Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf

CVE-2022-3602 and CVE-2022-3786 - OpenSSL 3.0.X Critical Vulnerabilities

Nov 2, 2022 By Adrian Korn In Arctic Wolf
On October 25, 2022, the OpenSSL project announced the existence of a critical vulnerability in the OpenSSL library affecting OpenSSL versions 3.0.0 and above, as well as any application with an embedded, impacted OpenSSL library. This announcement did not include any details on what this vulnerability is or how it can be exploited. On November 1, 2022, a cryptographic library used for encrypting communications in a wide variety of applications on the internet.
Read Post
Arctic Wolf

CVE-2022-36537 - Critical RCE Vulnerability & Supply Chain Risks in ConnectWise Recover and R1Soft Server Backup Manager

Nov 1, 2022 By Adrian Korn In Arctic Wolf
On October 28th, 2022, ConnectWise disclosed a critical remote code execution (RCE) vulnerability affecting ConnectWise Recover (version 2.9.7 and earlier) and R1Soft Server Backup Manager (version 6.16.3 and earlier). A threat actor could leverage an authentication bypass vulnerability in these products (CVE-2022-36537) to leak server private key files, software licenses, and system configuration files and ultimately achieve RCE as the system superuser.
Read Post
Tines

Redis' Andrew DiMichele: How to build engaged SecOps teams that stay ahead of attackers

Nov 1, 2022 By Thomas Kinsella In Tines

In this episode of the Future of Security Operations, Thomas speaks with Andrew DiMichele, Director of Security Operations at Redis, whose background is building security operations programs. Andrew's security journey began in the US Air Force Reserves and has brought him to CISCO, banking, IBM, and Citrix.

Read Post

Cloud Security Posture Management

Oct 31, 2022 By Arctic Wolf In Arctic Wolf
Arctic Wolf Cloud Security Posture Management security operations identify cloud resources at risk and provide guidance on hardening their posture, simplifying cloud security. Arctic Wolf Cloud Security Posture Management was built to make sure nothing gets missed; to give you greater context into your cloud platforms, identify gaps, and deliver posture hardening recommendations to keep your information safe.
View Video

Arctic Wolf Managed Risk

Oct 31, 2022 By Arctic Wolf In Arctic Wolf
Arctic Wolf Managed Risk enables you to discover, benchmark, and harden your security across your networks, endpoints, and cloud environments. At the core of Arctic Wolf Managed Risk is our Concierge Security Team, providing you with personal security experts who deliver a quantified, real-time understanding of your cyber risk. From technical vulnerabilities like software defects and system misconfigurations, to unsafe practices like reusing passwords, our Concierge Security Team helps focus your team’s efforts to quickly improve your security posture and reduce risk.
View Video
Arctic Wolf

What Security Teams Want from MDR Providers

Oct 31, 2022 By Arctic Wolf In Arctic Wolf
As security teams struggle to scale security programs to meet both attack surface and threat landscape growth and complexity, many are engaging managed detection and response (MDR) providers to accelerate their operating models. With no end in sight for the cybersecurity skills shortage, MDR services can bring immediate expert resources online, together with proven, best-of-breed processes and tools that can help security teams gain control and set themselves up for future security program success.
Read Post
Arctic Wolf

Critical Remote Code Execution Vulnerability in VMware Cloud Foundation NSX-V: CVE-2021-39144

Oct 27, 2022 By Steven Campbell In Arctic Wolf
On Tuesday, October 25th 2022, VMware disclosed a critical remote code execution vulnerability (CVE-2021-39144, CVSS 9.8) in VMware Cloud Foundation NSX-V versions 3.x and older. A threat actor could perform remote code execution in the context of ‘root’ on the appliance due to an unauthenticated endpoint that leverages XStream for input serialization.
Read Post
Arctic Wolf

How to Secure Funding from the Infrastructure Investment and Jobs Act: The Deadline Is Approaching

Oct 27, 2022 By Arctic Wolf In Arctic Wolf
The Infrastructure Investment and Jobs Act (IIJA) includes cybersecurity and will to hand out millions to state and local governments to help them improve their security posture and ward off future cyber threats. Getting your entity’s share of the $185 million (for calendar year 2022), however, is more complicated than emailing the federal government or asking your state for some cash. With a deadline of Nov.
Read Post
Torq

What Is MITRE D3FEND, and How Do You Use It?

Oct 26, 2022 By Torq In Torq

MITRE is a world-renowned research organization that aims to help build a safer world. It is probably best known in the information security industry for being the organization behind the industry-standard CVE (Common Vulnerabilities and Exposures) list. Each entry on the list is supposed to include an explanation of how the vulnerability could be exploited. These attack vectors are tracked and defined in another well-known knowledge base called ATT&CK, which is also maintained by MITRE.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.