cybersecurity news

Fortinet Announces the Industry’s First Wi-Fi 7–Enabled Secure Networking Solution

/0 Comments/in , /by

New Wi-Fi 7 access point and 10 Gigabit Power over Ethernet switch unlock 2x faster speeds and increased capacity for Fortinet’s integrated portfolio of secure wired and wireless offerings

Fortinet® (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, today announced the industry’s only comprehensive secure networking solution integrated with Wi-Fi 7. Fortinet’s first Wi-Fi 7 access point, FortiAP 441K, delivers increased speed and capacity, and the new FortiSwitch T1024 is purpose-built with 10 Gigabit Ethernet (GE) access and 90W Power over Ethernet (PoE) technology to support Wi-Fi 7 bandwidth requirements. These new devices deliver the cutting-edge wireless performance today’s enterprises need and, as a part of the Fortinet Secure Networking solution, seamlessly integrate with AIOps and FortiGuard AI-Powered Security Services for unmatched security, visibility, and control.

“Fortinet is the only vendor converging networking technology and AI-powered security into a single, holistic solution to connect and protect the wired and wireless LAN,” said John Maddison, Chief Marketing Officer and EVP, Product Strategy at Fortinet. “With today’s news, we’re putting the latest wireless technology breakthrough into the hands of customers, who can now take advantage of Wi-Fi 7’s increased throughput while keeping their wireless traffic secure and their business efficient.”

Helping customers harness the power of Wi-Fi 7

Enterprises are eager to embrace the increased speed and bandwidth of Wi-Fi 7, the latest generation of wireless technology, to support data-heavy applications and wireless devices in their networks. However, new technologies like Wi-Fi 7 can expand an organization’s attack surface, and legacy security solutions may struggle to inspect and secure the increase in data-rich traffic. In today’s sophisticated, constantly evolving threat landscape, organizations cannot leave gaps in their security posture unchecked. Fortinet’s comprehensive Secure Networking solution supports Wi-Fi 7 while delivering the enterprise-grade protection, AI-powered security, and AIOps automation capabilities customers need to keep their wireless traffic secure.

New AP and switch bring Wi-Fi 7 to the enterprise

The new FortiAP 441K and FortiSwitch T1024 are the latest innovations within the Fortinet Secure Networking solution, which converges networking technologies with AI-powered security across all edges. The FortiAP 441K leverages the Wi-Fi 7 Qualcomm® Networking Pro 1220 Platform from Qualcomm Technologies, Inc., a leading wireless technology innovator at the forefront of the development of Wi-Fi 7, and delivers the following benefits:

  • Up to 2x faster connection speeds: The FortiAP 441K delivers lightning-fast wireless connections that are up to 2x faster for the same configuration.
  • Faster data transfer than ever before: Support for 4096 QAM enables faster data transfer, which is critical for bandwidth-heavy enterprise applications, such as video streaming and collaboration tools.
  • Lower latency: By using 320MHz channels, a single FortiAP 441K can leverage a wider spectrum to improve data speeds and reduce latency to ensure a positive end-user experience.
  • Better load balancing and reduced interference: Flexible channel utilization through preamble puncturing and advanced multi-link operation ensures highly resilient and reliable connections to keep businesses online and productive.

To take full advantage of all the benefits of Wi-Fi 7, organizations must ensure their underlying network infrastructure can accommodate the increased speed and capacity demands. The new FortiSwitch T1024 10 GE access switch with 90W PoE was designed specifically to support new Wi-Fi 7–enabled APs. When customers use the new AP and switch together, they can harness the faster speed, power, and performance of Wi-Fi 7 and ensure an excellent experience for all users and devices.

The industry-leading Fortinet Secure Networking solution

The Fortinet Secure Networking solution is a part of Fortinet’s cybersecurity platform—the Fortinet Security Fabric—and because of this tight integration, organizations can seamlessly converge networking devices with cutting-edge security. This enables customers to use FortiGate Next-Generation Firewalls as wireless controllers to benefit from FortiGuard AI-Powered Security Services like advanced malware protection, sandboxing, and web filtering. Customers can also leverage FortiAIOps, Fortinet’s AI for IT operations tool, to generate real-time insights into potential network issues and automate manual tasks throughout the WAN and LAN. And with the introduction of Wi-Fi 7, the solution delivers all these capabilities with industry-leading wireless speed and capacity.

