Security News > 2020 > October

Earlier this week SonicWall patched 11 vulnerabilities affecting its Network Security Appliance. The SonicWall NSAs are next-generation firewall appliances, with a sandbox, an intrusion prevention system, SSL/TLS decryption and inspection capabilities, network-based malware protection, and VPN capabilities.

Over the years, Microsoft has extended DLP to more of Office, covering Exchange, SharePoint, Teams, OneDrive for Business and Office apps like Word, PowerPoint, Excel and Outlook, as well as third-party applications that incorporate the MIP SDK. Now it's integrated into Windows 10 and the new Edge browser, without needing an additional agent. You use the new Microsoft 365 compliance center to start managing devices - although you can onboard devices using Group Policy, Microsoft Endpoint Configuration Manager, MDM or a local script.

Iran-linked state-sponsored threat actor 'Silent Librarian' has launched another phishing campaign targeting universities around the world. Silent Librarian, Malwarebytes' security researchers reveal, has sent spear-phishing emails to both staff and students at the targeted universities, and the threat actor was observed setting up new infrastructure to counter efforts to take down its domains.

A critical stack-based Buffer Overflow vulnerability has been discovered in SonicWall VPNs. When exploited, it allows unauthenticated remote attackers to execute arbitrary code on the impacted devices. Tracked as CVE-2020-5135, the vulnerability impacts multiple versions of SonicOS ran by hundreds of thousands of active VPNs. Craig Young of Tripwire Vulnerability and Exposure Research Team and Nikita Abramov of Positive Technologies have been credited with discovering and reporting the vulnerability.

New research from RiskRecon and the Cyentia Institute pinpointed risk in third-party healthcare supply chain and showed that healthcare's high exposure rate indicates that managing a comparatively small Internet footprint is a big challenge for many organizations in that sector. There is a silver lining: gaining the visibility needed to pinpoint and rectify exposures in the healthcare risk surface is feasible.

Cyborg Security launches HUNTR platform to help orgs tackle cyber threats. Cyborg Security's HUNTR platform provides advanced and contextualized threat hunting and detection packages containing behaviorally based threat hunting content, threat emulation, and detailed runbooks, supplying organizations what they need to evolve their security analysts into skilled hunters.

The growing volume and complexities of cyber threats present a compelling case for adopting threat intelligence platforms, a Frost & Sullivan analysis finds. These solutions help organizations navigate the ever-increasing threat landscape and allow for further analysis and threat intelligence operationalization.

Many banks across the U.S. and Canada are failing to meet their customers' online identity fraud and digital banking needs, according to a survey from FICO. Despite COVID-19 quickly turning online banking into an essential service, the survey found that financial institutions across North America are struggling to establish practices that combat online identity fraud and money laundering, without negatively impacting customer experience. 51 percent of North American banks are still asking customers to prove their identities by visiting branches or posting documents when opening digital accounts.

Microsoft is working on adding SMTP MTA Strict Transport Security support to Exchange Online to ensure Office 365 customers' email communication security and integrity. Once MTA-STS is available in Office 365 Exchange Online, emails sent by users via Exchange Online will only one delivered using connections with both authentication and encryption, protecting against both email interception and attacks.

A significant number of SonicWall firewalls may be affected by a critical vulnerability that can be exploited for denial-of-service attacks and possibly arbitrary code execution. The vulnerability, identified as CVE-2020-5135, impacts various versions of SonicOS, the operating system powering SonicWall firewalls.