'

Recently patched Juniper firewall flaws allow remote code execution

Recently patched Juniper firewall flaws allow remote code execution

Hackers have begun exploiting recently patched vulnerabilities in Juniper Networks firewalls that can be chained together to achieve remote code execution. Exploit details and a proof-of-concept were released late last week by a team of security researchers. “This is an interesting bug chain, utilizing two bugs that would be near-useless in isolation and combining them … Read more

Google Cloud announces Duet AI enhancements for Mandiant, Chronicle

Google Cloud announces Duet AI enhancements for Mandiant, Chronicle

Google Cloud today previewed new AI-enhanced capabilities for its Chronicle and Mandiant offerings: Duet AI in Mandiant Threat Intelligence, Duet AI in Chronicle Security Operations, and Duet AI in Security Command Center. The preview was was part of a larger group of generative AI-related announcements made at the Google Cloud Next event. Duet AI in … Read more

U.S. Hacks QakBot, Quietly Removes Botnet Infections

U.S. Hacks QakBot, Quietly Removes Botnet Infections

The U.S. government today announced a coordinated crackdown against QakBot, a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. The international law enforcement operation involved seizing control over the botnet’s online infrastructure, and quietly removing the Qakbot malware from tens of thousands of infected Microsoft Windows computer systems. … Read more

Android Goes All-in on Fuzzing

Android Goes All-in on Fuzzing

Posted by Jon Bottarini and Hamzeh Zawawy, Android Security Fuzzing is an effective technique for finding software vulnerabilities. Over the past few years Android has been focused on improving the effectiveness, scope, and convenience of fuzzing across the organization. This effort has directly resulted in improved test coverage, fewer security/stability bugs, and higher code quality. … Read more

Cloudflare’s tenant platform in action: Meter deploys DNS filtering at scale

Cloudflare’s tenant platform in action: Meter deploys DNS filtering at scale

In January 2023, we announced support for Managed Service Providers (MSPs) and other businesses to create ‘parent-child’ and account-level policy configurations when deploying Cloudflare for DNS filtering. Specifically, organizations leverage the integration between our Tenant API and Cloudflare Gateway, our Secure Web Gateway (SWG) to protect their remote or office end users with web filtering … Read more

Suspected Met Police data breach potentially exposes sensitive officer, staff information

Suspected Met Police data breach potentially exposes sensitive officer, staff information

The Metropolitan Police Service (MPS) is investigating a possible data breach following “unauthorised access” to the systems of one of its suppliers. The company had access to names, ranks, photos, vetting levels, and pay numbers for officers and staff, the force said in a statement. The MPS, which is responsible for law enforcement in the … Read more

How financial institutions can reduce security and other risks from MRAs

How financial institutions can reduce security and other risks from MRAs

CISOs who work in the financial industry within the United States are familiar with matters requiring attention (MRA). An MRA is a notice that is communicated verbally and in writing to a financial institution’s board and management team and is included in the organization’s examination report from regulators. Security- and privacy-related issues can often trigger … Read more