Security News

Citrix is urging customers to install security updates for a critical authentication bypass vulnerability in Citrix ADC and Citrix Gateway."Note that only appliances that are operating as a Gateway are affected by the first issue, which is rated as a Critical severity vulnerability," explains the Citrix security bulletin.

Businesses today are more than standalone organizations. They have complicated ecosystems with intersections between the corporation and their customers, suppliers, and partners.

While API gateways play a vital role in API management and API delivery, they provide a variety of core functionality for API security. It might be tempting to adhere to API gateway alone to meet security objectives.

ChromeLoader may seem on the surface like a run-of-the-mill browser hijacker that merely redirects victims to advertisement websites. ChromeLoader is a pervasive and persistent browser hijacker that eventually manifests as a browser extension, modifying victims' Chrome settings and redirecting user traffic to advertisement websites.

Cisco has addressed a high severity vulnerability that could allow remote attackers to crash Cisco Secure Email appliances using maliciously crafted email messages. The security flaw was found in DNS-based Authentication of Named Entities, a Cisco AsyncOS Software component used by Cisco Secure Email to check emails for spam, phishing, malware, and other threats.

Cisco has addressed a high severity vulnerability that could allow remote attackers to crash Cisco Secure Email appliances using maliciously crafted email messages. The security flaw was found in DNS-based Authentication of Named Entities, a Cisco AsyncOS Software component used by Cisco Secure Email to check emails for spam, phishing, malware, and other threats.

Cambodia's Ministry of Foreign Affairs and International Cooperation has issued a clarification about the role of the "National Internet Gateway" that will commence operations tomorrow, stating that descriptions of it as an instrument of pervasive surveillance are "Unfounded." A Ministry spokesperson insists the Gateway is actually an instrument to "Strengthen national security and tax collection as well as to maintain social order and protect national culture."

Two million malicious emails bypassed traditional email defenses, like secure email gateways, between July 2020-July 2021, according to data from Tessian. In this case, the malicious emails come from a trusted vendor or supplier's legitimate email address, and likely won't be flagged by a secure email gateway as suspicious.

Mozi, a peer-to-peer botnet known to target IoT devices, has gained new capabilities that allow it to achieve persistence on network gateways manufactured by Netgear, Huawei, and ZTE, according to new findings. "Network gateways are a particularly juicy target for adversaries because they are ideal as initial access points to corporate networks," researchers at Microsoft Security Threat Intelligence Center and Section 52 at Azure Defender for IoT said in a technical write-up.

Bayshore Networks announced an expansion of its NetWall family of Security Gateways with the immediate release of NetWall 10GB USG - Unilateral Security Gateway. NetWall 10BG USG for IT and OT is a high-speed hardware and software solution that creates a secure network segment when installed, shielding and isolating critical assets and sensitive networks from cyberattacks and misuse.