Last week, we reported about the first network-based remote Rowhammer attack, dubbed Throwhammer, which involves the exploitation a known vulnerability in DRAM through network cards using remote direct memory access (RDMA) channels. However, a separate team of security researchers has now demonstrated a second network-based remote Rowhammer technique that can be used to attack systems using uncached memory or flush instruction while processing ...
Read More »Blog
Barracuda Launches Web Application Firewall as a Service
Barracuda is making its Web Application Firewall platform available in a cloud-delivered model that benefits from a new management interface and improved configuration. Barracuda Networks announced its cloud-delivered Web Application Firewall (WAF) service on May 16, providing organizations with a new approach to managing and deploying application security. The Barracuda WAF-as-a-Service offering builds on the company’s existing WAF products, which ...
Read More »Another severe flaw in Signal desktop app lets hackers steal your chats in plaintext
For the second time in less than a week, users of the popular end-to-end encrypted Signal messaging app have to update their desktop applications once again to patch another severe code injection vulnerability. Discovered yesterday by the same team of security researchers, the newly discovered vulnerability poses the same threat as the previous one, allowing remote attackers to inject malicious code on ...
Read More »Around 57% Indian IT managers can’t identify network traffic and 61% are clueless about bandwidth consumption: Sophos report
Nearly 57 percent Indian IT managers can’t identify network traffic while 61 percent don’t know how their bandwidth is consumed, a new report said on Wednesday, adding that the majority of Indian IT managers have legal liabilities when it comes to unidentified traffic at their workplaces. According to British IT security company Sophos’ global survey titled The Dirty Secrets of Network ...
Read More »State of Cybersecurity 2018: Enterprises Can Do Better
There is certainly more awareness about the importance of cybersecurity now than ever before, but are things in cybersecurity better or worse than they were 12 months ago? In the past year, we have seen mega-malware such as Wannacry and NotPetya temporarily wipe out some enterprises and services. We have seen new records set by DDoS attacks, with the largest ...
Read More »Metamako enters security market, launching low-latency firewall solution
Metamako, the acknowledged leader in the low-latency, FPGA-enabled network solutions space, has now entered the security space with the announcement of its MetaProtect™ Firewall solution. The powerful 48-port (x10GbE) network appliance is designed to deliver new levels of ultra-fast firewall protection through packet filtering and logging. It is ideal for situations where a firewall solution is mandatory but ultra-low latency ...
Read More »Microsoft Patches Two Zero-Day Flaws Under Active Attack
It’s time to gear up for the latest May 2018 Patch Tuesday. Microsoft has today released security patches for a total of 67 vulnerabilities, including two zero-days that have actively been exploited in the wild by cybercriminals, and two publicly disclosed bugs. In brief, Microsoft is addressing 21 vulnerabilities that are rated as critical, 42 rated important, and 4 rated ...
Read More »Why Security Tools Need Inline Bypass
Optimize Resiliency, Performance, Security and Cost Inline security tools — Web Application Firewalls (WAFs), Intrusion Prevention Systems (IPS) and Advanced Threat Protection (ATP) — are vital for securing your network, but can create their own problems, such as: • They represent network points of failure. • When an inline tool loses power, has a software failure or is taken off ...
Read More »A New Cryptocurrency Mining Virus is Spreading Through Facebook
If you receive a link for a video, even if it looks exciting, sent by someone (or your friend) on Facebook messenger—just don’t click on it without taking a second thought. Cybersecurity researchers from Trend Micro are warning users of a malicious Chrome extension which is spreading through Facebook Messenger and targeting users of cryptocurrency trading platforms to steal their ...
Read More »Redefining firewalls for the cloud generation
Cloud computing has become the new normal in IT, especially with public cloud functionality growing tremendously in 2017, and is still advancing. “2017 took us well into the cloud generation, and as we look at 2018, it will become more critical than ever for organizations to understand public cloud environments in order to keep workloads and applications secure,” said Tim Jefferson, ...
Read More »