Security News > 2020 > June

The U.S. Cybersecurity and Infrastructure Security Agency is warning that foreign hackers are likely to exploit a newly disclosed, critical vulnerability in a raft of Palo Alto Networks firewalls and enterprise VPN appliances, which allows for device takeover without authentication. Palo Alto Networks on Monday posted an advisory on the vulnerability, which affects the devices' operating systems.

Threat hunting solutions provider Hunters today announced that it closed a $15 million Series A funding round, which brings the total raised by the company to $20.4 million. The funds will allow Hunters to invest further in machine learning research and extend its threat detection capabilities.

HackerOne on Monday released a list of the companies that have paid out the most money through their bug bounty programs. According to HackerOne, Verizon has paid out more than $9.4 million since the launch of its program in February 2014, with a top bounty of $70,000 and an average first response time of 8 hours.

How can you be sure your data protection strategy can support this new way of working? That means devising a plan that protects data on-premises and in the cloud; and one that protects data being accessed from multiple hardware devices and a host of new cloud applications.

Guardicore's Botnet Encyclopedia is a new, free tool for security teams tracking suspicious activity in data centers. "We are identifying threats within the data and clarifying them to tell the whole story about an attack," she said.

The link took them to a "Surprisingly believable" phishing page with logos and icons that matched their service provider, and instructed them to enter their WordPress account username and password to start the update. "The scam then shows you some fake but believable progress messages to make you think that a genuine 'site upgrade' has kicked off, including pretending to perform some sort of digital 'file signing' at the end," Sophos's security proselytiser Paul Ducklin explained.

In March, researchers Talal Haj Bakry and Tommy Mysk revealed that Android and iOS apps - including the mind-bogglingly popular, China-owned, video-sharing/often in privacy hot water TikTok - could silently, automatically read anything you copy into your mobile device's clipboard. Mysk said that the ability for apps to read content of off nearby devices means that an app on an iPhone could possibly read sensitive data on the clipboards of other connected iOS devices, be they cryptocurrency addresses, passwords, or email messages, even if the iOS apps are running on a separate device.

Palo Alto Networks revealed on Monday that it has patched a critical authentication bypass vulnerability in its PAN-OS firewall operating system, and U.S. Cyber Command believes foreign APTs will likely attempt to exploit it soon. "When Security Assertion Markup Language authentication is enabled and the 'Validate Identity Provider Certificate' option is disabled, improper verification of signatures in PAN-OS SAML authentication enables an unauthenticated network-based attacker to access protected resources. The attacker must have network access to the vulnerable server to exploit this vulnerability," Palo Alto Networks explained in an advisory.

Palo Alto Networks has patched a critical and easily exploitable vulnerability affecting PAN-OS, the custom operating system running on its next generation firewalls and enterprise VPN appliances, and is urging users to update to a fixed version as soon as possible. Affected PAN-OS versions include versions earlier than PAN-OS 9.1.3; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15, and all versions of PAN-OS 8.0.

India on Monday banned 59 Chinese mobile apps, including the wildly popular TikTok and WeChat, over national security and privacy concerns two weeks after a deadly Himalayan border clash between the nuclear-armed neighbours. The apps "Are engaged in activities... prejudicial to sovereignty and integrity of India, defence of India, security of state and public order," the Ministry of Information Technology said in a statement.