Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf

Arctic Wolf

CherryLoader: A New Go-based Loader Discovered in Recent Intrusions

Jan 23, 2024 By Hady Azzam, Christopher Prest, and Steven Campbell In Arctic Wolf
Arctic Wolf Labs has been tracking two recent intrusions where threat actors leveraged a new Go-based malware downloader we are calling “CherryLoader” that allowed them to swap exploits without recompiling code. The loader’s icon and name masqueraded as the legitimate CherryTree note taking application to trick the victims.
Read Post
Arctic Wolf

CVE-2024-21591: Critical Junos OS Vulnerability Could lead to Unauthenticated Remote Code Execution

Jan 22, 2024 By Steven Campbell In Arctic Wolf
On January 10, 2024, Juniper Networks released patches to remediate a critical vulnerability (CVE-2024-21591) in Junos SRX and EX series devices. CVE-2024-21591 could allow a threat actor to cause a denial of service (DoS) or achieve unauthenticated remote code execution (RCE) with root privileges. The vulnerability impacts the J-Web component of Junos OS, the operating system running on the devices. The vulnerability was discovered during external security research.
Read Post
Arctic Wolf

CVE-2023-6548 & CVE-2023-6549: DoS and RCE Vulnerabilities Exploited in Citrix NetScaler ADC and NetScaler Gateway

Jan 22, 2024 By Andres Ramos In Arctic Wolf
On January 16, 2024, Citrix published a security bulletin disclosing two zero-day vulnerabilities (CVE-2023-6548 & CVE-2023-6549) being actively exploited in Citrix NetScaler ADC and NetScaler Gateway.
Read Post
Arctic Wolf

Ransomware-as-a-Service Will Continue to Grow in 2024

Jan 19, 2024 By Arctic Wolf In Arctic Wolf
Ransomware-as-a-service (RaaS) may not be a brand-new tactic on the cyber battlefield, but it’s quickly gaining popularity among threat actors. For at least the past five years, cybercriminals have not only realized the monetary effectiveness of ransomware, but have understood that by banding together, and utilizing each other’s strengths, they could expand their ransomware attacks, split the profits, and utilize stolen data to launch future cyber attacks on larger organizations.
Read Post
Arctic Wolf

Securing Your IoT Network: 5 Best Practices to Protect Your Business

Jan 16, 2024 By Arctic Wolf In Arctic Wolf
The volume of internet of things (IoT) devices is rapidly growing. From manufacturing to healthcare to retail, organizations are turning to these devices as they digitize and expand. In fact, it’s estimated that IoT devices make up 30% of devices on enterprise networks, and there’s an estimated 17 billion IoT devices in the world, from simple consumer devices to complicated enterprise tools.
Read Post
Arctic Wolf

CVE-2024-21887 and CVE-2023-46805: Actively Exploited Vulnerabilities in Ivanti Secure Products Chained Together to Achieve Unauthenticated RCE

Jan 16, 2024 By Steven Campbell In Arctic Wolf
In mid-December 2023, Volexity observed UTA0178–a potential Chinese nation-state threat actor–leveraging two zero-day vulnerabilities in Ivanti Connect Secure (formerly known as Pulse Connect Secure) VPN appliances to steal configuration data, modify and download files, establish a reverse tunnel, and ultimately place webshells (GLASSTOKEN) on multiple internal and external-facing web servers.
Read Post
Arctic Wolf

CVE-2024-20272: Critical Unauthenticated Arbitrary File Upload Vulnerability in Cisco Unity Connection

Jan 16, 2024 By Steven Campbell In Arctic Wolf
On January 10, 2024, Cisco disclosed a critical vulnerability, CVE-2024-20272, with a CVSS score of 7.3, in their Cisco Unity Connection software. This vulnerability allows an unauthenticated remote attacker to upload arbitrary files and execute commands on the underlying operating system. Cisco has released a patch to address the issue.
Read Post

The Howler - Episode 5: Nick Schneider, President & CEO at Arctic Wolf

Jan 12, 2024 By Arctic Wolf In Arctic Wolf
In this episode, our hosts sit down with Nick Schneider, President & CEO at Arctic Wolf. As President and CEO of Arctic Wolf, Nick Schneider brings more than 15 years of experience in building global, high-growth technology companies spanning both emerging and established markets. As a veteran in the security industry, Nick has developed expertise in creating best-of-breed technology platforms and world-class sales organizations, which have been the driving force behind Arctic Wolf’s explosive growth and leadership position in the security operations market.
View Video
Arctic Wolf

CVE-2023-39336: SQL Injection Vulnerability in Ivanti Endpoint Manager

Jan 9, 2024 By Andres Ramos In Arctic Wolf
On January 4, 2024, Ivanti published a security advisory regarding a SQL injection vulnerability in their Endpoint Manager (EPM) solution, CVE-2023-39336. The vulnerability was rated with a CVSS of 9.6, as an attacker with access to the internal network can exploit this vulnerability to execute arbitrary SQL queries without authentication.
Read Post
Arctic Wolf

Behind the Ballot: Insights from Arctic Wolf's 2024 Election Security Survey

Jan 9, 2024 By Arctic Wolf In Arctic Wolf
As the United States gears up for the 2024 election, the significance of cybersecurity for state and local governments cannot be overstated. In an era where digital threats are increasingly sophisticated, robust cybersecurity measures are essential to protect both the critical election infrastructure and the integrity of elections itself.
Read Post
Subscribe to Arctic Wolf

Copyright © 2024 OpsMatters™. All rights reserved.