Supporting Quotes

“Qualcomm Technologies is pleased to continue collaborating closely with Fortinet to pair next-gen Secure Networking solutions with our Qualcomm Networking Pro 1220 platform. The Qualcomm Networking Pro 1220 platform in the FortiAP 441K is designed to set new benchmarks for enterprise networking performance with massive capacity, wire-like stability and blazing fast speeds, pushing the boundaries of what Wi-Fi can do in the modern enterprise.”
Ganesh Swaminathan, Vice President and General Manager, Wireless Infrastructure and Networking, Qualcomm Technologies, Inc.

“We forecast that in five years, over three-fourths of Enterprise WLAN revenue will come from Wi-Fi 7 access points, driven by demand to make use of the new 6 GHz spectrum. Coincident with the introduction of Wi-Fi 7 availability, we see a trend where organizations will demand that their Wi-Fi infrastructure is very tightly integrated with its security infrastructure. Fortinet is well positioned as one of the first major enterprise vendors to introduce Wi-Fi 7 and has aggressively incorporated security functions to its networking products.”
Chris Depuy, Co-Founder and Technology Analyst, 650 Group

“We were thrilled to learn that Fortinet was ahead of the curve with a Wi-Fi 7–capable access point. I have designed and installed wireless technology from myriad vendors for more than 20 years, but it wasn’t until the FortiAP 441K that I truly understood all of the networking, security, and spectrum analysis features missing from other vendors. Fortinet takes the technology to an entirely new level and have yet again exponentially exceeded all expectations by delivering world class connectivity, security, diagnostics and analytics in their latest wireless solution.”
– Mike Chase, SVP Solutions Engineering, AireSpring

Additional Resources

  • Read more about the FortiAP 441K, FortiSwitch T1024, and the impact of Wi-Fi 7.
  • Learn more about the Fortinet Secure Networking solution.
  • Learn about Fortinet’s free cybersecurity training, which includes broad cyber awareness and product training. As part of the Fortinet Training Advancement Agenda (TAA), the Fortinet Training Institute also provides training and certification through the Network Security Expert (NSE) Certification, Academic Partner, and Education Outreach programs.
  • Follow Fortinet on Twitter, LinkedIn, Facebook, and Instagram. Subscribe to Fortinet on our blog or YouTube.

Qualcomm Networking Pro Series platforms are products of Qualcomm Technologies, Inc. and/or its subsidiaries.
Qualcomm is a trademark or registered trademark of Qualcomm Incorporated.

CISA Issues Emergency Directive to Federal Agencies on Ivanti Zero-Day Exploits

/0 Comments/in , /by

 

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday issued an emergency directive urging Federal Civilian Executive Branch (FCEB) agencies to implement mitigations against two actively exploited zero-day flaws in Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) products.

The development came after the vulnerabilities – an authentication bypass (CVE-2023-46805) and a code injection bug (CVE-2024-21887) – came under widespread exploitation of vulnerabilities by multiple threat actors. The flaws allow a malicious actor to craft malicious requests and execute arbitrary commands on the system.

The U.S. company acknowledged in an advisory that it has witnessed a “sharp increase in threat actor activity” starting on January 11, 2024, after the shortcomings were publicly disclosed.

“Successful exploitation of the vulnerabilities in these affected products allows a malicious threat actor to move laterally, perform data exfiltration, and establish persistent system access, resulting in full compromise of target information systems,” the agency said.

Ivanti, which is expected to release an update to address the flaws next week, has made available a temporary workaround through an XML file that can be imported into affected products to make necessary configuration changes.

CISA is urging organizations running ICS to apply the mitigation and run an External Integrity Checker Tool to identify signs of compromise, and if found, disconnect them from the networks and reset the device, followed by importing the XML file.

