Network Security

Remotely Exploitable ‘PixieFail’ Flaws Found in Tianocore EDK II PXE Implementation

Microsoft, Network Security, Pixiefail, Quarkslab, Supply Chain Security, Tianocore, UEFI, Vulnerabilities /

Remotely Exploitable ‘PixieFail’ Flaws Found in Tianocore EDK II PXE Implementation 2024-01-16 at 16:16 By Ryan Naraine Quarkslab finds serious, remotely exploitable vulnerabilities in EDK II, the de-facto open source reference implementation of the UEFI spec. The post Remotely Exploitable ‘PixieFail’ Flaws Found in Tianocore EDK II PXE Implementation appeared first on SecurityWeek. This article […]

React to this headline:

Loading spinner

Remotely Exploitable ‘PixieFail’ Flaws Found in Tianocore EDK II PXE Implementation Read More »

ExtraHop Banks $100M in Growth Funding, Adds New Execs

ExtraHop, Funding/M&A, Network Security /

ExtraHop Banks $100M in Growth Funding, Adds New Execs 2024-01-10 at 22:46 By SecurityWeek News Seattle network detection and response firm secures $100 million in growth funding and adds to its executive team. The post ExtraHop Banks $100M in Growth Funding, Adds New Execs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

ExtraHop Banks $100M in Growth Funding, Adds New Execs Read More »

Hewlett Packard Enterprise to Acquire Juniper Networks for $14 Billion

Artificial Intelligence, Featured, Funding/M&A, Network Security /

Hewlett Packard Enterprise to Acquire Juniper Networks for $14 Billion 2024-01-10 at 05:18 By SecurityWeek News This acquisition is expected to double HPE’s networking business and expand its portfolio with AI-native networking offerings. The post Hewlett Packard Enterprise to Acquire Juniper Networks for $14 Billion appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Hewlett Packard Enterprise to Acquire Juniper Networks for $14 Billion Read More »

Microsoft Ships Urgent Fixes for Critical Flaws in Windows Kerberos, Hyper-V

Hyper-V, Kerberos, Microsoft, Network Security, Patch Tuesday, Vulnerabilities /

Microsoft Ships Urgent Fixes for Critical Flaws in Windows Kerberos, Hyper-V 2024-01-09 at 21:02 By Ryan Naraine Patch Tuesday: Redmond patches critical, remote code execution vulnerabilities haunting Windows Kerberos and Windows Hyper-V. The post Microsoft Ships Urgent Fixes for Critical Flaws in Windows Kerberos, Hyper-V appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Microsoft Ships Urgent Fixes for Critical Flaws in Windows Kerberos, Hyper-V Read More »

How to Get Started with Security Automation: Consider the Top Use Cases within Your Industry

automation, Network Security, security operations /

How to Get Started with Security Automation: Consider the Top Use Cases within Your Industry 2024-01-08 at 15:46 By Marc Solomon Organizations in different industries may approach security automation from a different entry point, but the requirements for an automation platform are consistent across use cases. The post How to Get Started with Security Automation:

React to this headline:

Loading spinner

How to Get Started with Security Automation: Consider the Top Use Cases within Your Industry Read More »

Are Security Appliances fit for Purpose in a Decentralized Workplace?

cloud security, Network Security, SASE /

Are Security Appliances fit for Purpose in a Decentralized Workplace? 2024-01-02 at 21:01 By Etay Maor Security appliances are amongst the most riskiest enterprise devices and are a often method for threat actors to infiltrate a business. The post Are Security Appliances fit for Purpose in a Decentralized Workplace? appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Are Security Appliances fit for Purpose in a Decentralized Workplace? Read More »

Every “Thing” Everywhere All at Once

botnet, IoT, IoT Security, Network Security /

Every “Thing” Everywhere All at Once 19/12/2023 at 15:48 By Danelle Au Every asset in an organization’s inventory that is not accounted for and protected is a potential attack vector that an attacker can use to gain access or move undetected. The post Every “Thing” Everywhere All at Once appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Every “Thing” Everywhere All at Once Read More »

CISA Flags Gaps in Healthcare Org’s Security Posture, Issues Security Guidance

CISA, healthcare, Network Security, penetration testing, Vulnerabilities /

CISA Flags Gaps in Healthcare Org’s Security Posture, Issues Security Guidance 18/12/2023 at 18:16 By Ionut Arghire The US cybersecurity agency CISA issues cybersecurity recommendations for the healthcare and public health sector. The post CISA Flags Gaps in Healthcare Org’s Security Posture, Issues Security Guidance appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

CISA Flags Gaps in Healthcare Org’s Security Posture, Issues Security Guidance Read More »

Chinese APT Volt Typhoon Linked to Unkillable SOHO Router Botnet 

Black Lotus Labs, Featured, Fortinet, Nation-State, Netgear, Network Security, Volt Typhoon /

Chinese APT Volt Typhoon Linked to Unkillable SOHO Router Botnet  13/12/2023 at 20:31 By Ryan Naraine Malware hunters have set eyes on an impossible to kill botnet packed with end-of-life SOHO routers and connects it to a Chinese APT targeting US critical infrastructure. The post Chinese APT Volt Typhoon Linked to Unkillable SOHO Router Botnet 

React to this headline:

Loading spinner

Chinese APT Volt Typhoon Linked to Unkillable SOHO Router Botnet  Read More »

Zero Networks Raises $20 Million to Secure Access to Enterprise Assets

Cybersecurity Funding, funding, Network Security /

Zero Networks Raises $20 Million to Secure Access to Enterprise Assets 13/12/2023 at 16:31 By Ionut Arghire Cybersecurity startup Zero Networks has raised $20 million in a Series B funding round led by US Venture Partners. The post Zero Networks Raises $20 Million to Secure Access to Enterprise Assets appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Zero Networks Raises $20 Million to Secure Access to Enterprise Assets Read More »

