Recent Security News
-
House Will Try Again on Reauthorization of US Spy Program After Republican Upheaval
April 12, 2024 at 09:48PM House Republicans are set to make a second attempt at advancing a bill for reauthorizing a national security surveillance program, now proposing a shorter two-year extension in hopes of winning over GOP critics. Speaker Mike Johnson aims to find a compromise amidst growing skepticism, with some Republicans expressing support for…
-
Zero-day exploited right now in Palo Alto Networks’ GlobalProtect gateways
April 12, 2024 at 06:52PM Palo Alto Networks has issued a critical alert for a command-injection flaw in PAN-OS software, affecting firewall and VPN products. The flaw, with a top CVSS severity score, may allow unauthorized code execution. Updates to fix the vulnerability will arrive by April 14. Exploitation by threat actors has been observed,…
-
CISA’s Malware Analysis Platform Could Foster Better Threat Intel
April 12, 2024 at 04:55PM The US Cybersecurity and Infrastructure Security Agency (CISA) has publicly released its Malware Next-Gen Analysis platform. The platform allows users to analyze suspicious files, URLs, and IP addresses for potential threats. CISA aims to enhance threat intelligence with dynamic and static analysis tools. Users can submit artifacts for analysis, with…
-
State-Sponsored Hackers Exploit Zero-Day to Backdoor Palo Alto Networks Firewalls
April 12, 2024 at 04:48PM A zero-day vulnerability (CVE-2024-3400) in Palo Alto Networks firewalls has been exploited by threat actor ‘UTA0218’ for over two weeks. The issue permits unauthorized execution of code with root privileges. Palo Alto is expected to release patches by April 14. Organizations are urged to take immediate mitigation steps and be…
-
New Tool Shields Organizations From NXDOMAIN Attacks
April 12, 2024 at 04:41PM Organizations face a growing threat from DNS attacks, especially NXDOMAIN attacks. Akamai’s Shield NS53 provides new defense capabilities, extending its Edge DNS technology to on-premises deployments. With NXDOMAIN attacks on the rise, it’s crucial for organizations to reinforce their DNS defenses. This is a pivotal part of a comprehensive DDoS…