In addition, FCEB entities are urged to revoke and reissue any stored certificates, reset the admin enable password, store API keys, and reset the passwords of any local user defined on the gateway.

Cybersecurity firms Volexity and Mandiant have observed attacks weaponizing the twin flaws to deploy web shells and passive backdoors for persistent access to compromised appliances. As many as 2,100 devices worldwide are estimated to have been compromised to date.

The initial attack wave identified in December 2023 has been attributed to a Chinese nation-state group that is being tracked as UTA0178. Mandiant is keeping tabs on the activity under the moniker UNC5221, although it has not been linked to any specific group or country.

Threat intelligence firm GreyNoise said it has also observed the vulnerabilities being abused to drop persistent backdoors and XMRig cryptocurrency miners, indicating opportunistic exploitation by bad actors for financial gain.

2023 SonicWall Cyber Threat Report Casts New Light on Shifting Front Lines, Threat Actor Behavior

/0 Comments/in , /by
  •  Overall malware up 2%, with surges in IoT malware (+87%) and cryptojacking (+43%)
  • Ransomware attacks dipped 21% globally, but 2022 still second-highest year on record for global ransomware attempts (493.3 million)
  • Education (+157%), finance (+86%) and retail (+50%) verticals hit hardest by malware
  • Ukraine saw record levels of malware (25.6 million) and ransomware (7.1 million)
  • SonicWall discovered 465,501 ‘never-before-seen’ malware variants in 2022
  • Intrusion attempts against Log4j vulnerabilities eclipsed 1 trillion

MILPITAS, Calif. — February 28, 2023 — SonicWall, publisher of the world’s most quoted ransomware data and trusted cyberattack intelligence, today released the 2023 SonicWall Cyber Threat Report. The bi-annual report details an increasingly diversified cyberattack landscape amid shifting threat actor strategies. SonicWall recorded the second-highest year on record for global ransomware attempts, as well as an 87% increase in Internet of Things (IoT) malware and a record number of cryptojacking attacks (139.3 million) in 2022.

“The past year reinforced the need for cybersecurity in every industry and every facet of business, as threat actors targeted anything and everything, from education to retail to finance,” said SonicWall President and CEO Bob VanKirk. “While organizations face an increasing number of real-world obstacles with macroeconomic pressures and continued geopolitical strife, threat actors are shifting attack strategies at an alarming rate.”

Threat Actors Shift Strategies, Opt for Covert Cyberattack Methods

Global malware volume increased 2% year-over-year, but it was jumps in IoT malware (+87%) and cryptojacking (+43%) that offset the decline of overall global ransomware volume (-21%), signifying a strategic shift. Threat actors have embraced slower and more stealthy approaches to achieve financially-motivated cyberattacks.

“Cyberattacks are an ever-present danger for companies of all sizes, putting their operations and reputation on the line,” said SonicWall Threat Detection and Response Strategist Immanuel Chavoya. “It is crucial for organizations to understand attackers’ tactics, techniques and procedures (TTPs), and commit to threat-informed cybersecurity strategies to defend and recover successfully from business-disrupting events. This includes stopping sophisticated ransomware attacks as well defending emerging threat vectors, including IoT and cryptojacking.”

In addition to cyberattacks becoming more sophisticated and covert, threat actors are showing clear preferences for certain techniques, with notable shifts toward weak IoT devices, cryptojacking and potentially soft targets like schools and hospitals.

Prominent ransomware attacks impacted enterprises, governments, airlines, hospitals, hotels and even individuals causing widespread system downtime, economic loss and reputational damage. Following global trends, several industries faced large year-over-year increases of ransomware volume, including education (+275%), finance (+41%) and healthcare (+8%).

Diverse Attacks Offset Global Ransomware Decline

Cybercriminals are using increasingly advanced tools and tactics to exploit and extort victims, with state-sponsored activity growing as a concern. While ransomware continues to be a threat, SonicWall Capture Labs threat researchers expect more state-sponsored activity targeting a broader set of victims in 2023, including SMBs and enterprises.

