Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Howler - Episode 1 - Brian NeSmith, Co-Founder and Executive Chairman of Arctic Wolf

Nov 15, 2023 By Arctic Wolf In Arctic Wolf
In the first Howler podcast episode, our hosts sit down with Brian NeSmith, Co-Founder and Executive Chairman of Arctic Wolf. Brian NeSmith is an internationally recognized business leader, bringing more than 30 years of cybersecurity leadership, including extensive experience driving revenue growth and scaling organizations globally. Before founding Arctic Wolf, he served as CEO of Blue Coat Systems, and prior to Blue Coat, CEO of Ipsilon Networks (acquired by Nokia), which became the leading appliance platform for Check Point firewalls.
View Video

The Howler - Episode 2 - Adam Marrè - Chief Information Security Officer

Nov 15, 2023 By Arctic Wolf In Arctic Wolf
In this episode, our hosts sit down with Adam Marrè, Chief Information Security Officer at Arctic Wolf. Prior to joining Arctic Wolf, Adam was the Global Head of Information Security Operations and Physical Security at Qualtrics. With deep roots in the cybersecurity space, Adam spent almost 12 years with the FBI, holding positions like SWAT Senior Team Leader and Special Agent. In this episode, Adam gives us a peak into the life of a CISO, what keeps him up at night, how he manages stress, and what he believes is foundational to leadership.
View Video
Arctic Wolf

CVE-2023-38547 & CVE-2023-38548: Two Critical Vulnerabilities in Veeam ONE

Nov 14, 2023 By Steven Campbell In Arctic Wolf
On November 6, 2023, Veeam published security hotfixes for two critical-severity vulnerabilities impacting Veeam ONE. At this time, Arctic Wolf has not identified active exploitation of either vulnerability, nor a published proof of concept (PoC) exploit. Although threat actors have not historically targeted Veeam ONE products, obtaining RCE on the monitoring and analytics platform will likely increase the potential for threat actors to create a working PoC exploit and attempt exploitation.
Read Post
Arctic Wolf

CVE-2023-23368 & CVE-2023-23369: Critical Command Injection Vulnerabilities in QNAP Products

Nov 14, 2023 By James Liolios In Arctic Wolf
On November 4, 2023, QNAP published security advisories for two critical command injection vulnerabilities impacting multiple versions of QNAP operating systems and applications related to the vendor’s network-attached storage (NAS) devices. Both vulnerabilities have been given critical CVSS scores (CVE-2023-23368: 9.8, CVE-2023-23369: 9.0) and both can lead to unauthenticated, remote threat actors executing commands if successfully exploited.
Read Post
Arctic Wolf

CVE-2023-47246: 0-day Remote Code Execution Vulnerability Actively Exploited in SysAid On-Premises

Nov 14, 2023 By Adrian Korn In Arctic Wolf
On November 2, 2023, SysAid was notified by Microsoft of a zero-day path traversal vulnerability allowing for remote code execution, which affects their on-premises ITSM solution. In the investigation conducted by SysAid, it was determined that the vulnerability was being actively exploited by a ransomware affiliate group known as Lace Tempest (DEV-0950), a group known for deploying the CL0P ransomware payload.
Read Post
Arctic Wolf

How to Improve Your Cloud Security with AWS

Nov 10, 2023 By Sule Tatar In Arctic Wolf
The cloud offers major benefits to organizations, helping increase business agility, better serve their customers’ needs, and cut their costs. This is why the typical modern business now uses public, infrastructure-as-a-service (IaaS) cloud platforms for its major business and organizational functions. However, the cloud also introduces new risks that can increase your costs should you fall victim to a breach.
Read Post
Arctic Wolf

CVE-2023-46604: Critical RCE Vulnerability in Apache ActiveMQ

Nov 3, 2023 By Andres Ramos In Arctic Wolf
On October 27, 2023, Apache published a security advisory addressing that a critical remote code execution (RCE) vulnerability has been fixed in the latest updates for Apache ActiveMQ products, CVE-2023-46604. This vulnerability was rated with a maximum Common Vulnerability Scoring System (CVSS) score of 10.0, as it can be exploited remotely by an unauthenticated threat actor in low complexity attacks.
Read Post
Arctic Wolf

Exploitation of CVE-2023-46604 in Apache ActiveMQ Leads to TellYouThePass Ransomware

Nov 3, 2023 By Stefan Hostetler, Markus Neis, Christopher Prest, Hady Azzam, Joe Wedderspoon, and Ross Phillips In Arctic Wolf
This article aims to share timely and relevant information about a rapidly developing campaign under investigation. We are publishing it as early as possible for the benefit of the cybersecurity community, and we may provide updates in the near future once more details become available in our research.
Read Post
Arctic Wolf

7 Types of Social Engineering Attacks

Oct 30, 2023 By Sule Tatar In Arctic Wolf
When a ransomware group launched twin cyber attacks on casino giants MGM and Caesars, they only needed the accidental participation of the organizations’ outsourced IT help desk to get started. It was social engineering — in this case impersonation over the phone, or vishing— that gave the hackers the information they needed to launch a ransomware attack that cost both casinos millions.
Read Post

Arctic Wolf Always Ahead: Gartner Peer Insights Customers' Choice in Managed Detection & Response

Oct 30, 2023 By Arctic Wolf In Arctic Wolf
Arctic Wolf was named as the Customers’ Choice for North America in the July 2023 Gartner® Peer Insights™ ‘ Voice of the Customer: Managed Detection and Response Services’ . Our Chief Product Officer Dan Schiappa explains how we continue to differentiate our approach to MDR with a full-service cloud-native platform that is praised by organizations worldwide for its efficacy, efficiency, and scale as attack vectors widen and existing endpoint solutions alone fail to protect organizations.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.