Collaborate Disseminate
Qualys unveils Multi-Vector EDR, a new approach to endpoint detection and response Traditional EDR solutions singularly focus on endpoints’ malicious activities to hunt and investigate cyberattacks. Qualys’ multi-vector approach provides critical conte… Continue reading New infosec products of the week: July 31, 2020
Pulse Secure announced the launch of Pulse Zero Trust Access (PZTA), a cloud-based, multi-tenant secure access service that enables organizations to provide users easy, anywhere access to multi-cloud and data center applications with Zero Trust assuran… Continue reading Pulse Zero Trust Access simplifies management and mitigates cyber risks
The agencies say it’s vital to prioritize patching. Otherwise, we’re making it easy for attackers who don’t have to work at finding 0 days. Continue reading Top 10 most exploited vulnerabilities list released by FBI, DHS CISA
The DHS urged organizations to update their passwords and make sure that a critical Pulse Secure VPN flaw has been patched, as attackers continue to exploit the flaw. Continue reading DHS Urges Pulse Secure VPN Users To Update Passwords
Researchers report flaws, vendors issue patches, organisations apply them – and everyone lives happily ever after. Right? Wrong! Continue reading REvil ransomware exploiting VPN flaws made public last April
Researchers suspect the cybercriminals attacked using an unpatched critical vulnerability in the company’s seven Pulse Secure VPN servers. Continue reading Sodinokibi Ransomware Behind Travelex Fiasco: Report
International hacking groups are exploiting vulnerabilities in virtual private network technologies to steal user credentials and monitor sensitive traffic, the United Kingdom’s National Cyber Security Centre said, amid recent warnings that the Chinese government has used similar tactics to collect intelligence. The NCSC, an offshoot of Britain’s intelligence agency, the GCHQ, said on Oct. 2 hackers are leveraging outdated versions of Palo Alto Networks, Fortinet and Pulse Secure products. The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Agency published its own advisory on the vulnerabilities, which attackers could use to take over an affected system, on Oct. 4. Neither warning speculates on who may be behind the attack, though the alerts come after Microsoft in August said Manganese, a Chinese hacking collective also known as APT5, was focusing attacks on Pulse Secure and Fortinet products. Pulse Secure, Palo Alto and Fortinet have each released security updates for all of […]
The post APT groups are exploiting outdated VPNs to spy on international targets, U.K. and U.S. warn appeared first on CyberScoop.
Virtual private networks (VPNs) are under attack and hackers may be winning the battle, using exploits that are becoming all-too-common. While many may argue that VPNs are salvageable and can be returned to their once-lofty status of protecting data, … Continue reading Will VPNs Continue Losing the Battle to Keep Data Secure?
Attackers are taking advantage of recently released vulnerability details and PoC exploit code to extract private keys and user passwords from vulnerable Pulse Connect Secure SSL VPN and Fortigate SSL VPN installations. About the vulnerabilities Attack… Continue reading Attackers are targeting vulnerable Fortigate and Pulse Secure SSL VPNs
While enterprises are taking advantage of cloud computing, all enterprises have on-going data center dependencies, a Pulse Secure report reveals. One fifth of respondents anticipate lowering their data center investment, while more than 40% indicated a… Continue reading Organizations face operational deficiencies as they deal with hybrid IT complexities