Wolf
The cybersecurity industry is always evolving. Whether new solutions arrive because of advances in technology, emerging threats, or changing security needs, every few years a new platform — and often acronym — joins the market. Extended detection and response (XDR) is one of those solutions that has gained momentum from buyers and taken over many security conversations in recent years.
Read Post

Arctic Wolf Always Ahead: 2024 Cybersecurity Predictions

Dec 20, 2023 By Arctic Wolf In Arctic Wolf
In this episode of Always Ahead, our Chief Product Officer Dan Schiappa explains why the cybersecurity industry should expect ransomware to continue to dominate the threat landscape in 2024, and why organizations that prioritize cyber insurance and AI integration are on the right track to protect their IT environment.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.