Tag: closes | SpinSafe

Palo Alto Networks® Closes Talon Cyber Security Acquisition and Will Offer Complimentary Enterprise Browser to Qualified SASE AI Customers

December 31, 2023/in Internet Security

The Talon acquisition extends Palo Alto Networks’ best-in-class SASE solution to help protect all managed and unmanaged devices

SANTA CLARA, Calif., Dec. 28, 2023 /PRNewswire/ — Palo Alto Networks (NASDAQ: PANW), the global cybersecurity leader, today announced that it has completed the acquisition of Talon Cyber Security, a pioneer of enterprise browser technology.

“We are thrilled to welcome Talon to Palo Alto Networks,” said Nikesh Arora, chairman and CEO of Palo Alto Networks. “Most work today occurs via web browsers, often on unmanaged devices, which poses enormous security risks. Through the seamless integration of Talon’s Enterprise Browser with Prisma^® SASE, we will be elevating our best-in-class solution that helps provide ironclad security and data protection for all users across all applications and from any device or location. Additionally, we plan to extend Talon’s cutting-edge Enterprise Browser technology to our qualified SASE AI customers at no additional cost.”

In today’s evolving threat landscape, employees frequently use personal and unmanaged devices to access critical business applications, including using mobile devices alongside corporate laptops. While this approach increases productivity, the lack of consistent security, control and visibility across devices increases security risk. To tackle these challenges, organizations need a holistic SASE solution that securely enables users to access vital business applications regardless of their chosen device. As part of that SASE solution, Talon’s Enterprise Browser will provide additional layers of protection against phishing attacks, web-based attacks and malicious browser extensions. Talon also offers extensive controls to help ensure that sensitive data does not escape the confines of the browser, regardless of whether the enterprise manages the device.

Palo Alto Networks Prisma SASE is the secure foundation for agile, cloud-enabled organizations. Integrating Talon with Prisma Access can provide customers with substantial productivity benefits by enabling unmanaged devices, but also ensures consistent security and deeper visibility into device usage, all while preserving user privacy. This acquisition…

Source…

Microsoft’s Patch Tuesday for April 2023 closes 97 security bugs, 1 zero-day flaw

April 12, 2023/in Computer Security

Recap: Every second Tuesday of the month, Microsoft rolls out its latest collection of security fixes. The unofficial ‘Patch Tuesday’ definition has been used by Microsoft in the last 20 years to describe the company’s release of security fixes for Windows and other products.

For April 2023, the company’s update focuses on closing multiple vulnerabilities as well as a nasty zero-day flaw.

According to Microsoft’s official security bulletin, patches released in April 2023 provide updates for many Windows components including the Kernel, Win32K API, .NET Core, the Azure cloud platform, Microsoft Office applications, Visual Studio, and Windows Active Directory. All things considered, the latest Patch Tuesday fixes 97 security flaws.

Seven vulnerabilities are classified with a “critical” risk level, as they could be abused to remotely execute potentially malicious code. The Patch Tuesday flaws are classified as follows: 20 elevation of privilege vulnerabilities, eight security feature bypass vulnerabilities, 45 remote code execution vulnerabilities, 10 information disclosure vulnerabilities, nine denial of service vulnerabilities, and six spoofing vulnerabilities.

The list doesn’t include 17 security flaws in Microsoft Edge that were fixed a week ago. A complete report on all the flaws and related advisories has been published by Bleeping Computer. Besides security fixes, on Patch Tuesday day Microsoft also rolled out cumulative, non-security updates for Windows 11 (KB5025239) and Windows 10 (KB5025221, KB5025229).

The single zero-day vulnerability is tracked as CVE-2023-28252, or ‘Windows Common Log File System Driver Elevation of Privilege Vulnerability.’ An attacker who successfully exploits this vulnerability could gain system privileges, Microsoft explains, meaning that they could achieve the highest access level available on a Windows OS.