Outside the Comfort Zone: Why a Change in Mindset is Crucial for Better Network Security

Network Security /

Outside the Comfort Zone: Why a Change in Mindset is Crucial for Better Network Security 11/12/2023 at 15:49 By Matt Wilson Stepping outside the confines of our comfort zone and embracing a mindset that prioritizes adaptability, shared responsibility, risk-awareness, and preparednessis indispensable in fortifying defenses in the modern distributed network. The post Outside the Comfort

React to this headline:

Loading spinner

Outside the Comfort Zone: Why a Change in Mindset is Crucial for Better Network Security Read More »

Major Security Flaws in Zyxel Firewalls, Access Points, NAS Devices

CISA KEV, firewall, NAS, Network Security, Ransomware, Vulnerabilities, Zyxel /

Major Security Flaws in Zyxel Firewalls, Access Points, NAS Devices 30/11/2023 at 20:18 By Ryan Naraine Zyxel patches at least 15 security flaws that expose users to authentication bypass, command injection and denial-of-service attacks. The post Major Security Flaws in Zyxel Firewalls, Access Points, NAS Devices appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Major Security Flaws in Zyxel Firewalls, Access Points, NAS Devices Read More »

Critical Authentication Bypass Flaw in VMware Cloud Director Appliance

cloud security, CVE-2023-34060, CVSS 9.8, Network Security, Patch Tuesday, VMWare, Vulnerabilities /

Critical Authentication Bypass Flaw in VMware Cloud Director Appliance 15/11/2023 at 00:32 By Ryan Naraine VMware flaw carries a CVSS severity-score of 9.8/10 and can be exploited to bypass login restrictions when authenticating on certain ports. The post Critical Authentication Bypass Flaw in VMware Cloud Director Appliance appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Critical Authentication Bypass Flaw in VMware Cloud Director Appliance Read More »

Critical Vulnerabilities Expose Veeam ONE Software to Code Execution

CVE-2023-38547, CVE-2023-38548, Endpoint Security, Network Security, Veeam, Veeam ONE, Vulnerabilities /

Critical Vulnerabilities Expose Veeam ONE Software to Code Execution 07/11/2023 at 19:46 By Ionut Arghire Veeam Software has rolled out patches to cover code execution vulnerabilities in its Veeam ONE IT monitoring product. The post Critical Vulnerabilities Expose Veeam ONE Software to Code Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Critical Vulnerabilities Expose Veeam ONE Software to Code Execution Read More »

Extending ZTNA to Protect Against Insider Threats

Identity & Access, Network Security, Security Architecture, zero trust, ZTNA /

Extending ZTNA to Protect Against Insider Threats 31/10/2023 at 15:31 By Etay Maor One of the main reasons why ZTNA fails is that most ZTNA implementations tend to focus entirely on securing remote access. The post Extending ZTNA to Protect Against Insider Threats appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Extending ZTNA to Protect Against Insider Threats Read More »

SolarWinds Patches High-Severity Flaws in Access Rights Manager

CVE-2023-35182, CVE-2023-35185, CVE-2023-35187, Identity & Access, Network Security, SolarWinds, Vulnerabilities /

SolarWinds Patches High-Severity Flaws in Access Rights Manager 23/10/2023 at 21:49 By Ionut Arghire SolarWinds patches high-severity flaws in its Access Rights Manager product, including three unauthenticated remote code execution issues. The post SolarWinds Patches High-Severity Flaws in Access Rights Manager appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

SolarWinds Patches High-Severity Flaws in Access Rights Manager Read More »

Organizations Respond to HTTP/2 Zero-Day Exploited for DDoS Attacks

DDoS, HTTP, Network Security, Rapid Reset, Vulnerabilities /

Organizations Respond to HTTP/2 Zero-Day Exploited for DDoS Attacks 11/10/2023 at 15:33 By Eduard Kovacs Organizations respond to HTTP/2 Rapid Reset zero-day vulnerability exploited to launch the largest DDoS attacks seen to date.  The post Organizations Respond to HTTP/2 Zero-Day Exploited for DDoS Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Organizations Respond to HTTP/2 Zero-Day Exploited for DDoS Attacks Read More »

‘HTTP/2 Rapid Reset’ Zero-Day Exploited to Launch Largest DDoS Attacks in History

DDoS, Featured, Network Security, Rapid Reset, Zero-Day /

‘HTTP/2 Rapid Reset’ Zero-Day Exploited to Launch Largest DDoS Attacks in History 10/10/2023 at 17:02 By Eduard Kovacs A zero-day vulnerability named HTTP/2 Rapid Reset has been exploited to launch some of the largest DDoS attacks in history. The post ‘HTTP/2 Rapid Reset’ Zero-Day Exploited to Launch Largest DDoS Attacks in History appeared first on

React to this headline:

Loading spinner

‘HTTP/2 Rapid Reset’ Zero-Day Exploited to Launch Largest DDoS Attacks in History Read More »

Organizations Warned of Top 10 Cybersecurity Misconfigurations Seen by CISA, NSA

Network Security, Security Infrastructure /

Organizations Warned of Top 10 Cybersecurity Misconfigurations Seen by CISA, NSA 06/10/2023 at 15:03 By Ionut Arghire CISA and the NSA are urging network defenders and software developers to address the top ten cybersecurity misconfigurations. The post Organizations Warned of Top 10 Cybersecurity Misconfigurations Seen by CISA, NSA appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Organizations Warned of Top 10 Cybersecurity Misconfigurations Seen by CISA, NSA Read More »

Scroll to Top