The 2023 SonicWall Cyber Threat Report provides insight on a range of cyber threats, including:

  • Malware – Total volume was up 2% in 2022 after three straight years of decline — just as SonicWall predicted in the 2022 SonicWall Cyber Threat Report. Following that trend, Europe as a whole saw increased levels of malware (+10%) as did Ukraine, which had a record 25.6 million attempts, suggesting malware was used heavily in regions impacted by geopolitical strife. Interestingly, malware was down year-over-year in key countries like the U.S. (-9%), U.K. (-13%) and Germany (-28%).
  • Ransomware – Although overall ransomware numbers saw a 21% decline globally, the total volume in 2022 was higher than 2017, 2018, 2019 and 2020. In particular, total ransomware in Q4 (154.9 million) was the highest since Q3 2021.
  • IoT Malware – Global volume rose 87% in 2022, totaling 112 million hits by year’s end. With no corresponding slowdown in the proliferation of connected devices, bad actors are likely probing soft targets to leverage as potential attack vectors into larger organizations.
  • Apache Log4j – Intrusion attempts against the industry’s Apache Log4j ‘Log4Shell’ vulnerability eclipsed 1 trillion in 2022. The vulnerability was first discovered in December 2021 and has been actively exploited since.
  • Cryptojacking – Use of cryptojacking as a ‘low and slow’ approach continued to surge, rising 43% globally, which is the most SonicWall Capture Labs threat researchers have recorded in a single year. The retail and financial industry felt the sting of cryptojacking attacks, seeing 2810% and 352% increases, respectively, year-over-year.

“Cyberattacks of all varieties continue to hinder organizations worldwide,” said Logically Chief Operating Officer Keith Johnson. “SonicWall’s annual intelligence report gives us a deeper understanding of the current threat landscape and helps breakdown why cyberattacks continue to be successful, as well as the drivers and trends behind them. By making this report available to partners, SonicWall helps elevate us as trusted advisors and strengthens our ability to provide sound security measures to our customers.”

Patented RTDMI Discovered more than 465,000 ‘Never-Before-Seen’ Malware Variants in 2022

SonicWall’s patented Real-Time Deep Memory InspectionTM (RTDMITM) technology identified a total of 465,501 never-before-seen malware variants in 2022, a 5% year-over-year increase and an average of 1,279 per day. Dating to 2019, this is the fourth straight year RTDMI increased its total of malware discoveries.

To learn more about SonicWall and get the complete 2023 SonicWall Cyber Threat Report, please visit SonicWall.com/ThreatReport.

About SonicWall Capture Labs

SonicWall Capture Labs threat researchers gather, analyze and vet cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 215 countries and territories. SonicWall Capture Labs, which pioneered the use of artificial intelligence for threat research and protection over a decade ago, performs rigorous testing and evaluation on this data, establishes reputation scores for email senders and content, and identifies new threats in real-time.

About SonicWall

SonicWall delivers Boundless Cybersecurity for the hyper-distributed era in a work reality where everyone is remote, mobile and unsecure. SonicWall safeguards organizations mobilizing for their new business normal with seamless protection that stops the most evasive cyberattacks across boundless exposure points and increasingly remote, mobile and cloud-enabled workforces. By knowing the unknown, providing real-time visibility and enabling breakthrough economics, SonicWall closes the cybersecurity business gap for enterprises, governments and SMBs worldwide. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

 

Top 10 tips to protect your privacy and safety during the online shopping season and beyond

/0 Comments/in /by

Digital pick pockets are ready to pounce so use these Sophos security practices on Cyber Monday – and every other day too.
Written by Chester Wisniewski
November 21, 2023
Products & Services Privacy Security web security

As the online shopping season ramps up in many parts of the world, these ten top tips will help you maintain your privacy and safety so you can shop with confidence.

