
CVE-2022-27596: QNAP NAS Devices Vulnerable to Critical SQL Injection Vulnerability
On January 30, 2023, QNAP Systems Inc. disclosed a new critical vulnerability that could allow remote attackers to inject malicious code on QNAP NAS devices
The cybersecurity industry has an effectiveness problem. Despite new technologies emerging every year, high-profile breaches continue to occur. To prevent these attacks, the industry needs to adopt a new approach by focusing on security operations. That’s where Arctic Wolf can help.
Built on an open XDR architecture, the Arctic Wolf Platform® combines with our Concierge Security® Model to work as an extension of your team, proactively protect your environment, and strengthen your security posture.
Learn more about our unique approach to cybersecurity and why Arctic Wolf has emerged as a leader in the industry.
GUIDEComprehensive Guide To Security OperationsLearn how to minimize risk and continuously improve your security posture using the Arctic Wolf guide for implementing a security operations framework at your organization.READ NOW ❯ |
GUIDECyber Insurance Buyer's GuideThe Cyber Insurance Buyer’s Guide will help you understand the changes to the cyber insurance marketplace and provide tips on how to qualify and maintain coverage as insurers evolve their approach.READ NOW ❯ |
WHITE PAPERConverging Platforms: How Do XDR, SIEM, And SOAR Compare?Understand the benefits and drawbacks of each cybersecurity solution in order to make an informed decision for your organization.READ NOW ❯ |
We envision a future without cyber risk. Every organization should be so effective at security operations that both the likelihood and impact of a cyber attack is minimized to the point where risk is essentially zero.
On January 30, 2023, QNAP Systems Inc. disclosed a new critical vulnerability that could allow remote attackers to inject malicious code on QNAP NAS devices
On Tuesday, January 24th, 2023, VMware disclosed two critical vulnerabilities in VMware vRealize Log Insight that could result in remote code execution (RCE). CVE-2022-31706
Later this week, Horizon3 researchers plan to release a Proof of Concept (PoC) exploit for CVE-2022-47966, a critical unauthenticated, remote code execution vulnerability in multiple
Between the 28th –30th of December 2022, Zoho released security updates to address a SQL injection vulnerability that they identified, designated as CVE-2022-47523. An advisory
Arctic Wolf has observed an increase in exploitation of CVE-2022-41080 and CVE-2022-41082 in recent Incident Response engagements where the vulnerabilities were chained together to achieve remote code
Updated: Dec 18, 2022 On the 12th of December 2022, we sent out a security bulletin about a Fortinet security advisory involving an actively exploited
In a coordinated disclosure with Microsoft on December 13th, 2022, security researchers with Mandiant, SentinelOne, and Sophos published evidence of a threat actor technique where
As part of Microsoft’s September 2022 Security Update, Microsoft released security updates to remediate CVE-2022-37958–an information disclosure vulnerability in SPNEGO NEGOEX that impacted all Windows
On December 13th, 2022, Citrix disclosed a critical remote code execution vulnerability (CVE-2022-27518) affecting several versions of Citrix ADC and Citrix Gateway. Citrix strongly advises
On Friday, September 23rd, 2022, Sophos disclosed a critical code injection vulnerability impacting Sophos Firewall. This vulnerability, assigned CVE-2022-3236, affects Sophos Firewall versions v19.0 MR1
In a widespread campaign, threat actors chained two Zimbra Collaboration Suite vulnerabilities to obtain remote code execution and deploy a variety of webshells. As CVE-2022-27925,
On November 8th, 2022, Citrix disclosed a critical authentication bypass (CVE-2022-27510), a remote desktop takeover (CVE-2022-27513), and a user login brute force protection functionality bypass
On October 25, 2022, the OpenSSL project announced the existence of a critical vulnerability in the OpenSSL library affecting OpenSSL versions 3.0.0 and above, as
On October 28th, 2022, ConnectWise disclosed a critical remote code execution (RCE) vulnerability affecting ConnectWise Recover (version 2.9.7 and earlier) and R1Soft Server Backup Manager
On Tuesday, October 25th 2022, VMware disclosed a critical remote code execution vulnerability (CVE-2021-39144, CVSS 9.8) in VMware Cloud Foundation NSX-V versions 3.x and older.
© 2023 Arctic Wolf Networks Inc. All Rights Reserved. |
|||||
Privacy Notice |
Terms of Use |
Cookie Policy |
Accessibility Statement |
Information Security |
Cookies Settings |