Collaborate Disseminate
Attackers are exploiting a command injection vulnerability (CVE-2024-3400) affecting Palo Alto Networks’ firewalls, the company has warned, and urged customers to implement temporary mitigations and get in touch to check whether their devices have been… Continue reading Palo Alto Networks firewalls under attack, hotfixes incoming! (CVE-2024-3400)
Palo Alto Networks announced a new milestone in how security operations centers (SOC) secure the cloud. The new innovations as part of Cortex XSIAM for Cloud bolster the Palo Alto Networks Cortex XSIAM platform to natively deliver Cloud Detection and R… Continue reading Palo Alto Networks enhances Cortex XSIAM to help SecOps teams identify cloud threats
Palo Alto Networks patches several high-severity vulnerabilities, including ones that allow DoS attacks against its firewalls.
The post Palo Alto Networks Patches Vulnerabilities Allowing Firewall Disruption appeared first on SecurityWeek.
Continue reading Palo Alto Networks Patches Vulnerabilities Allowing Firewall Disruption
Financially motivated hackers have been leveraging SmokeLoader malware in a series of phishing campaigns predominantly targeting Ukrainian government and administration organizations. The phishing campaign The Ukrainian SSSCIP State Cyber Protection Ce… Continue reading Attackers are targeting financial departments with SmokeLoader malware
The two ScreenConnect vulnerabilities ConnectWise has recently urged customers to patch have finally been assigned CVE numbers: CVE-2024-1709 for the authentication bypass, CVE-2024-1708 for the path traversal flaw. ConnectWise has also released a newe… Continue reading Attackers exploiting ConnectWise ScreenConnect flaws, fixes available for all users (CVE-2024-1709, CVE-2024-1708)
At Help Net Security, we’ve been following the cybersecurity business landscape closely for the past 25 years. Through our Industry News section, we’ve been tracking the pulse of the cybersecurity world, bringing you product news from compa… Continue reading 10 cybersecurity startups to watch in 2024
QNAP Systems has patched two unauthenticated OS command injection vulnerabilities (CVE-2023-47218, CVE-2023-50358) in various versions of the operating systems embedded in the firmware of their popular network-attached storage (NAS) devices. About the … Continue reading QNAP fixes OS command injection flaws affecting its NAS devices (CVE-2023-47218, CVE-2023-50358)
SecurityWeek interviews Del Rodillas, Senior Director of Product Management at Palo Alto Networks, about the integration of IT and OT in the ICS threat landscape.
The post Podcast: Palo Alto Networks Talks IT/OT Convergence appeared first on SecurityWe… Continue reading Podcast: Palo Alto Networks Talks IT/OT Convergence
Palo Alto Networks completed the acquisition of Talon Cyber Security, an Israeli startup selling a secure browser technology to enterprise customers.
The post Palo Alto Networks Completes Acquisition of Talon appeared first on SecurityWeek.
Continue reading Palo Alto Networks Completes Acquisition of Talon
SafeBreach researchers have discovered eight new process injection techniques that can be used to covertly execute malicious code on Windows systems. Dubbed “Pool Party” because they (ab)use Windows thread pools, these process injection tec… Continue reading “Pool Party” process injection techniques evade EDRs