2020 saw a hugely accelerated evolution in the cybersecurity landscape. The pandemic pushed workforces remote and caused companies to move up plans for digital transformation, cloud services, and a plethora of remote access technologies. Meanwhile, the traditional operating models are not and will not be completely replaced in most organizations, and organizations have been left…

The SolarWinds/Solorigate attacks used some concerning methodologies. One of them has been what is called the Golden SAML attack process. Security Assertion Markup Language (SAML) enables the exchange of authentication and authorization information between trusted parties. The Golden SAML technique allows attackers to generate their own SAML response to gain access or control. To do…

As the COVID-19 pandemic unfolds, healthcare organizations are scrambling to ensure the safety and support of patients and staff, while also integrating and learning new technologies to support telehealth practices. The constantly evolving healthcare environment has placed immense financial strain on hospitals and increased pressure on healthcare staff, which has been made worse by the…

Lately, dark web actors have one more worry: getting caught by law enforcement. Tracking dark web illegal activities has been a cat-and-mouse game for authorities, but in the end, they often catch their adversaries and seize the dodgy money. On the night of the 2020 presidential election, for example, US government officials managed to empty…

A software-defined wide area network is a type of computer network that allows the bounding of multiple internet access resources, such as cables, digital subscriber lines (DSL), and cellular or any other IP transport to provide high throughput data channels. WAN solutions improve application performance, reducing costs, increasing agility, and addressing various IT challenges. Enterprises…

Malvuln is the creation of security researcher John Page (aka hyp3rlinx), who told SecurityWeek that he came up with the idea when he got bored during a COVID-19 lockdown. The Malvuln website currently has 26 entries describing remotely exploitable buffer overflow vulnerabilities and privilege escalation flaws related to insecure permissions. The list of targeted malware…

A researcher at Austria-based cybersecurity consultancy SEC Consult discovered five types of vulnerabilities in Pepperl+Fuchs Comtrol industrial products, including cross-site request forgery (CSRF), reflected cross-site scripting (XSS), blind command injection, and denial-of-service (DoS) issues. The impacted products were found to leverage outdated versions of third-party components that were known to have vulnerabilities, including PHP, OpenSSL,…

The 5G ecosystem is reaching a level of technology maturity much more rapidly than earlier generations, enabling operators to develop network deployment and go to market strategies with mass-market appeal and scalable across evolving B2C, B2B and B2B2X business models. Strategy Analytics’ report reviews 5G commercial developments to date and provides recommendations to operators on…