Firewall Inferno – Sophos & SonicWall Vulnerabilities
CVE-2022-1040 and CVE-2022-22247 are two recent vulnerabilities that have been discovered in two different Firewall products. This blog post will cover both the Sophos Firewall
The cybersecurity industry has an effectiveness problem. Despite new technologies emerging every year, high-profile breaches continue to occur. To prevent these attacks, the industry needs to adopt a new approach by focusing on security operations. That’s where Arctic Wolf can help.
Built on an open XDR architecture, the Arctic Wolf Platform® combines with our Concierge Delivery Model to work as an extension of your team, proactively protect your environment, and strengthen your security posture.
Security Expertise, Delivered
Our Arctic Wolf® Security Teams ensure we have a complete understanding of your unique IT environment right from the start.
Learn more about our unique approach to cybersecurity and why Arctic Wolf has emerged as a leader in the industry.
Ransomware Explained
Understanding ransomware — from its origins to its impacts to the TTPs that allow ransomware gangs to exploit victim organizations and make off with millions in ransom payments and extortion fees.Arctic Wolf Labs 2024 Threat ReportThe elite security researchers, data scientists, and security developers of Arctic Wolf Labs share forward-thinking insights along with practical guidance you can apply to protect your organization.Inside Our SOCLearn how our Concierge Security® and Triage Security Teams help end cyber risk. |
We envision a future without cyber risk. Every organization should be so effective at security operations that both the likelihood and impact of a cyber attack is minimized to the point where risk is essentially zero.
CVE-2022-1040 and CVE-2022-22247 are two recent vulnerabilities that have been discovered in two different Firewall products. This blog post will cover both the Sophos Firewall
Comparing and contrasting the effectiveness of Vulnerability Assessment (VA), Vulnerability Management (VM), Risk-Based Vulnerability Management (RBVM), and Managed Risk®. Performing a vulnerability assessment (VA), implementing
The key vulnerabilities and high-impact attacks that shaped the cyber risk landscape in 2021.
What Are CVSS Scores? The Common Vulnerability Scoring System (aka CVSS score) provides a numerical (0-10) representation of the severity of an information security vulnerability.
Background In April 2021, CVE-2022-0847 was discovered by security researcher Max Kellermann; it took another few months for him to figure out what was happening.
How to use Arctic Wolf’s Spring4Shell Deep Scan to identify known vulnerable Spring Framework Java class files.
Background On Tuesday, February 8, 2022, SAP patched a critical memory corruption vulnerability (CVE-2022-22536) in the SAP Internet Communication Manager (ICM) component that could lead
A deep dive into five types of vulnerabilities that risk management programs should focus on.
See how organizations are making moves to increase their security posture and tackle future threats.
Background On Monday, January 31, 2022, Samba released an advisory for remote code execution vulnerability CVE-2021-44142. All versions of Samba prior to 4.13.17 are vulnerable
This is a follow-up to our previous blog posts covering the Log4j vulnerability and the Deep Scan tool we made available to help identify vulnerable
December 20 Update: Arctic Wolf Provides Video Walkthrough of Log4Shell Deep Scan Tool In this short six-minute video, Arctic Wolf provides an update on the
Arctic Wolf joins the Gartner Peer Insights Customer First Program in the vulnerability assessment and managed detection and response service. The members of the Arctic
As the old saying goes, “an ounce of prevention is worth a pound of cure.” So how does this relate to cybersecurity? Glad you asked!
Learn fundamentals of proactive cybersecurity and key differences between a proactive and reactive approach.
Get up to speed on the latest findings regarding the Log4j vulnerability.
Vulnerability management remains a struggle for many companies and is still only an aspiration for many others. But with digital and cloud transformation rewriting the
Background On Thursday, December 2, 2021, the Cybersecurity & Infrastructure Security Agency (CISA) and Federal Bureau of Investigations (FBI) reported a new campaign targeting ManageEngine
Background On Friday, December 3, 2021, ManageEngine released a patch advisory for CVE-2021-44515, an authentication bypass vulnerability affecting Desktop Central Enterprise and MSP versions. Desktop
Charleston Southern University and Arctic Wolf share how they developed, refined, and hardened the university’s cybersecurity.
Background On Tuesday, November 9, 2021, Microsoft released patches for two actively exploited vulnerabilities, CVE-2021-42321 in Microsoft Exchange, and CVE-2021-42292 in Microsoft Excel. CVE ID
Background Security researchers at Microsoft and Palo Alto Networks are reporting a new campaign targeting ManageEngine ADSelfService Plus servers that are vulnerable to CVE-2021-40539. Microsoft
Background Security researchers have observed a significant shift in tactics from the Magnitude Exploit Kit (EK) this week with the addition of exploits for Chromium-based
Background On Tuesday, October 5, 2021, Apache released a patch advisory for CVE-2021-41773, a path traversal, and file disclosure vulnerability affecting Apache HTTP Server version
Discover how Arctic Wolf uncovered suspicious activity and were able to quickly investigate, verify and, remediate this incident.
On Tuesday, September 21, 2021, VMware released a patch advisory for a new remote code execution (RCE) vulnerability in VMware vCenter Server tracked as CVE-2021-22005.
Background On September 14, 2021, Microsoft released a patch advisory for CVE-2021-38647, a remote code execution (RCE) vulnerability affecting Open Management Infrastructure (OMI), an open-source
On Tuesday, September 14, Apple announced its latest generation of products along with the major release of iOS 15. Unfortunately, this coincided with an earlier
On September 7, 2021, some threat-intel researchers were made aware of a new threat against Windows operating systems and Microsoft Office products. With the identifier
Background On August 25, 2021, Atlassian published an advisory for a vulnerability in its Confluence server titled “CVE-2021-26084: Atlassian Confluence OGNL Injection” CVE ID CVSS
© 2024 Arctic Wolf Networks Inc. All Rights Reserved. |
||||||
Privacy Notice |
Terms of Use |
Cookie Policy |
Accessibility Statement |
Information Security |
Sustainability Statement |
Cookies Settings |