On November 2, 2023, SysAid was notified by Microsoft of a zero-day path traversal vulnerability allowing for remote code execution, which affects their on-premises ITSM

On November 4, 2023, QNAP published security advisories for two critical command injection vulnerabilities impacting multiple versions of QNAP operating systems and applications related to

On October 27, 2023, Apache published a security advisory addressing that a critical remote code execution (RCE) vulnerability has been fixed in the latest updates

On October 26, 2023, F5 released security hotfixes for a critical unauthenticated RCE vulnerability (CVE-2023-46747) in BIG-IP’s Traffic Management User Interface (TMUI). If successfully exploited

On October 25, 2023 VMware published a security advisory regarding a critical out-of-bounds write vulnerability (CVE-2023-34048) that has been fixed in the latest updates by

On October 18, 2023, ServiceNow published a knowledge base article revealing that they are aware of reporting that details a potential misconfiguration issue. This issue

On October 16, 2023, Cisco published a security advisory regarding an actively exploited and unpatched privilege escalation vulnerability (CVE-2023-20198) in the Web UI feature of

On October 10, 2023, Microsoft published their October 2023 Security Update including patches for 104 vulnerabilities. Among these vulnerabilities, Arctic Wolf has highlighted two with

On October 10, 2023, Citrix issued a security bulletin describing a critical vulnerability in NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (CVE-2023-4966, CVSS: 9.4).

On October 4, 2023, Cisco published a security advisory disclosing a critical authentication bypass vulnerability (CVE-2023-20101, CVSS: 9.8) in Cisco Emergency Responder. CVE-2023-20101 allows an

On October 4, 2023, Atlassian issued a security advisory revealing potential active exploitation of a previously unknown vulnerability (CVE-2023-22515, CVSS: 10) affecting Confluence Data Center

On October 2, 2023, Exim released security fixes for an out-of-bounds write remote code execution (RCE) vulnerability (CVE-2023-42115, CVSS: 9.8). This vulnerability affects the Simple

On September 27, 2023, Progress Software released a security advisory detailing multiple vulnerabilities in their WS_FTP Server product, including two with a critical severity rating.

On September 7, 2023, Apple released emergency security updates to fix a buffer overflow vulnerability (CVE-2023-41064) impacting macOS, iOS, iPadOS, and watchOS products that was

On September 20, 2023, JetBrains published a blog detailing a critical Remote Code Execution (RCE) vulnerability that was identified in TeamCity On-Premises (CVE-2023-42793). This vulnerability

On September 21, 2023, Apple released emergency security updates to fix three vulnerabilities impacting macOS, iOS, iPadOS, and Safari.      Vulnerability    Description    Impacted

In the last few weeks, Arctic Wolf Labs has noted an increase in threat activity targeting Okta as an attack vector. The relevant Techniques, Tools,

On September 12, 2023, Microsoft published their September 2023 Security Update with patches for 59 vulnerabilities. Among these 59 vulnerabilities, Arctic Wolf has highlighted two

On August 31, 2023, Arctic Wolf sent out a bulletin alerting customers to an ongoing brute force campaign targeting Cisco Adaptive Security Appliance (ASA). Subsequently,

On September 7, 2023, Apple released emergency security updates to fix a buffer overflow vulnerability (CVE-2023-41064) and a validation issue vulnerability (CVE-2023-41061) among macOS, iOS,

Arctic Wolf has been tracking multiple intrusions where Cisco VPN account credentials were harnessed by Akira ransomware for initial access. In a recent Cisco PSIRT

On Tuesday, August 29, 2023, VMware disclosed a critical authentication bypass vulnerability (CVE-2023-34039) in VMware Aria Operations for Networks–formerly known as vRealize Network Insight–that could

Summary On May 23, 2023, Apache patched a critical-severity remote code execution (RCE) vulnerability in Apache RocketMQ. Several components of RocketMQ, including the NameServer, Broker,

On August 21, 2023, Ivanti published a knowledge base article on a critical authentication bypass vulnerability impacting Ivanti Sentry (CVE-2023-38035). For this vulnerability to be

On August 14th, 2023, cybersecurity company Tenable released a research advisory detailing two stack-based buffer overflow vulnerabilities, collectively tracked as CVE-2023-32560, impacting Ivanti Avalanche products

On August 17th, 2023, Juniper Networks released out-of-band fixes for multiple vulnerabilities that could be chained together to achieve unauthenticated remote code execution (RCE) on

On August 4, 2023, security researchers published a blog detailing a critical remote code (RCE) vulnerability in PaperCut NG/MF print management servers (CVE-2023-39143: CVSS 8.4).

On July 28th, 2023, Ivanti released a security advisory detailing a new vulnerability affecting Ivanti Endpoint Manager Mobile which allows an authenticated administrator to perform

On July 24th, 2023, Ivanti released a security advisory detailing a remote authentication bypass vulnerability (CVE-2023-35078) affecting Ivanti Endpoint Manager Mobile. This vulnerability, with a

On July 12th, 2023, SonicWall published a security advisory detailing fifteen security vulnerabilities in Global Management Suite (GMS) and Analytics. Among these vulnerabilities, Arctic Wolf