  1. Use an ad blocker – Advertisements are not only tracking your every movement and collecting enough information on your habits to make the FBI blush, but they are also a major source of malicious links and deceptive content on the internet. Not only is your browsing safer, but also faster and uses less bandwidth. Two of our favorites are uBlock Origin and Ghostery.
  2. Use private browsing or incognito mode – To prevent your shopping habits and interests from following you around from site to site (and potentially revealing what gifts you might be purchasing to others using your device, bonus!), you should enable private browsing (Firefox) or incognito mode (Chrome). This will block tracking cookies and help the internet forget your travels as the waves wash away your footprints in the sand.
  3. Make your browser “privacy smart” – The Electronic Frontier Foundation (EFF) provides a browser extension called Privacy Badger designed to automatically make all the right choices around browsing whilst maintaining our privacy and blocking invisible trackers.
  4. Avoid using one account on multiple services – When logging into an e-commerce site it is often tempting to use the “Sign in with Facebook” or “Sign in with Google” button. While it takes a few more minutes to create a new login, it will provide more privacy as you are not sharing all of the sites you shop at with these tech giants.
  5. Use guest login when available – In addition to letting you use an account from other websites, many have an option to use a guest login rather than creating a new account. This is a great option if you don’t expect to need technical support or to do business on a recurring basis. Fewer passwords, fewer personal details, fewer problems if they get hacked.
  6. Don’t save card details – Many e-commerce sites will default to storing your credit card information in your profile for your “convenience” (or their hope you’ll shop there again). They can’t lose what they don’t have, so tell them not to store your credit card unless it is absolutely necessary.
  7. Use temporary card numbers – Many financial institutions now offer temporary or one-time use credit card numbers. You can open the app on your phone or in your browser and get a single-use disposable credit card number preventing card fraud and tracking when merchants share card processors. Sometimes you’re even able to specify a card limit per temporary number to further protect your account.
  8. Use credit, not debit – All of us need to be wary of overspending during the holidays, but it is best to leave the debit card at home. Credit cards offer significantly more protection against online fraud, and you are in the power position in a dispute. You can simply not pay your bill while disputing the charge, rather than having criminals directly drain your bank account of your hard-earned cash.
  9. Beware of direct messages via social media/chat apps – With modern generative AI technology it is almost trivial to create an entire fake online store and lure people to share their personal information and payment data with you. It’s safest to shop at established sites or those personally recommended to you by friends and family. Many unsolicited messages lead to data collection or theft.
  10. Don’t click deals in email that look too good to be true or are from businesses you don’t have accounts from – these could be phishing emails hoping to bait you into clicking links to bogus, malicious web sites.
About the Author

Chester Wisniewski

Chester Wisniewski is Director, Global Field CTO at next-generation security leader Sophos. With more than 25 years of security experience, his interest in security and privacy first peaked while learning to hack from bulletin board text files in the 1980s, and has since been a lifelong pursuit.

Chester works with Sophos X-Ops researchers around the world to understand the latest trends, research and criminal behaviors. This perspective helps advance the industry’s understanding of evolving threats, attacker behaviors and effective security defenses. Having worked in product management and sales engineering roles earlier in his career, this knowledge enables him to help organizations design enterprise-scale defense strategies and consult on security planning with some of the largest global brands.

Based in Vancouver, Chester regularly speaks at industry events, including RSA Conference, Virus Bulletin, Security BSides (Vancouver, London, Wales, Perth, Austin, Detroit, Los Angeles, Boston, and Calgary) and others. He’s widely recognized as one of the industry’s top security researchers and is regularly consulted by press, appearing on BBC News, ABC, NBC, Bloomberg, Washington Post, CBC, NPR, and more.

When not busy fighting cybercrime, Chester spends his free time cooking, cycling, and mentoring new entrants to the security field through his volunteer work with InfoSec BC. Chester is available on Mastodon (securitycafe.ca/@chetwisniewski).

For press inquiries, email chesterw [AT] sophos [.] com.