According to security researchers, cyber-criminals are already trying to exploit the CVE-2023-28252 bug to spread the Nokoyawa ransomware to organizations belonging to wholesale, energy, manufacturing, and healthcare industries. The flaw is similar to another privilege escalation bug supposedly fixed by Microsoft in…

Source…

Notorious Maze Ransomware Gang Closes Up Shop And Releases Decryption Keys

February 12, 2022/in Internet Security

Over the past three years the Maze crew ensnared scores of victims with its ransomware. Now, suddenly, Maze seems to have called it quits. They’ve released master decryption keys and destroyed the bulk of the malware’s code.

Image:

getty

Curiously enough the announcement was made on the message boards at Bleeping Computer. They’re a popular and incredibly useful resource for those who are trying to recover from a ransomware infection.

The Maze announcement certainly has the potential to be helpful to the group’s victims. Having access to the master keys allows security researchers to develop decryptors that victims can use to recover their files for free.

In addition to Maze, keys for the Sekhmet and Egregor ransomware were also released. Egregor was launched by the group in September of 2020, a month before Maze operations were shut down. Sekhmet first appeared in the Spring of 2020.

However, as Christopher Boyd of Malwarebytes Labs reported, decryption tools for all three ransomware strains had already been released. Boyd notes that the inclusion of keys is more of an interesting part of the announcement than a breakthrough for those looking to get their files back.

A Question Of Timing

Last February French and Ukranian law enforcement officials made several arrests connected to Egregor. The arrests followed a period of unexpected downtime of Egregor servers, which some in underground forums believed was a sign that its infrastructure had been compromised by the authorities.

The farewell post makes sure to point out that the decision to shut down once and for all was not made because of the arrests.

The poster claims that this was a planned move and that the group has decided to “never return to this kind of activity.”

It sounds encouraging enough to hear an alleged spokesperson to say that a crew that’s responsible for scores of attacks that targeted law firms, municipalities, construction companies and pretty much any other entity with the ability to pay high-dollar ransoms.

That said, the Maze group already claimed it was riding off into the sunset once. This could turn out to be more of an “until we meet again” than a real…

Source…

Apple Security Update Closes Spyware Flaw in iPhones, Macs and iWatches

September 13, 2021/in Computer Security

Apple on Monday issued emergency software updates for a critical vulnerability in its products after security researchers uncovered a flaw that allows highly invasive spyware from Israel’s NSO Group to infect anyone’s iPhone, Apple Watch or Mac computer without so much as a click.

Apple’s security team has been working around the clock to develop a fix since Tuesday, after researchers at Citizen Lab, a cybersecurity watchdog organization at the University of Toronto, discovered that a Saudi activist’s iPhone had been infected with spyware from NSO Group.

The spyware, called Pegasus, used a novel method to invisibly infect an Apple device without the victim’s knowledge for as long as six months. Known as a “zero click remote exploit,” it is considered the Holy Grail of surveillance because it allows governments, mercenaries and criminals to secretly break into a victim’s device without tipping them off.

Using the zero-click infection method, Pegasus can turn on a user’s camera and microphone, record their messages, texts, emails, calls — even those sent via encrypted messaging and phone apps like Signal — and send it back to NSO’s clients at governments around the world.

“This spyware can do everything an iPhone user can do on their device and more,” said John Scott-Railton, a senior researcher at Citizen Lab, who teamed up with Bill Marczak, a senior research fellow at Citizen Lab, on the finding.

In the past, victims only learned their devices were infected by spyware after receiving a suspicious link texted to their phone or email. But NSO Group’s zero-click capability gives the victim no such prompt, and enables full access to a person’s digital life. These capabilities can fetch millions of dollars on the underground market for hacking tools.

An Apple spokesman confirmed Citizen Lab’s assessment and said the company planned to add spyware barriers to its next iOS 15 software update, expected later this year.

NSO Group did not immediately respond to inquiries on Monday.

NSO Group has long drawn controversy. The company has said it sells its spyware to only governments that meet strict human rights standards. But over the past six years, its Pegasus…

Source…

Tag Archive for: closes

A Question Of Timing