In addition to the critical WAN software bug, Cisco also patched two high-severity flaws and a whopping 21 medium-severity vulnerabilities.

For CTI League members, the daily grind means preventing cyberattacks on hospitals and checking cyberthreat feeds for potential public health and safety dangers.

Election security took center stage at Black Hat, but not in the usual, who can hack a voting machine way.

“The amount of ransomware campaigns right now is just unbelievable,” said AT&T Cybersecurity’s Jaime Blasco. “And two trends are enabling this.”

The Linux Foundation says any OpenSSF specifications and projects developed will be vendor agnostic.

“Now that we’re all much more aware of the implication of the pandemic, we have to realize that a cyber pandemic can expand much faster than a biological one,”

One of the products, Aqua Enterprise, is essentially the company’s flagship cloud-native security product with several updates including VM support.

CEO Mike Hogan said its container application security testing service provides a more complete package than current offerings.

The Cloud Threat Landscape Report 2020 found that basic security oversight issues, including governance, vulnerabilities, and misconfigurations, remain the top risk factors.

The security vulnerabilities could have allowed attackers to gain remote access and execute commands without proper authentication. Four were cited as “critical.”

“The evolution of web applications has not gone unnoticed by attackers, and web defenders haven’t thought as much about it,” said Akamai CTO Patrick Sullivan.

The Cisco Adaptive Security Appliance alone has more than 1 million deployments globally.

With the Series A round, in addition to $6.5 million in seed funding, Orca plans to double its team and total business by the end of 2020.

While Cisco says it is not aware of any malicious use of the vulnerability, with 20,000 customers around the world using Cisco SD-WAN, the high-severity bug remains notable.

The latest release includes what Canonical calls “kernel self-protection measures,” which target control flow integrity and includes stack-crash protection.

Dynamic Threat Analysis protects containerized applications from image-based malware by automatically running images in a secure sandboxed environment.

The vulnerability could allow a hacker to “extract highly sensitive information which could be used to compromise vCenter Server or other services,” the security advisory said.

This is also a great time to start a bug bounty program, says Guy Podjarny, founder and president of Snyk.

Intel warned of financial hit; Attackers exploited remote-code execution vulnerabilities in Microsoft bug; and Akamai got SASE.

Microsoft said it’s “aware of limited targeted attacks” using the remote-code execution vulnerabilities in Windows Adobe Type Manager Library.

All of these bugs require some form of authentication, which makes them more difficult to exploit. But they are noteworthy because of the sheer number of companies that use

“Vulnerability management, configuration management, patch management — those things should still be top of mind for CISOs,” Splunk’s Monzy Merza said. “[Security] hygiene can be sexy.”

Between 2016 and 2019, Necurs was the most prominent spam and malware-delivery method and was responsible for 90% of the malware spread by email worldwide.

AT&T works with Palo Alto Networks and Broadcom on a Disaggregated Scalable Firewall; serious Intel vulnerability discovered; and Juniper jumped aboard the SONiC train.