Government cybersecurity agency warns of Windows Server exploit

The federal government’s Cybersecurity and Infrastructure Security Agency (CISA) has issued a rare emergency directive to federal government agencies to roll out a Windows Server patch within days, an indication of the severity of the exploit.The directive was issued on September 18, and agencies were given four days to apply the security update. It demands that executive agencies take “immediate and emergency action” to patch CVE-2020-1472, issued August 11.The vulnerability is in Microsoft Windows Netlogon Remote Protocol (MS-NRPC), a core authentication component of Active Directory from Windows Server 2008 to Server 2019. It has been named “Zerologon” because of how it works.To read this article in full, please click here READ MORE HERE…

Read more

Cisco turns out security patches 25 high-threat flaws for IOS, IOS XE

If you are a security admin with lots of systems running Cisco IOS and IOS XE software today is decidedly not your day.Cisco this week posted 25 “High” rated security advisories that stem from 34 vulnerabilities the company suggests should be fixed as soon as possible. The vulnerabilities impact a wide-range of Cisco gear as IOS and IOS XE are the company’s most widely used operating systems. The warnings affect firewalls, wireless access points and switches.Network pros react to new Cisco certification curriculum
For example, one of the highest rated threats–with an 8.6 out of 10 threat level, are multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software that could let an remote attacker to cause the device to reload or stop forwarding traffic through the firewall,resulting in a denial of service (DoS).To read this article in full, please click here READ MORE HERE…

Read more

This Week in Security News: Cybercriminals Distribute Backdoor with VPN Installer and New ‘Alien’ Malware can Steal Passwords from 226 Android Apps

  Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how threat actors are bundling Windscribe VPN installers with backdoors. Also, read about a new strain of Android malware that comes with a wide…
The post This Week in Security News: Cybercriminals Distribute Backdoor with VPN Installer and New ‘Alien’ Malware can Steal Passwords from 226 Android Apps appeared first on . Read More HERE…

Read more

Still not dead: The mainframe hangs on, sustained by Linux and hybrid cloud

The mainframe has been declared “dead”, “morphed” and “transformed” so many times over the years sometimes it’s sometimes hard to believe the Big Iron still has an identity in the enterprise world.But clearly it does and in a major way, too. [ Lessons on diversity in IT: 10 professional organizations focused on diversity in tech • Being Black in IT: 3 tech leaders share their stories • Gender gapped: The state of gender diversity in IT • Māori participation in IT: diversity insights for CIOs everywhere • IT snapshot: Ethnic diversity in the tech industry ]
Take recent news as an example: According to IBM, 75% of the top 20 global banks are running the newest z15 mainframe, and the IBM Systems Group reported a 68% gain in Q2 IBM Z revenue year-over-year.To read this article in full, please click here READ MORE HERE…

Read more

This Week in Security News: AWS Outposts Ready Launches With 32 Validated Partners and Staples Hit by a Data Breach

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how solutions from 32 Amazon Web Services partners – including Trend Micro – are now available for AWS customers to use with their deployments of…
The post This Week in Security News: AWS Outposts Ready Launches With 32 Validated Partners and Staples Hit by a Data Breach appeared first on . Read More HERE…

Read more

Ransom from Home – How to close the cyber front door to remote working ransomware attacks

Coronavirus has caused a major shift to our working patterns. In many cases these will long outlast the pandemic. But working from home has its own risks. One is that you may invite ransomware attacks from a new breed of cyber-criminal who has previously confined his efforts to directly targeting the corporate network. Why? Because…
The post Ransom from Home – How to close the cyber front door to remote working ransomware attacks appeared first on . Read More HERE…

Read more

This Week in Security News: Microsoft Fixes 129 Vulnerabilities for September’s Patch Tuesday and Trend Micro’s XDR Offerings Simplify and Optimize Detection and Response

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about this month’s Patch Tuesday update from Microsoft. Also, learn about Trend Micro’s Worry-Free XDR: a new version of its XDR platform designed to extend the…
The post This Week in Security News: Microsoft Fixes 129 Vulnerabilities for September’s Patch Tuesday and Trend Micro’s XDR Offerings Simplify and Optimize Detection and Response appeared first on . Read More HERE…

Read more

What is SASE? A cloud service that marries SD-WAN with security

Secure access service edge (SASE) is a network architecture that rolls software-defined wide area networking (SD-WAN) and security into a cloud service that promises simplified WAN deployment, improved efficiency and security, and to provide appropriate bandwidth per application.Because it’s a cloud service, SASE (pronounced “sassy”) can be readily scaled up and scaled down and billed based on usage. As a result, it can be an attractive option in a time of rapid change.[Get regularly scheduled insights by signing up for Network World newsletters.]
While some vendors in this space offer hardware devices to connect at-home employees and corporate data centers to their SASE networks, most vendors handle the connections through software clients or virtual appliances.To read this article in full, please click here READ MORE HERE…

Read more

This Week in Security News: First Half of 2020 Led to Nearly 800 Disclosed Vulnerabilities and Cisco Jabber Bug Could Let Hackers Target Windows Systems Remotely

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about Trend Micro’s midyear roundup report which found that published vulnerabilities in the first half of 2020 grew to 786, compared to 583 during the same…
The post This Week in Security News: First Half of 2020 Led to Nearly 800 Disclosed Vulnerabilities and Cisco Jabber Bug Could Let Hackers Target Windows Systems Remotely appeared first on . Read More HERE…

Read more

1H 2020 Cyber Security Defined by Covid-19 Pandemic

When we published our 2020 Predictions report in December, we didn’t realize there was a global pandemic brewing that would give cybercriminals an almost daily news cycle to take advantage of in their attacks against people and organizations around the world. Malicious actors have always taken advantage of big news to use as lures for…
The post 1H 2020 Cyber Security Defined by Covid-19 Pandemic appeared first on . Read More HERE…

Read more