Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf

Arctic Wolf

PoC Exploit Available for Critical Information Disclosure Vulnerabilities in Ivanti EPM

Feb 20, 2025 By Andres Ramos In Arctic Wolf
On February 19, 2025, Horizon3.ai published proof-of-concept (PoC) exploit code and technical details for critical Ivanti Endpoint Manager (EPM) vulnerabilities disclosed in January. The vulnerabilities are tracked as CVE-2024-10811, CVE-2024-13161, CVE-2024-13160, and CVE-2024-13159, allowing a remote unauthenticated attacker to leak sensitive information via a path traversal. They share the same underlying issue, which results from an unauthenticated endpoint failing to validate input.
Read Post
Arctic Wolf

CVE-2025-0108: Exploitation Attempts Targeting Web Management Interface of PAN-OS

Feb 18, 2025 By Julian Tuin In Arctic Wolf
On February 12, 2025, Palo Alto Networks published a security advisory for CVE-2025-0108, an authentication bypass vulnerability in the management web interface of PAN-OS. The vulnerability was responsibly disclosed to Palo Alto Networks by Assetnote, who published a blog article with technical details about how to exploit the vulnerability the same day it was disclosed. Since then, proof-of-concept exploit code has emerged publicly.
Read Post
Arctic Wolf

Understanding Cyber Insurance Coverage

Feb 13, 2025 By Arctic Wolf In Arctic Wolf
Cyber attacks are increasing in frequency and severity, with the trend ticking upward year after year. As the volume of attacks continues to rise and threat actors work to evade cybersecurity measures, organizations are increasingly adopting a strategy that helps minimize the effects of a potential breach – risk transfer.
Read Post
Arctic Wolf

Arctic Wolf Observes Authentication Bypass Exploitation Attempts Targeting SonicWall Firewalls (CVE-2024-53704)

Feb 13, 2025 By Andres Ramos In Arctic Wolf
On February 10, 2025, Bishop Fox published technical details and proof-of-concept (PoC) exploit code for CVE-2024-53704, a high-severity authentication bypass vulnerability caused by a flaw in the SSLVPN authentication mechanism in SonicOS, the operating system used by SonicWall firewalls. Shortly after the PoC was made public, Arctic Wolf began observing exploitation attempts of this vulnerability in the threat landscape.
Read Post
Arctic Wolf

Threat Intelligence's Role in Cybersecurity

Feb 11, 2025 By Arctic Wolf In Arctic Wolf
Threat intelligence, also referred to as cyber threat intelligence (CTI), is evidence-based data that’s been collected from a variety of sources, processed, and analyzed to help both organizations and individuals understand recent cyber attacks as well as threat actors’ motivations, tactics, behaviors, and potential next steps.
Read Post
Arctic Wolf

The Aurora Endpoint Security Difference: Ushering in a New Dawn for Cybersecurity

Feb 3, 2025 By Nick Schneider In Arctic Wolf
Today, Arctic Wolf successfully completed the acquisition of BlackBerry’s Cylance endpoint security assets. With this acquisition, we are thrilled to welcome hundreds of new partners and thousands of customers to The Pack. Additionally, we are excited to welcome almost 400 new employees who will join Arctic Wolf offices around the globe.
Read Post

Top Tips To Combat Fraud Targeting Older Generations

Jan 31, 2025 By Arctic Wolf In Arctic Wolf
In this episode, Mike is joined by Christopher Fielder, Field CTO at Arctic Wolf to delves into the vulnerability of seniors to cybercrime. With over 101,000 Americans aged 60 and above falling victim to digital fraud in 2023, it’s evident that scammers exploit seniors’ digital unawareness for significant financial gain. Christopher sheds light on the risk-reward dynamics, manipulation tactics, and emphasizes the importance of maintaining control, asking questions, and practicing cyber hygiene.
View Video
Arctic Wolf

Arctic Wolf Observes Campaign Exploiting SimpleHelp RMM Software for Initial Access

Jan 24, 2025 By Andres Ramos In Arctic Wolf
On January 22, 2025, Arctic Wolf began observing a campaign involving unauthorized access to devices running SimpleHelp RMM software as an initial access vector. Roughly a week prior to the emergence of this campaign, several vulnerabilities had been publicly disclosed in SimpleHelp by Horizon3 (CVE-2024-57726, CVE-2024-57727, and CVE-2024-57728).
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.