Network Security | News, how-tos, features, reviews, and videos
The solution: Use IPsec and similar security protocols to protect against exploitation by threat actors.
The advisory from the cybersecurity company follows a report from security researchers who observed exploits in the wild in early December as part of a widespread campaign.
The company urged admins to immediately patch their firewalls to fend off threats of easy exploitation.
The software maker announced that a stack-based buffer overflow flaw in its SSL VPN appliance has been exploited in the wild. Ivanti Policy Secure and Ivanti Neurons for ZTA gateways are also impacted.
CISA added the flaws to its known vulnerability catalog, recommending swift patching pursuant to Binding Operational Directive (BOD) 22-01.
The serviceman is also alleged to be the third member of the hacking group responsible for breaching customers of data warehousing company Snowflake earlier in the year.
American Airlines flights were grounded for up to an hour on Dec. 24, while 71 JAL flights were delayed and four cancelled on Dec. 26.
Experts warn that hacked devices can serve as entry points for corporate espionage, DDoS attacks on enterprise systems, and the interception of sensitive information over VPNs.
SnapAttack, a privately held company headquartered in Arlington, Virg., is known for its threat detection and engineering platform.
The Black Hat series of international cybersecurity conferences brings together top IT security pros, researchers, and thought leaders to discuss the latest cyber techniques, vulnerabilities, threats, and more. Here’s the latest to know.