Sunday, November 17, 2024
Latest:

Security

Networkworld 

Cisco launches 10-year plan to train 25 million people in IT skills

TH Author , , , ,

As Cisco celebrates the 25th anniversary of Cisco Networking Academy, the company on Tuesday announced two new certifications and a plan to provide networking, cybersecurity and general IT  training to 25 million people over the next 10 years.The training will be done through the company’s networking academy, an IT skills-to-jobs program that provides IT courses, learning simulators, and hands-on learning opportunities, supporting instructors and learners in 190 countries. To date, Cisco says more than 17.5 million global learners have taken Cisco Networking Academy courses to gain IT skills, with 95% of students attributing their post-course job or education opportunity to Cisco Networking Academy.To read this article in full, please click here READ MORE HERE…

Read more
Microsoft Secure 

Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082

TH Author , , , , ,

MSTIC observed activity related to a single activity group in August 2022 that achieved initial access and compromised Exchange servers by chaining CVE-2022-41040 and CVE-2022-41082 in a small number of targeted attacks.
The post Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082 appeared first on Microsoft Security Blog. READ MORE HERE…

Read more
Microsoft Secure 

ZINC weaponizing open-source software

TH Author , , , , , ,

In recent months, Microsoft detected weaponization of legitimate open-source software by an actor the Microsoft Threat Intelligence Center (MSTIC) tracks as ZINC, targeting employees at media, defense and aerospace, and IT service provider organizations in the US, UK, India, and Russia.
The post ZINC weaponizing open-source software appeared first on Microsoft Security Blog. READ MORE HERE…

Read more
Microsoft Secure 

Vulnerability in TikTok Android app could lead to one-click account hijacking

TH Author , , , , , ,

Microsoft discovered a high-severity vulnerability in the TikTok Android application, now identified as CVE-2022-28799 and fixed by TikTok, which could have allowed attackers to compromise users’ accounts with a single click.
The post Vulnerability in TikTok Android app could lead to one-click account hijacking appeared first on Microsoft Security Blog. READ MORE HERE…

Read more
Networkworld 

Palo Alto Networks bulks-up its SASE portfolio

TH Author , , ,

Palo Alto Networks is reinforcing the security and operational features of its Prisma secure-access service edge (SASE) package.New features include the ability to adjust security settings for multiple software-as-a-service-based apps, new security capabilities, and AIOPs support. In addition the company is expanding its family of Ion SD-WAN security devices to provide additional configuration options.

[ Get regularly scheduled insights by signing up for Network World newsletters. ]To read this article in full, please click here READ MORE HERE…

Read more
Microsoft Secure 

Uncovering a ChromeOS remote memory corruption vulnerability

TH Author , , , , ,

Microsoft discovered a memory corruption vulnerability in a ChromeOS component that could have been triggered remotely, allowing attackers to perform either a denial-of-service (DoS) or, in extreme cases, remote code execution (RCE).
The post Uncovering a ChromeOS remote memory corruption vulnerability appeared first on Microsoft Security Blog. READ MORE HERE…

Read more
Networkworld 

IBM bolsters quantum cryptography for z16 mainframe

TH Author , ,

While the need for it may be years away, IBM has added additional mainframe protection against future quantum-based security attacks.When Big Blue rolled out the newest iteration of its mainframe – the z16—in April, one of its core design pillars was a promise to protect organizations from anticipated quantum-based security threats. Specifically, the z16 supports the Crypto Express8S adapter to deliver quantum-safe APIs that will let enterprises start developing quantum-safe cryptography along with classical cryptography and to modernize existing applications and build new applications, IBM stated.To read this article in full, please click here READ MORE HERE…

Read more
Networkworld 

5 mistakes to avoid when implementing zero-trust

TH Author ,

Interest in zero-trust security has heightened significantly over the past two years among organizations looking for better ways to control access to enterprise data in cloud and on-premises environments for remote workers, contractors and third parties.Several factors are driving the trend, including increasingly sophisticated threats, accelerated cloud adoption and a broad shift to remote and hybrid work environments because of the pandemic. Many organizations have discovered that traditional security models where everything inside the perimeter is implicitly trusted, does not work in environments where perimeters don’t exist and enterprise data and the people accessing it are increasingly distributed and decentralized.To read this article in full, please click here READ MORE HERE…

Read more