April 2, 2022 Update: Arctic Wolf Releases Open Source Spring4Shell Deep Scan Tool to Support the Security Community Today Arctic Wolf is making “Spring4Shell Deep
CVE-2022-1040 and CVE-2022-22247 are two recent vulnerabilities that have been discovered in two different Firewall products. This blog post will cover both the Sophos Firewall
Background On Monday, March 21, 2022, Okta, an enterprise identity and access management firm, launched an inquiry after the Lapsus$ hacking group posted screenshots on
Background In April 2021, CVE-2022-0847 was discovered by security researcher Max Kellermann; it took another few months for him to figure out what was happening.
Background On Tuesday, February 8, 2022, SAP patched a critical memory corruption vulnerability (CVE-2022-22536) in the SAP Internet Communication Manager (ICM) component that could lead
Background On Monday, January 31, 2022, Samba released an advisory for remote code execution vulnerability CVE-2021-44142. All versions of Samba prior to 4.13.17 are vulnerable
On Monday, January 17, 2022, ManageEngine released security patches to address CVE-2021-44757–a critical authentication bypass vulnerability in Desktop Central and Desktop Central MSP that could
December 20 Update: Arctic Wolf Provides Video Walkthrough of Log4Shell Deep Scan Tool In this short six-minute video, Arctic Wolf provides an update on the
After successful deployment to Arctic Wolf’s customer community of more than 2,300 organizations worldwide, today we are making “Log4Shell Deep Scan” publicly available on GitHub. Log4Shell Deep Scan enables detection of both CVE-2021-45046 and CVE-2021-44228 within
Background On Thursday, December 2, 2021, the Cybersecurity & Infrastructure Security Agency (CISA) and Federal Bureau of Investigations (FBI) reported a new campaign targeting ManageEngine
Background On Friday, December 3, 2021, ManageEngine released a patch advisory for CVE-2021-44515, an authentication bypass vulnerability affecting Desktop Central Enterprise and MSP versions. Desktop
Background On Tuesday, November 9, 2021, Microsoft released patches for two actively exploited vulnerabilities, CVE-2021-42321 in Microsoft Exchange, and CVE-2021-42292 in Microsoft Excel. CVE ID
Background Security researchers at Microsoft and Palo Alto Networks are reporting a new campaign targeting ManageEngine ADSelfService Plus servers that are vulnerable to CVE-2021-40539. Microsoft
Background Security researchers have observed a significant shift in tactics from the Magnitude Exploit Kit (EK) this week with the addition of exploits for Chromium-based
Background On Tuesday, October 5, 2021, Apache released a patch advisory for CVE-2021-41773, a path traversal, and file disclosure vulnerability affecting Apache HTTP Server version
On Tuesday, September 21, 2021, VMware released a patch advisory for a new remote code execution (RCE) vulnerability in VMware vCenter Server tracked as CVE-2021-22005.
Background On September 14, 2021, Microsoft released a patch advisory for CVE-2021-38647, a remote code execution (RCE) vulnerability affecting Open Management Infrastructure (OMI), an open-source
On September 7, 2021, some threat-intel researchers were made aware of a new threat against Windows operating systems and Microsoft Office products. With the identifier
Background On August 25, 2021, Atlassian published an advisory for a vulnerability in its Confluence server titled “CVE-2021-26084: Atlassian Confluence OGNL Injection” CVE ID CVSS
Background On August 30, 2021, Trend Micro’s Zero Day Initiative (ZDI) published a technical blog on CVE-2021-33766, a new vulnerability in Exchange also known as
Background Microsoft has been dealing with a series of vulnerabilities in the Windows Print Spooler, a service that provides printer functionality on domain controllers —
Background On Tuesday, August 10, 2021, as part of the Microsoft Patch Tuesday release, security updates were made available to address the publicly documented exploit
Background On May 25, 2021, VMware published a security advisory for a new remote code execution (RCE) vulnerability in VMware vCenter Server tracked as CVE-2021-21985.
Background On April 20,2021 Ivanti, the parent company of Pulse Secure, released Pulse Connect Secure version 9.1R11.4 to address the zero-day vulnerability CVE-2021-22893, among 3
Executive Summary On Wednesday, March 10, F5 released security updates for its BIG-IP & BIG-IQ product lines that addressed several vulnerabilities, including one unauthenticated remote
Executive Summary On Tuesday, March 2, Microsoft released an out-of-band patch to address multiple remote code execution (RCE) vulnerabilities in Microsoft Exchange. Four of these
Executive Summary On Tuesday, February 9, Microsoft released patches for multiple vulnerabilities as part of its monthly “Patch Tuesday Release,” including one RCE vulnerability in
Executive Summary On Tuesday, February 23, VMware released an advisory and patch for a new remote code execution (RCE) vulnerability in VMware vCenter Server tracked
Executive Summary On Friday, January 22, SonicWall publicly disclosed a coordinated attack on its internal systems that it believes involved zero-day vulnerabilities in a number
Executive Summary On Wednesday, February 3, researchers at security firm TrustWave released a blog post detailing a new remote code execution (RCE) vulnerability in the
