CVE-2024-3400 exploited: Unit 42, Volexity share more details about the attacks
Help Net Security
by Zeljka Zorz
1d ago
Earlier today, Palo Alto Networks revealed that a critical command injection vulnerability (CVE-2024-3400) in the company’s firewalls has been exploited in limited attacks and has urged customers with vulnerable devices to quickly implement mitigations and workarounds. Palo Alto Networks’ Unit 42 and Volexity have now released threat briefs with more information about the attacks, threat hunting queries, YARA rules, and indicators of compromise. PAN’s insights “We are tracking the initial exploitation of this vulnerability under … More → The post CVE-2024-3400 exploited: Unit 42, Volexity shar ..read more
Visit website
Check Point boosts security in Harmony Email & Collaboration
Help Net Security
by Industry News
2d ago
Check Point announced new email security features that enhance its Check Point Harmony Email & Collaboration portfolio: Patented unified quarantine, DMARC monitoring, archiving, and Smart Banners. Since 2023, Check Point has released over 75 new features for Harmony Email & Collaboration, further strengthening collaborative email security with preventative measures to combat the growing threat of cyber attacks. The addition of these new features allows for leading protection against advanced threats on a single screen. Despite … More → The post Check Point boosts security in Harmony Em ..read more
Visit website
Zscaler extends zero trust SASE and eliminates the need for firewall-based segmentation
Help Net Security
by Industry News
2d ago
Zscaler has signed an agreement to acquire Airgap Networks. Combining Zscaler’s zero trust SD-WAN and Airgap Networks’ agentless segmentation technology will transform how enterprises implement zero trust segmentation to IoT/OT devices, and critical infrastructure across branches, campuses, factories, and data centers, including east-west connectivity. Traditional NAC and network-based firewalls that use static access control lists (ACLs) to control east-west traffic were not designed to prevent sophisticated threats from moving laterally within a local area network … More → The post Zscaler e ..read more
Visit website
Cado Security teams up with Wiz to accelerate forensic investigations and minimize cloud threats
Help Net Security
by Industry News
2d ago
Cado Security has uveiled its partnership with Wiz and joins Wiz Integration (WIN) Platform. Cado Security enhances WIN by bringing the power of the Cado Security platform to the partner ecosystem so that Wiz customers can seamlessly integrate Cado into their existing cloud security workflows. Mutual customers receive the following benefits: Accelerate response time to cloud threats: Customers are enabled to rapidly kick off forensics investigations of AWS EC2 instances and automate forensics investigations of … More → The post Cado Security teams up with Wiz to accelerate forensic investigati ..read more
Visit website
Palo Alto Networks firewalls under attack, hotfixes incoming! (CVE-2024-3400)
Help Net Security
by Zeljka Zorz
2d ago
Attackers are exploiting a command injection vulnerability (CVE-2024-3400) affecting Palo Alto Networks’ firewalls, the company has warned, and urged customers to implement temporary mitigations and get in touch to check whether their devices have been compromised. “Palo Alto Networks is aware of a limited number of attacks that leverage the exploitation of this vulnerability,” Palo Alto Networks says, and thanked Volexity researchers for flagging the issue. Exploitation of the vulnerability can be automated. About CVE-2024-3400 … More → The post Palo Alto Networks firewalls under attack, hotf ..read more
Visit website
Palo Alto Networks enhances Cortex XSIAM to help SecOps teams identify cloud threats
Help Net Security
by Industry News
2d ago
Palo Alto Networks announced a new milestone in how security operations centers (SOC) secure the cloud. The new innovations as part of Cortex XSIAM for Cloud bolster the Palo Alto Networks Cortex XSIAM platform to natively deliver Cloud Detection and Response capabilities in one unified solution, making Cortex XSIAM an SOC platform optimized for the cloud. Many organizations now run a large portion of their business in the cloud, yet traditional SOC security tools weren’t … More → The post Palo Alto Networks enhances Cortex XSIAM to help SecOps teams identify cloud threats appeared first on He ..read more
Visit website
Strategies to cultivate collaboration between NetOps and SecOps
Help Net Security
by Mirko Zorz
2d ago
In this Help Net Security interview, Debby Briggs, CISO at Netscout, discusses breaking down silos between NetOps and SecOps. Practical steps include scheduling strategy meetings, understanding communication preferences, and fostering team collaboration. With evolving cloud models, collaboration and clear role assignments become crucial. Automation and AI enhance incident response, while budget allocation impacts team efficacy. Choosing the right tools involves considering problem-solving capabilities, interoperability, and cost-effectiveness. Traditionally, NetOps and SecOps have operated in ..read more
Visit website
The next wave of mobile threats
Help Net Security
by Help Net Security
2d ago
According to McAfee, apps, whether for communication, productivity, or gaming, are among the biggest threats to mobile security. Technavio expects the global mobile security software market to grow by $2.75 billion between 2020 and 2025, expanding at a CAGR of 9.68%. In this Help Net Security video, Michael Covington, VP of Portfolio Strategy at Jamf, discusses planning a mobile security strategy. The post The next wave of mobile threats appeared first on Help Net Security ..read more
Visit website
Why women struggle in the cybersecurity industry
Help Net Security
by Help Net Security
2d ago
The workplace experiences of women in cybersecurity are dramatically worse than men across virtually every category, according to a WiCyS and Aleria survey. Previous studies have illustrated that the representation of women in cybersecurity is much lower than it should be, but can’t explain why or how we can improve matters. Women confront exclusion at higher rates Women encounter exclusion at twice the rate of men, signaling a pressing need for industry-wide cultural and procedural … More → The post Why women struggle in the cybersecurity industry appeared first on Help Net Security ..read more
Visit website
New infosec products of the week: April 12, 2024
Help Net Security
by Help Net Security
2d ago
Here’s a look at the most interesting products from the past week, featuring releases from Akamai, Bitdefender, Siemens, Veriato, and Index Engines. SINEC Security Guard identifies vulnerable production assets The SINEC Security Guard offers automated vulnerability mapping and security management optimized for industrial operators in OT environments. The software can automatically assign known cybersecurity vulnerabilities to the production assets of industrial companies. This allows industrial operators and automation experts who don’t have dedicated cybersecurity expertise … More → The post ..read more
Visit website

Follow Help Net Security on FeedSpot

Continue with Google
Continue with Apple
OR