On 27 August 2024, Fortra published a security advisory regarding a critical credential vulnerability in FileCatalyst Workflow, identified as CVE-2024-6633. FileCatalyst Workflow is a managed
On 22 August 2024, SonicWall published a security advisory regarding a critical improper access control vulnerability in several SonicWall Firewall models. This vulnerability, identified as
On 13 August 2024, SolarWinds released a hotfix for CVE-2024-28986, a critical Remote Code Execution (RCE) vulnerability affecting Web Help Desk (WHD). WHD is an
On 13 August 2024, Microsoft released their August 2024 security update, which addressed 90 vulnerabilities. Among these vulnerabilities, Arctic Wolf has highlighted 15 in this
On 12 August 2024, Ivanti announced a critical authentication bypass vulnerability in its Virtual Traffic Manager (vTM), identified as CVE-2024-7593. Ivanti Virtual Traffic Manager (vTM)
On 17 July 2024, SolarWinds published a security advisory detailing multiple critical vulnerabilities in its Access Rights Manager (ARM) software. These vulnerabilities were responsibly disclosed
On 24 July 2024, Progress published a knowledge base article disclosing a critical vulnerability (CVE-2024-6327) impacting Telerik Report Server, a product by Progress designed for
On 10 July 2024, ServiceNow disclosed a series of critical vulnerabilities impacting their platform, identified as CVE-2024-4879, CVE-2024-5178, and CVE-2024-5217. These vulnerabilities were responsibly disclosed
On 10 July 2024, GitLab issued an advisory regarding a critical vulnerability (CVE-2024-6385) in GitLab CE/EE that had been reported to them through a bug
On 9 July 2024, Microsoft published their July 2024 security update, consisting of 139 newly disclosed vulnerabilities. Among these vulnerabilities, Arctic Wolf has highlighted seven
On 1 July 2024, OpenSSH released fixes for CVE-2024-6387, a vulnerability in OpenSSH’s server (sshd) on glibc-based Linux systems allowing for potential Remote Code Execution
On 28 June 2024, Juniper released fixes for a critical authentication bypass vulnerability discovered during internal testing, CVE-2024-2973. Juniper has stated that this vulnerability affects
On 26 June 2024, TeamViewer published a statement disclosing they detected an irregularity in TeamViewer¡¯s internal corporate IT environment. TeamViewer is an organisation that provides
On 24 June 2024, cybersecurity company Sansec published a security advisory detailing how an associated Polyfill domain (cdn.polyfill[.]io) was being used to insert malicious code
On 17 June 2024, VMware disclosed two critical vulnerabilities (CVE-2024-37079 & CVE-2024-37080) affecting vCenter Server and Cloud Foundation. These vulnerabilities stem from a heap-overflow issue
Since April 2024, Arctic Wolf has been tracking an ongoing campaign by Black Basta ransomware group affiliates leveraging Microsoft¡¯s Quick Assist for initial access. The
On 11 June 2024, Microsoft published their June 2024 security update with patches for 49 vulnerabilities. Among these vulnerabilities, Arctic Wolf is highlighting CVE-2024-30080 as
On 31 May 2024, a Proof of Concept (PoC) exploit and technical analysis were published for a pre-authentication Remote Code Execution (RCE) exploit chain impacting
On 2 June 2024, Snowflake published a joint statement with CrowdStrike and Mandiant detailing their initial findings while investigating a campaign involving unauthorised access to
On 28 May 2024, Okta disclosed that the cross-origin authentication feature in Customer Identity Cloud (CIC) is being targeted by credential-stuffing attacks. These attacks involve
On 28 May 2024, Okta disclosed that the cross-origin authentication feature in Customer Identity Cloud (CIC) is being targeted by credential-stuffing attacks. These attacks involve
On 21 May 2024, Ivanti disclosed six critical-severity SQL Injection vulnerabilities affecting Ivanti Endpoint Manager, specifically versions 2022 SU5 and earlier. These six vulnerabilities, identified
On 14 May 2024, Microsoft published their May 2024 security update with patches for 60 vulnerabilities. Among these vulnerabilities, Arctic Wolf has highlighted three in
On May 2024 8, Ascension Healthcare notified business partners of suspicious activity detected within their systems. They have launched investigations and are actively working on
On 6 May 2024, Bishop Fox publicly disclosed a vulnerability along with a proof of concept (PoC) exploit in Citrix NetScaler ADC and Gateway, identified
On 24 April 2024, Cisco Talos and several government security agencies published details on a sophisticated threat campaign focused on espionage and gaining unauthorized access
On 16 April 2024, Cisco Duo informed affected customers of a breach involving their SMS and VOIP multi-factor authentication (MFA) service provider. The breach occurred
On 12 April 2024, Delinea issued an advisory to address a critical authentication bypass vulnerability identified in the SOAP API component of its Secret Server
On April 16, 2024, Ivanti disclosed two critical vulnerabilities within its Avalanche Mobile Device Management (MDM) solution. These vulnerabilities, identified as CVE-2024-29204 and CVE-2024-24996, are
On 14 April 2024, Palo Alto Networks (PAN) released hotfixes to address the maximum severity (CVSS: 10) vulnerability, CVE-2024-3400, affecting the GlobalProtect Feature of PAN-OS.