 

SonicWall Acquires Managed Detection and Response Services Tailor-Made for MSPs/MSSPs

/0 Comments/in , /by

Acquiring Solutions Granted, Inc. expands SonicWall’s cybersecurity solutions creating a cost-effective, flexible, and technology-driven managed security offering

MILPITAS, Calif. — November 16, 2023 — SonicWall, a global cybersecurity leader, today announced the acquisition of Solutions Granted, Inc. (SGI), a top Managed Security Service Provider (MSSP), delivering world-class cybersecurity solutions to hundreds of Managed Service Providers (MSPs). The acquisition reinforces SonicWall’s commitment to its valued partners and extends its portfolio to include U.S.-based Security Operations Center services (SOCaaS), Managed Detection and Response (MDR), and other managed services that are tailor-made for MSPs and MSSPs.

“IT teams have turned to MDR and other managed services to identify and triage digital threats – it’s a critical need we are now excited to offer,” said SonicWall President and CEO Bob VanKirk. “Together, SonicWall and Solutions Granted will empower cybersecurity and technology service providers with economical threat defense solutions and extend a world-class, comprehensive portfolio that streamlines managing security across customer environments with automated threat detection and response services.”

The acquisition aligns with SonicWall’s outside-in approach, providing partners with a best-of-suite, comprehensive and flexible portfolio that accelerates their growth.

“Solutions Granted’s understanding of the critical nature of MSPs/MSSPs operations has helped us create an integrated approach for end-to-end managed threat protection that enables customers to navigate the turbulent cybersecurity landscape with confidence and resilience,” said CEO of Solutions Granted Michael Crean. “Today’s MSPs and MSSPs increasingly need a platform of managed security solutions rather than point solutions. The combination of SonicWall and Solutions Granted delivers services specifically designed for today’s partners – giving them a distinct competitive edge.”

Today’s cybersecurity partners need highly automated solutions to quickly identify and respond to new threats across the entire customer environment – including network, endpoints, servers, and cloud. This combined offering will also leverage the latest in AI to provide a differentiated, effective, and highly proficient service.

“Having been a SonicWall partner for over 20 years and also having experience with Solutions Granted’s MDR and other managed services, this is a win for SonicWall’s portfolio,” said Dan Browne, President of DTM Consulting, an MSP and longtime SonicWall and SGI partner. “In this economic climate, vendors need to be as flexible as ever to help us provide solutions to combat this ever-escalating threat landscape faced by managed service providers. The combination of SonicWall and Solutions Granted will help partners address the demands of providing cybersecurity solutions to clients around the world.”

For more information about SonicWall and its newest acquisition please attend: https://www.brighttalk.com/webcast/5052/600250.

About SonicWall
SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as the leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

About Solutions Granted, Inc.
Solutions Granted, Inc. is a Master Managed Security Services Provider (Master MSSP) that offers cybersecurity solutions to North American MSPs and MSSPs and are committed to delivering solutions without requiring long term contracts. Solutions Granted is proud to offer many security layers as well as a 24×7 U.S.-based Security Operations Center (SOC). Over the past several years, Solutions Granted has emerged as a clear leader in the channel, by winning countless awards including the CRN Security 100 list (2019, 2020, 2021, 2022, and 2023), Top 100 MSSP List (2018), Top Global MSSP List (2019, 2020, 2021, and 2022), and Blackberry Cylance MSSP Partner of the Year (2018, 2019, 2020, 2021, and 2022). Learn more at www.SolutionsGranted.com.

Zero-Day Alert: Update Chrome Now to Fix New Actively Exploited Vulnerability Jan 17, 2024

/0 Comments/in , /by

Google on Tuesday released updates to fix four security issues in its Chrome browser, including an actively exploited zero-day flaw.

The issue, tracked as CVE-2024-0519, concerns an out-of-bounds memory access in the V8 JavaScript and WebAssembly engine, which can be weaponized by threat actors to trigger a crash.

Cybersecurity

“By reading out-of-bounds memory, an attacker might be able to get secret values, such as memory addresses, which can be bypass protection mechanisms such as ASLR in order to improve the reliability and likelihood of exploiting a separate weakness to achieve code execution instead of just denial of service,” according to MITRE’s Common Weakness Enumeration (CWE).

