Security News

A variety of attack tools by a variety of threat actors are involved in exploiting the Pulse Secure systems, including four variants of a novel malware family FireEye/Mandiant has named SLOWPULSE. Three of the four variants of SLOWPULSE allow attackers to bypass two-factor authentication mechanisms in the VPN system. There is no information yet as to whether or which industrial or critical infrastructure sites might have been targeted.

Red Balloon Security announced an expanded and customizable set of offerings for critical infrastructure and a range of industries - including energy, industrial control systems, building management systems, automotive, and telecommunications. Red Balloon Security is launching a portfolio of solutions combining its expertise with its advanced suite of technologies for embedded devices.

A critical zero-day security vulnerability in Pulse Secure VPN devices has been exploited by nation-state actors to launch cyberattacks against U.S. defense, finance and government targets, as well as victims in Europe, researchers said. Pulse Secure said that the zero-day will be patched in early May; but in the meantime, the company worked with Ivanti to release both mitigations and the Pulse Connect Secure Integrity Tool, to help determine if systems have been impacted.

As organizations shifted focus to support remote work and business continuity amid the challenges of 2020, web application security suffered, according to an Invicti Security report. Medium-severity vulnerabilities such as denial-of-service, host header injection, and directory listing, remained present in 63% of web apps in 2020, holding flat from 2019.

A critical vulnerability patched recently by networking and cybersecurity solutions provider Juniper Networks could allow an attacker to remotely hijack or disrupt affected devices. In a security advisory published this week, Juniper said the vulnerability can be exploited by a remote, unauthenticated attacker for arbitrary code execution or to trigger a partial denial of service condition on the targeted device.

One of these updates refers to a vulnerability that impacts SAP Business Client, a user interface that acts as an entry point to various SAP business applications. SAP also delivered an update that fixes a remote code execution bug in SAP Commerce used to organize product information for distribution across multiple communication channels.

Whether you're writing corporate policies for business workers or university policies for faculty and staff, crafting an effective IT policy can be a daunting and expensive task. For less than what it would cost to create a single policy, TechRepublic Premium subscribers get access to over 100 ready-made IT policies.

On Tuesday, as part of its April 2021 Security Patch Day, SAP announced the release of 14 new security notes and 5 updates to previously released notes. The only new Hot News note released with this round of patches addresses a critical vulnerability in SAP Commerce.

April showers bring hours of patches as Microsoft delivers its Patch Tuesday fun-fest consisting of over a hundred CVEs, including four Exchange Server vulnerabilities reported to the company by the US National Security Agency. "This month's release includes a number of critical vulnerabilities that we recommend you prioritize, including updates to protect against new vulnerabilities in on-premise Exchange Servers," Microsoft said in its blog post.

Microsoft today has released security updates for Exchange Server that address a set of four vulnerabilities with severity scores ranging from high to critical. The flaws affect on-premise Exchange Server versions 2013 through 2019 and while there is no evidence of being exploited in the wild, Microsoft assesses that threat actors are likely to leverage them as soon as they create an exploit.