Tag: FIREWALL | SpinSafe

Week in review: 11 search engines for cybersecurity research, PoC for RCE in Juniper firewall released

September 3, 2023/in Internet Security

Week in review

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Adapting authentication to a cloud-centric landscape
In this Help Net Security interview, Florian Forster, CEO at Zitadel, discusses the challenges CISOs face in managing authentication across increasingly distributed and remote workforces, the negative consequences of ineffective authorization, and how the shift toward cloud transformation affects authentication strategies.

What makes a good ASM solution stand out
In this Help Net Security interview, Patrice Auffret, CTO at Onyphe, explains how the traditional perimeter-based security view is becoming obsolete.

What does optimal software security analysis look like?
In this Help Net Security interview, Kevin Valk, co-CEO at Codean, discusses the consequences of relying solely on automated tools for software security.

PoC for no-auth RCE on Juniper firewalls released
Researchers have released additional details about the recently patched four vulnerabilities affecting Juniper Networks’ SRX firewalls and EX switches that could allow remote code execution (RCE), as well as a proof-of-concept (PoC) exploit.

Easy-to-exploit Skype vulnerability reveals users’ IP address
A vulnerability in Skype mobile apps can be exploited by attackers to discover a user’s IP address – a piece of information that may endanger individuals whose physical security depends on their general location remaining secret.

Qakbot botnet disrupted, malware removed from 700,000+ victim computers
The Qakbot botnet has been crippled by the US Department of Justice (DOJ): 52 of its servers have been seized and the popular malware loader has been removed from over 700,000 victim computers around the world.

The removal of Qakbot from infected computers is just the first step
The Qakbot botnet has been disrupted by an international law enforcement operation that culminated last weekend, when infected computers started getting untethered from it by specially crafted FBI software.

Cisco VPNs with no MFA enabled hit by ransomware groups
Since March 2023 (and possibly even earlier), affiliates of the Akira and LockBit ransomware operators have been breaching…

Source…

Illumio protects against ransomware with Microsoft Azure Firewall

August 10, 2023/in Internet Security

Illumio has announced the general availability of Illumio for Microsoft Azure Firewall. This integrated solution is designed to make it easier to use Azure Firewall as a Zero Trust enforcement point to visualise and secure all traffic between Azure resources connecting through the Azure Firewall.

Illumio for Azure Firewall works to build resilience to ransomware and other cyber attacks while also maximising the impact and value of Azure Firewall as a security investment.

As organisations look to reduce their risk from breaches and build cyber resilience, the Azure Firewall plays a strategic role in securing and protecting enterprise cloud environments by serving as the entry and exit point for data as it traverses the hybrid cloud ecosystem.

Illumio for Azure Firewall allows users to protect different parts of their cloud environment by enabling one-to-one mapping between a resource and its metadata in Azure and its associated workload and labels in Illumio.

According to the company, benefits of Illumio for Azure Firewall include:

Simple policy creation: Organisations no longer need to worry about writing firewall rules tied to an IP address or a host name that will change in a dynamic cloud environment. Illumio for Azure Firewall offers easy authoring of context-based, modern security rules that automatically adapt with Azure deployments and are simple to understand and manage.

Improve application uptime: Organisations can operate and innovate at scale without fear of breaking critical applications once they apply policy. Security teams can test and validate the outcome and impact of their security policies before fully enforcing them using a simulation mode, which protects applications and workloads. Once security teams are confident in the policy, they can deploy it to Azure Firewalls directly from the Illumio for Azure Firewall console.

Zero Trust at scale: Zero Trust Segmentation controls minimise the impact of cyber attacks, reducing organisations risk and increasing their resilience. Illumio for Azure Firewall gives organisations simplified context-based visibility of any communication across Azure Firewall and Azure network security…

Source…