June 25, 2024 at 08:14AM The latest Omdia Vulnerability Report highlights Trend Micro™ Zero Day Initiative’s significant role in cybersecurity, spearheading 60% of 2023 disclosures. This underscores Trend’s comprehensive threat coverage, proactive risk mitigation, and trustworthiness. Leveraging Trend’s expertise can help organizations effectively manage attack surface risk and stay ahead of potential cyber threats. Based … Read more
April 17, 2024 at 09:40AM Researchers have released proof-of-concept (PoC) exploits for a critical vulnerability in Palo Alto Networks’ PAN-OS used in GlobalProtect gateways. The PoCs were issued shortly after the vendor began releasing hotfixes. Exploits can lead to remote code execution and may affect a large number of organizations. Patching is strongly recommended. Key … Read more
April 12, 2024 at 09:32AM Palo Alto Networks warns of an actively exploited critical command injection vulnerability in PAN-OS firewall, affecting specific versions. The flaw, tracked as CVE-2024-3400, poses significant risk as it allows attackers to execute code with root privileges. Mitigations and temporary fixes are advised until security updates are available to address the … Read more
April 12, 2024 at 06:15AM Palo Alto Networks warns of critical flaw (CVE-2024-3400) in GlobalProtect gateways, allowing unauthenticated attackers to execute code with root privileges. Affected PAN-OS versions are < 11.1.2-h3, < 11.0.4-h1, < 10.2.9-h1. Fixes expected on April 14, 2024. Customers advised to enable Threat ID 95187 for protection. Volexity credited with discovery. Chinese ... Read more
March 21, 2024 at 03:07PM Ready-made access IABs have become essential to the ransomware ecosystem. Learn how to prevent them from exploiting your assets and halt their ability to profit. Based on the meeting notes, the main takeaway is the recognition of the ready-made access IABs as a significant component of the ransomware ecosystem. The … Read more
February 21, 2024 at 06:45AM Rob Joyce, highly respected in cybersecurity, is leaving his role as NSA’s cybersecurity director on March 31. His focus has been on preventing threats to national security systems and infrastructure, and expanding partnerships. Deputy director David Luber will replace him, with General Haugh praising Joyce’s leadership and vision for the … Read more