Tenable

APRIL 27, 2020

Sophos pushes a hotfix to address a SQL injection vulnerability in Sophos XG Firewall that was exploited in the wild. On April 22, Sophos published a knowledge base entry on the Sophos Community regarding the discovery of a zero-day vulnerability in the Sophos XG Firewall that was exploited in the wild. Background. Proof of concept.

Firewall 101

Firewall WAN Operating System Systems Review 101

Tenable

AUGUST 5, 2021

According to Cisco, the flaw exists due to improper validation of HTTP requests. While both flaws exist due to improper validation of HTTP requests and can be exploited by sending specially crafted HTTP requests, CVE-2021-1610 can only be exploited by an authenticated attacker with root privileges. Identifying affected systems.

Small Business 145

Small Business Software Review WAN Wireless 145

Ivanti

JUNE 20, 2023

The National Institute of Standards and Technology (NIST) defines zero trust as follows: “A collection of concepts and ideas designed to minimize uncertainty in enforcing accurate, least privilege per-request access decisions in information systems and services in the face of a network viewed as compromised.”

Software Review 93

Software Review Policies Weak Development Team Technical Review 93

Tenable

FEBRUARY 4, 2021

On January 22, SonicWall published a product notification regarding a “coordinated attack on its internal systems” conducted by “highly sophisticated threat actors.” Warren specifically suggested reviewing log files to identify “anomalous requests” to the vulnerable device. Identifying affected systems. Background.

Mobile 53

Mobile Authentication Technical Review WAN 53

Palo Alto Networks

SEPTEMBER 1, 2021

There are many sources of vulnerabilities within our critical infrastructure, including the typically unsegmented networks, open policies and the software vulnerabilities within the often unpatched/unpatchable legacy systems themselves (e.g. HMI, PLC, ICS, SCADA, DCS, MES).

Infrastructure 66

Infrastructure Weak Development Team WAN IoT 66

CIO

JULY 11, 2022

Retail security is further complicated by the broader threat surface due to digital POS systems, eCommerce platforms, digital supply chains with third-party partners, and digital loyalty programs. WiFi and SD-WAN for flexible and enhanced connectivity. Enabling new customer experiences through SD-WAN and SASE.

Retail 246

Retail WAN IoT Firewall 246

CIO

JULY 11, 2022

SASE is SD-WAN-as-a-service and security-as-a-service. Offering more flexibility at low cost, software-defined networking, or SD-WAN, abstracts network control from the connectivity layer and enables real-time monitoring, reporting, and analytics across network nodes. Let’s look at each: Software-defined wide area networking.

WAN 277

WAN Firewall Wireless LAN 277