Additional details about the nature of the attacks and the threat actors that may be exploiting it have been withheld in an attempt to prevent further exploitation. The issue was reported anonymously on January 11, 2024.

“Out-of-bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page,” reads a description of the flaw on the NIST’s National Vulnerability Database (NVD).

Cybersecurity

The development marks the first actively exploited zero-day to be patched by Google in Chrome in 2024. Last year, the tech giant resolved a total of 8 such actively exploited zero-days in the browser.

Users are recommended to upgrade to Chrome version 120.0.6099.224/225 for Windows, 120.0.6099.234 for macOS, and 120.0.6099.224 for Linux to mitigate potential threats.

Users of Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi are also advised to apply the fixes as and when they become available.

 

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

SOPHOS ALERT: Change your XG Firewall admin password (KBA135412)

/0 Comments/in , , , /by

SOPHOS ALERT: Change your XG Firewall admin password (KBA135412)

On April 24, 2020, Sophos published knowledge base article KBA135412 which included necessary remediation steps to address vulnerability CVE-2020-12271.

Sophos is enforcing a password reset for the XG administrator and all other local administrator accounts that have not reset passwords since the security hotfix was applied at 2200 UTC on April 25, 2020. Where required, administrative accounts will be prompted to change passwords upon logging into an XG Firewall. The instructions for resetting a forgotten administrator password can be found in KBA123732.

For some configurations, additional remediation actions are required as contained in KBA135412.

 

Cyberattack forces Houston County schools to postpone opening day

/0 Comments/in , /by

Several thousand school children in Alabama had their summer vacation extended by two weeks as the Houston County School District was forced for the second time to delay opening day due to a cyberattack.

Houston County Schools Superintendent David Sewell told families the first day of school will now be August 12, instead of the originally scheduled Aug. 1, according to a WTVYreport. Initially, Sewell had pushed the start back from August 1 to August 5, but this required an additional adjustment.

The district has not said exactly what type of malware is involved, other than to note that no ransom has been paid and that all the district’s 4,000 computers need to be reconfigured, a process expected to take three more weeks.

In the meantime, WTVY quoted Ashford High School Principal Bubba Odom as saying, “People are going to learn what it was like 50 years ago, 30 years ago, before cell phones and things of that nature.”

The district plans to go back to a paper-based system until it is back online.

School districts have been victimized at a high rate this year with the majority of them facing a ransomware situation. A string of such attacks caused Louisiana’s governor to declare a state of emergency last week so he could call in resources from the Louisiana National Guard, Louisiana State Police and the Office of Technology Services to assist local governments in responding to three cyberattacks that hit districts in Sabine, Morehouse, and Ouachita parishes.

SonicWall Strengthens Strategic Focus on SMB, Enterprise

/0 Comments/in /by

MILPITAS, Calif. —  SonicWall, the trusted security partner protecting more than 1 million networks worldwide, today announced plans to expand its global sales team and increase its marketing investment as the company continues to generate significant business momentum.

SonicWall announced that Robert (Bob) VanKirk, SVP of Strategic Sales, who has been focused on key verticals, the US Federal Government and strategic partners, will become Chief Revenue Officer for the company. Steve Pataky will be stepping away to take some time with his family and to pursue new opportunities.

“I am grateful to Steve for the role he played leading the SonicWall sales team through a time of unprecedented change and growth over the last three years.  Steve is a world class channel chief who was instrumental in restoring SonicWall’s 100 percent focus on the channel,” said SonicWall President and CEO Bill Conner. “Bob has done a tremendous job implementing our direct touch strategy over the last year and I am confident that he is uniquely positioned to continue to generate significant momentum around our go-to-market strategy in SMB and enterprise sectors.”

“I’m very proud of what we have accomplished during my time at SonicWall,” Pataky said. “We’ve built our SecureFirst partner program to more than 17,600 partners, generated approximately $700 million in deal registration in the last calendar year and our parnters have completed more than 140,000 hours of training and 275,000 successful exams as part of SonicWall University.”

