Seeing Inside the Vortex: Detecting Living off the Land Techniques
Networking infrastructure is an often-overlooked threat surface being targeted by sophisticated threat actors. Learn more about this topic.
Network Security
Serious F5 Breach
This is bad:
F5, a Seattle-based maker of networking software, disclosed the breach on Wednesday. F5 said a “sophisticated” threat group working for an undisclosed nation-state government had surreptitiously and persistently dwelled in its network over a “long-term.” Security researchers who have responded to similar intrusions in the past took the language to mean the hackers were inside the F5 network for years.
During that time, F5 said, the hackers took control of the network segment the company uses to create and distribute updates for BIG IP, a line of server appliances that F5 …
Critical Vulnerabilities Patched in TP-Link’s Omada Gateways
One of the flaws can be exploited by remote unauthenticated attackers for arbitrary command execution.
The post Critical Vulnerabilities Patched in TP-Link’s Omada Gateways appeared first on SecurityWeek.
All SonicWall Cloud Backup Users Had Firewall Configurations Stolen
In early September, hackers stole the firewall configuration backup files stored using the MySonicWall service.
The post All SonicWall Cloud Backup Users Had Firewall Configurations Stolen appeared first on SecurityWeek.
Virtual Event Today: Zero Trust & Identity Strategies Summit
Join the virtual event we dive into the world of digital identity management and the role of zero-trust principles and associated technologies.
The post Virtual Event Today: Zero Trust & Identity Strategies Summit appeared first on SecurityWeek.
The Y2K38 Bug Is a Vulnerability, Not Just a Date Problem, Researchers Warn
The Year 2036/2038 problem is a bug that will be triggered in more than a decade, but hackers could exploit it today against ICS and consumer devices.
The post The Y2K38 Bug Is a Vulnerability, Not Just a Date Problem, Researchers Warn appeared first o…
Cisco Patches Zero-Day Flaw Affecting Routers and Switches
The security defect allows remote attackers with administrative privileges to execute arbitrary code as the root user.
The post Cisco Patches Zero-Day Flaw Affecting Routers and Switches appeared first on SecurityWeek.
Record-Breaking DDoS Attack Peaks at 22 Tbps and 10 Bpps
The attack was aimed at a European network infrastructure company and it has been linked to the Aisuru botnet.
The post Record-Breaking DDoS Attack Peaks at 22 Tbps and 10 Bpps appeared first on SecurityWeek.
SonicWall Prompts Password Resets After Hackers Obtain Firewall Configurations
The company sent a new preferences file to less than 5% of customers, urging them to import it into firewalls and reset their passwords.
The post SonicWall Prompts Password Resets After Hackers Obtain Firewall Configurations appeared first on SecurityW…
Zero Trust Is 15 Years Old — Why Full Adoption Is Worth the Struggle
Fifteen years after its debut, Zero Trust remains the gold standard in cybersecurity theory — but its uneven implementation leaves organizations both stronger and dangerously exposed.
The post Zero Trust Is 15 Years Old — Why Full Adoption Is Worth the…