Network Security Major Security Flaws in Zyxel Firewalls, Access Points, NAS Devices Zyxel patches at least 15 security flaws that expose users to authentication bypass, command injection and denial-of-service attacks. Ryan NaraineNovember 30, 2023
Cloud Security Critical Authentication Bypass Flaw in VMware Cloud Director Appliance VMware flaw carries a CVSS severity-score of 9.8/10 and can be exploited to bypass login restrictions when authenticating on certain ports. Ryan NaraineNovember 14, 2023
Endpoint Security Critical Vulnerabilities Expose Veeam ONE Software to Code Execution Veeam Software has rolled out patches to cover code execution vulnerabilities in its Veeam ONE IT monitoring product. Ionut ArghireNovember 7, 2023
Network Security DPI: Still Effective for the Modern SOC? There has been an ongoing debate in the security industry over the last decade or so about whether or not deep packet inspection (DPI)... Matt WilsonNovember 1, 2023
Identity & Access Extending ZTNA to Protect Against Insider Threats One of the main reasons why ZTNA fails is that most ZTNA implementations tend to focus entirely on securing remote access. Etay MaorOctober 31, 2023
Identity & Access SolarWinds Patches High-Severity Flaws in Access Rights Manager SolarWinds patches high-severity flaws in its Access Rights Manager product, including three unauthenticated remote code execution issues. Ionut ArghireOctober 23, 2023
Network Security Organizations Respond to HTTP/2 Zero-Day Exploited for DDoS Attacks Organizations respond to HTTP/2 Rapid Reset zero-day vulnerability exploited to launch the largest DDoS attacks seen to date. Eduard KovacsOctober 11, 2023
Network Security ‘HTTP/2 Rapid Reset’ Zero-Day Exploited to Launch Largest DDoS Attacks in History A zero-day vulnerability named HTTP/2 Rapid Reset has been exploited to launch some of the largest DDoS attacks in history. Eduard KovacsOctober 10, 2023
Network Security Organizations Warned of Top 10 Cybersecurity Misconfigurations Seen by CISA, NSA CISA and the NSA are urging network defenders and software developers to address the top ten cybersecurity misconfigurations. Ionut ArghireOctober 6, 2023
Funding/M&A Synqly Joins Race to Fix Security, Infrastructure Product Integrations Silicon Valley startup lands $4 million in seed funding from SYN Ventures, Okta Ventures and Secure Octane. Ryan NaraineOctober 3, 2023
Cloud Security Network, Meet Cloud; Cloud, Meet Network The widely believed notion that the network and the cloud are two different and distinct entities is not true. Matt WilsonOctober 3, 2023
Network Security Silverfort Open Sources Lateral Movement Detection Tool Silverfort has released the source code for its lateral movement detection tool LATMA, to help identify and analyze intrusions. Ionut ArghireOctober 2, 2023