“I’ve worked very closely with Bob over the last two years and he is the right person to lead the next wave of sales growth for SonicWall,” said Pataky. “I am confident that he will not only continue to grow our strategic accounts, but will also continue to develop our programs and relationships to ensure profitable growth for our partners..”

“I am excited to take the reins from Steve and build upon what he has achieved,” VanKirk said. “We remain 100% committed to our loyal and growing partner community and to our SMB sector, where we remain the market leader. I am also excited to continue ramping our growth as we work closely with partners to expand our strategic accounts focus in key enterprise verticals and government.”

Additionally, HoJin Kim, formerly Vice President of North America Channel Sales, will be taking a larger channel sales role as VP of Global Channel Sales. The company also announced that it has deepened its sales team by hiring Kate McIntyre as the Vice President of Inside Sales. Kate joins the company from Security Compass, where she served as regional sales director for four years.

Finally, SonicWall will continue its launch of a range of new products and service enhancements in the coming year across its Capture Cloud Platform, management capabilities, and virtual and cloud environments. To help support the new product launches and assist partners in taking them to market, SonicWall will be increasing its investment in marketing programs.

About SonicWall
SonicWall has been fighting the cyber-criminal industry for over 27 years defending small, medium-size businesses and enterprises worldwide. Backed by research from SonicWall Capture Labs, our award-winning, real-time breach detection and prevention solutions secure more than a million business and mobile networks and their emails, applications and data. This combination of products and partners has enabled an automated real-time breach detection and over 215 countries and territories. These businesses can run more effectively and fear less about security. For more information, visit www.sonicwall.com or follow us on TwitterLinkedIn, Facebook and Instagram.

Cisco Issues ‘Critical’ Firewall Security Vulnerability Alert For VPN Devices

/0 Comments/in /by

The company said there are no workarounds to fix the vulnerability, but it has issued free software updates that it says will solve the problem.

Cisco Systems says it has identified a critical software security vulnerability in several of its firewalls, switches, routers and security software that could let cyber-attackers into VPN devices.

The vulnerability is in the Secure Sockets Layer VPN functionality of Cisco Adaptive Security Appliance [ASA] software, and it could allow an unauthenticated, remote attacker to cause a reload of the affected system or to execute code remotely, the company said in a security advisory this week.

The vulnerability affects 10 Cisco products, including:

  • The 3000 Series Industrial Security Appliances.
  • The 5500 Series Adaptive Security Appliances.
  • Cisco’s 5500 X-Series Next-Generation Firewalls.
  • The ASA Service Module for Catalyst 6500 Series switches and 7600 Series routers.
  • The ASA 1000v Cloud Firewall.
  • Cisco’s ASAv virtual appliance.
  • The Firepower 2100 and 4110 security appliances.
  • The Firepower 9300 ASA Security Module.
  • Cisco’s Firepower Threat Defense software.

The company said there are no workarounds to fix the vulnerability, but it has issued free software updates that it says will solve the problem.

Cisco said in a statement that the advisory is “intended to help customers understand which Cisco products may be affected and assess the potential implications for their networks. Fixes are available for the affected products,” and the company “is not aware of any malicious use of this vulnerability.”

Bill Smeltzer, CTO at Focus Technology Solutions, a Burlington, Mass., solution provider that works with Cisco, said the vulnerability is par for the course in the modern IT era. “This is no different than what we see on a daily basis industry-wide,” Smeltzer said. “Cisco has an update to address the problem. They acted fast. We always advise our clients to do any critical security patches.”

Mike Girouard, EVP of sales at TekLinks, a Birmingham, Ala., cloud solution provider that works with Cisco said the vulnerability affects most of the firewalls the company has deployed in the field and its data centers.

“We plan to get the announcement out to all of our Pro Services team members so we can work to schedule patching with our clients,” Girouard said. “It has affected every customer firewall in the data center, and TekLinks Managed & Cloud Services is working on patching them, and migrating others. We’re all over this one.”