Firewall maker Sophos disclosed Thursday a half-decade worth of efforts by multiple nation-state Chinese hacking groups to infiltrate its appliances, calling the admission a wake-up call for the cybersecurity industry. Targeting firewall appliances is a known nation-state tactic.
Researchers at Mandiant say a new threat cluster, first observed June 27, has been exploiting a Fortinet zero-day that the network edge device manufacturer publicly disclosed Wednesday. Researchers said they can't assess the threat actor's motivation or location.
Fortinet disclosed an actively exploited vulnerability in its centralized management platform following more than a week of online chatter that edge device manufacturer products have been under renewed attack. Cybersecurity researcher Kevin Beaumont christened the vulnerability "FortiJump."
Unencrypted cookies tied to a suite of secure gateway technology from F5 are gateways for hackers to reach internal devices on corporate networks, warns the Cybersecurity and Infrastructure Security Agency. BIG-IP uses persistent cookies as a traffic load-balancing convenience.
Internet appliance maker Ivanti warned customers Tuesday that attackers are actively exploiting new vulnerabilities in Cloud Services Appliance instances by chaining three security flaws with a zero-day patched in September. The company advised customers to update to version 5.0.
Illumio and Akamai remained atop Forrester's microsegmentation rankings, while ColorTokens and Cisco climbed into the leader space.The microsegmentation market has expanded beyond traditional on-premises networks to address modern public cloud workloads.
Ivanti confirmed that hackers are exploiting an SQL injection vulnerability in its Ivanti Endpoint Manager enabling remote code execution, despite the company addressing the issue with a patch in May. The flaw allows unauthenticated attackers within the same network to execute arbitrary code.
A Chinese state-sponsored botnet called Raptor Train has infected more than 260,000 IoT and office network devices to target critical infrastructure globally. The hackers used zero-days and known vulnerabilities to compromise more than 20 different types of devices to expand their botnet.
ColorTokens purchased PureID, expanding its zero trust framework with identity-based segmentation for cloud and hybrid environments. The acquisition focuses on securing cloud applications, microservices and APIs through advanced identity-based authentication.
Operators behind a mysterious botnet named for a TCP routing port number are expanding the universe of targeted devices and taking steps to hide their infrastructure, warn Sekoia researchers. The 7777 - or Quad7 - botnet appears to have emerged in 2023.
Unifying fragmented network security technology under a single platform allows for consistent policy application across on-premises, cloud and hybrid environments, said Palo Alto Networks' Anand Oswal. Having a consistent policy framework simplifies management and improves security outcomes.
An Arizona-based technical school is notifying nearly 209,000 current and former students, parents and faculty that their personal, health and financial information was potentially compromised in a LockBit attack earlier this year. The ransomware hack is one of many hits in the education sector.
Akamai’s $450 million acquisition of No Name Security marks a pivotal point in API security. Oz Golan, Noname's CEO and Akamai's vice president of API security, discusses the integration plans, technological synergies, and future growth opportunities that come with Akamai’s extensive customer base.
Illumio's Andrew Rubin explains how AI enhances zero trust security by improving labeling accuracy, which is essential for effective segmentation. Rubin discusses AI's potential to streamline security processes and covers key partnerships with firms such as Microsoft, Netskope and Wiz.
Check Point Software tapped the longtime leader of an Israeli cybersecurity incubator to be just the second CEO in the firewall behemoth's 32-year history. The company selected Team8 co-founder and Managing Partner Nadav Zafrir to replace Gil Shwed, who has led Check Point since inception in 1993.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing devicesecurity.io, you agree to our use of cookies.