Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf

Critical Authentication Bypass Vulnerability in VMware Aria Operations for Networks: CVE-2023-34039

Aug 31, 2023 By Steven Campbell In Arctic Wolf
On Tuesday, August 29, 2023, VMware disclosed a critical authentication bypass vulnerability (CVE-2023-34039) in VMware Aria Operations for Networks–formerly known as vRealize Network Insight–that could result in a threat actor gaining access to the Aria Operations for Networks CLI by bypassing SSH authentication. The vulnerability was responsibly disclosed to VMware and has not been actively exploited in campaigns.
Read Post
Arctic Wolf

Ongoing Ransomware Campaign Against Cisco ASA VPN Appliances

Aug 31, 2023 By James Liolios In Arctic Wolf
Arctic Wolf has been tracking multiple intrusions where Cisco VPN account credentials were harnessed by Akira ransomware for initial access. In a recent Cisco PSIRT advisory, Cisco stated they were aware of reports that Akira ransomware threat actors have been targeting Cisco VPNs that are not configured for multi-factor authentication to infiltrate organizations. Our case data supports the observation that affected accounts did not have MFA enabled.
Read Post
Arctic Wolf

1H 2023 Ransomware Landscape Overview

Aug 30, 2023 By Arctic Wolf In Arctic Wolf
Threat actor groups maintain dark web shame sites to negotiate ransoms with their victims, name them, and leak their data as punishment for not paying. These sites serve as a major tool for threatening victims and securing ransom payments but are not a precise record of global cyber attacks. However, there’s a lot to learn from the dark web behavior observed in the first half of this year to help contextualize the current threat landscape.
Read Post

Arctic Wolf Cybersecurity Awareness Month: House of 1000 Breaches Trailer

Aug 29, 2023 By Arctic Wolf In Arctic Wolf
This October, Arctic Wolf Managed Security Awareness in conjunction with Cybersecurity Awareness Month presents “House of 1000 Breaches”, the cybersecurity anthology raising goosebumps and social engineering awareness of all who dare to watch. Available to Arctic Wolf Managed Security Awareness subscribers, and on the Arctic Wolf YouTube Channel. Learn more about Security Awareness and how it can prepare your employees to recognize and neutralize social engineering attacks and human error.
View Video

The Hacker and The Fed: Combatting Cybercrime from the Inside

Aug 28, 2023 By Arctic Wolf In Arctic Wolf
You’ve heard of Anonymous. This is one of the most talked about and dangerous cybercriminal organizations in the world. Join this session to understand the perspective and experience of former Anonymous Black Hat Hacker, Hector Monsegur, and the former FBI agent who infiltrated Anonymous, Chris Tarbell.
View Video
Arctic Wolf

5 Ways to Avoid Falling for Phishing Attacks

Aug 24, 2023 By Nathan Caldwell In Arctic Wolf
There’s a sentiment that has, unfortunately, taken hold in the field of cybersecurity: Users are the weakest part of your environment. You can see why some may try to paint that picture. The statistics would seem to back it up: However, there’s a deeper truth hiding behind these statistics: It’s not the employees who are the weakest part of your security environment, it’s the training they receive.
Read Post

The Pretext: Insider Threats

Aug 24, 2023 By Arctic Wolf In Arctic Wolf
Cybercriminals are looking for a few good... actually, bad... insiders. Malicious insiders enact revenge for termination or line their pockets with ill-gotten funds through partnership with threat actors, giving up their credentials, stealing data, or agreeing to install malware on their organization's environment. How to prevent them? Watch this session from Arctic Wolf® Managed Security Awareness!
View Video
Arctic Wolf

CVE-2023-38035: Critical Authentication Bypass Vulnerability in Ivanti Sentry

Aug 23, 2023 By Andres Ramos In Arctic Wolf
On August 21, 2023, Ivanti published a knowledge base article on a critical authentication bypass vulnerability impacting Ivanti Sentry (CVE-2023-38035). For this vulnerability to be exploited, the System Management Portal which is hosted on port 8443 by default must be exposed to the internet. Successful exploitation of this vulnerability could lead to a remote unauthenticated threat actor making configuration changes to the server and the underlying Operating System (OS) as root.
Read Post
Arctic Wolf

CVE-2023-32560: Critical Remote Code Execution Vulnerabilities in Ivanti Avalanche

Aug 21, 2023 By James Liolios In Arctic Wolf
On August 14th, 2023, cybersecurity company Tenable released a research advisory detailing two stack-based buffer overflow vulnerabilities, collectively tracked as CVE-2023-32560, impacting Ivanti Avalanche products version 6.4.0 and older. A threat actor could remotely exploit the vulnerabilities without user authentication by specifying long data type items to overflow the buffer.
Read Post
Arctic Wolf

Multiple Junos OS Vulnerabilities Could lead to Unauthenticated Remote Code Execution

Aug 18, 2023 By Steven Campbell In Arctic Wolf
On August 17th, 2023, Juniper Networks released out-of-band fixes for multiple vulnerabilities that could be chained together to achieve unauthenticated remote code execution (RCE) on SRX and EX series devices. The vulnerabilities impact the J-Web component of Junos OS, the operating system running on the devices.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.