On November 10, 2021, Palo Alto Networks released advisories for eight different vulnerabilities affecting the company’s VPN firewall products. The vulnerabilities’ criticality ranges from ‘medium’ to ‘critical,’ with the most severe vulnerability, CVE-2021-3064 (CVSSv3.1 of 9.8), allowing for unauthenticated remote code execution, or RCE.
Project Memoria is the largest study on the security of TCP/IP stacks. The idea for this project emerged in May 2020 while collaborating with JSOF on Ripple20. Our researchers understood that the problem with TCP/IP stacks was much deeper and more widespread than initial research had suggested. We hypothesized that similar issues to those identified in Ripple20 could be present in other stacks as well.
Forescout Research Labs, with support from Medigate Labs, have discovered a set of 13 new vulnerabilities affecting the Nucleus TCP/IP stack, which we are collectively calling NUCLEUS:13. The new vulnerabilities allow for remote code execution, denial of service, and information leak. Nucleus is used in safety-critical devices, such as anesthesia machines, patient monitors and others in healthcare.
Forescout is proud to be recognised by Forrester in its inaugural Industrial Control Systems (ICS) Security Solutions Wave, 2021. The ability to cover the most ICS protocols allows us to provide the best visibility compared to any other vendor, making the Forescout platform the solution of choice for any organization struggling with ICS asset visibility.
Today, information has surpassed oil as the foremost economic driver in the world. Attempts to steal valuable data have risen dramatically in recent years and will only continue to increase. In response, network segmentation has become a valuable tool to protect data and limit the blast radius of any incidents that do occur.
Rizal Commercial Banking Corporation (RCBC) begun as a small development bank in the Philippines and has grown to encompass a wide range of financial services and branches in the U.S., Europe, Australia and New Zealand. Like any financial institution, it must comply with a host of regulations and is a prime target for malicious actors.
