Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf

How to Improve Your Cloud Security with AWS

Nov 10, 2023 By Sule Tatar In Arctic Wolf
The cloud offers major benefits to organizations, helping increase business agility, better serve their customers’ needs, and cut their costs. This is why the typical modern business now uses public, infrastructure-as-a-service (IaaS) cloud platforms for its major business and organizational functions. However, the cloud also introduces new risks that can increase your costs should you fall victim to a breach.
Read Post
Arctic Wolf

Exploitation of CVE-2023-46604 in Apache ActiveMQ Leads to TellYouThePass Ransomware

Nov 3, 2023 By Stefan Hostetler, Markus Neis, Christopher Prest, Hady Azzam, Joe Wedderspoon, and Ross Phillips In Arctic Wolf
This article aims to share timely and relevant information about a rapidly developing campaign under investigation. We are publishing it as early as possible for the benefit of the cybersecurity community, and we may provide updates in the near future once more details become available in our research.
Read Post
Arctic Wolf

CVE-2023-46604: Critical RCE Vulnerability in Apache ActiveMQ

Nov 3, 2023 By Andres Ramos In Arctic Wolf
On October 27, 2023, Apache published a security advisory addressing that a critical remote code execution (RCE) vulnerability has been fixed in the latest updates for Apache ActiveMQ products, CVE-2023-46604. This vulnerability was rated with a maximum Common Vulnerability Scoring System (CVSS) score of 10.0, as it can be exploited remotely by an unauthenticated threat actor in low complexity attacks.
Read Post
Arctic Wolf

7 Types of Social Engineering Attacks

Oct 30, 2023 By Sule Tatar In Arctic Wolf
When a ransomware group launched twin cyber attacks on casino giants MGM and Caesars, they only needed the accidental participation of the organizations’ outsourced IT help desk to get started. It was social engineering — in this case impersonation over the phone, or vishing— that gave the hackers the information they needed to launch a ransomware attack that cost both casinos millions.
Read Post

Arctic Wolf Always Ahead: Gartner Peer Insights Customers' Choice in Managed Detection & Response

Oct 30, 2023 By Arctic Wolf In Arctic Wolf
Arctic Wolf was named as the Customers’ Choice for North America in the July 2023 Gartner® Peer Insights™ ‘ Voice of the Customer: Managed Detection and Response Services’ . Our Chief Product Officer Dan Schiappa explains how we continue to differentiate our approach to MDR with a full-service cloud-native platform that is praised by organizations worldwide for its efficacy, efficiency, and scale as attack vectors widen and existing endpoint solutions alone fail to protect organizations.
View Video

Arctic Wolf Always Ahead: Managed Security Awareness

Oct 30, 2023 By Arctic Wolf In Arctic Wolf
Our Chief Product Officer Dan Schiappa explains the differentiated approach Arctic Wolf takes to Managed Security Awareness®, making security education as simple and effective as possible for our customers. With Hollywood-quality production and entertaining material, Arctic Wolf's approach to micro-learning is both fast and fun.
View Video
Arctic Wolf

CVE-2023-46747: Critical Unauthenticated RCE Vulnerability in F5 BIG-IP

Oct 27, 2023 By Steven Campbell In Arctic Wolf
On October 26, 2023, F5 released security hotfixes for a critical unauthenticated RCE vulnerability (CVE-2023-46747) in BIG-IP’s Traffic Management User Interface (TMUI). If successfully exploited a threat actor with network access to the vulnerable system could bypass the configuration utility authentication and execute arbitrary system commands. CVE-2023-46747 is exploitable if the Traffic Management User Interface is exposed to the Internet.
Read Post
Arctic Wolf

CVE-2023-34048: Critical RCE Vulnerability in VMware vCenter Server and Cloud Foundation

Oct 26, 2023 By James Liolios In Arctic Wolf
On October 25, 2023 VMware published a security advisory regarding a critical out-of-bounds write vulnerability (CVE-2023-34048) that has been fixed in the latest updates by VMware. The vulnerability has received a critical severity rating by VMware as it could potentially allow a remote, unauthenticated threat actor to achieve remote code execution if successfully exploited.
Read Post
Arctic Wolf

CVE-2023-20198: Actively Exploited Privilege Escalation Vulnerability in Cisco IOS XE

Oct 23, 2023 By James Liolios In Arctic Wolf
On October 16, 2023, Cisco published a security advisory regarding an actively exploited and unpatched privilege escalation vulnerability in the Web UI feature of the Cisco IOS XE operating system, both physical and virtual. The vulnerability could allow a remote, unauthenticated threat actor to create an account with maximum privileges (privilege level 15 access) on the affected device. Due to these factors, Cisco has given this vulnerability the maximum possible CVSS score of 10.
Read Post
Arctic Wolf

Data Exposure Misconfiguration Issue in ServiceNow (Potential Public List Widget Misconfiguration)

Oct 23, 2023 By Andres Ramos In Arctic Wolf
On October 18, 2023, ServiceNow published a knowledge base article revealing that they are aware of reporting that details a potential misconfiguration issue. This issue lies in the Access Control Lists (ACL) within ServiceNow that if misconfigured could result in unauthenticated threat actors being able to access data. The issue was discovered by a security engineer at AppOmni, and was disclosed in a blog to the public on October 14, 2023.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.