Palo Alto Networks® engaged independent data privacy risk management provider TRUSTe® to review and document the data flows and practices described in this datasheet. The purpose of this document is to provide customers of Palo Alto Networks with information needed to assess the impact of this service on their overall privacy posture by detailing how personal information may be captured, processed and stored by and within the service.
The newly discovered Linux vulnerabilities, CVE-2019-11477, CVE-2019-11478, and CVE-2019-11479, affect all Linux operating systems newer than kernel 2.6.29 (released on March 2009) or above can cause a kernel panic to systems with services listening on TCP connection. This remote attack can put a server into Denial of Service (DoS) state, but remote code execution is not of concern.
The endpoint security marketplace is crowded with vendors claiming to have supe-rior capabilities. Cutting through all the marketing and sales pitches to understand how these products perform isn’t easy. Luckily, The MITRE Corporation conducted an independent test of the detection and investigation capabilities of leading end-point detection and response (EDR) products against real-world attack sequences. We’ll break down MITRE’s methodology, the results, and what it all means for your organization as you assess your current and future endpoint security toolkit.
Unit 42 discovered one new vulnerability addressed by the Microsoft Security Response Center (MSRC) as part of their June 2019 security update release, as well as nine additional vulnerabilities that were addressed in May 2019.
Read this use case white paper based on real world designs to learn:
How to better secure your Electric Transmission Data Networks from advanced cyberthreats
How to more efficiently and comprehensively address your NERC CIP compliance obligations
From compromised credentials to misconfigured containers to the excessive use of privileged accounts, here's a look at six of the biggest cloud security threats technical experts are worried about this year.
Take a look at this fun, interactive infographic featuring the complete list of 10 key features and functionalities businesses need to prevent successful cyberattacks – today and tomorrow. It’s an informative way to quickly find out how to best protect your organization from cyberthreats.
From failing to address the spread of shadow IT to losing or having credentials stolen to treating containers like traditional appliances or VMs, here are nine of the most common AWS security mistakes seen by technical experts.
Executive Summary The Hide ‘N Seek botnet was first discovered in January 2018 and is known for its unique use of Peer-to-Peer communication between bots. Since its discovery, the malware family has seen a couple of upgrades, from the addition of persistence and new exploits, to targeting Android devices via the Android Debug Bridge (ADB).
There are no flawless software systems or applications. When flaws result in security vulnerabilities, threat actors exploit them to compromise those systems and applications and, by extension, the endpoints on which they reside. Although software vendors issue patches to remediate flaws, many financial institutions do not apply all available patches to their production environments. In addition, when systems or applications reach their end-of-support, they no longer receive vulnerability patches from their vendors. These two scenarios describe the conditions under which a system or application is considered "unpatchable." When patching or upgrading is no longer feasible, security professionals need to identify alternative ways to secure the unpatchable systems and applications to support their ongoing use in the environment.
Through network security consolidation, government agencies can achieve tighter
integration between previously disparate systems while automating and simplifying
the process for responding to and preventing malicious activity.
As Governments adopt digital technologies – employee remote access, citizen self-service, SaaS, cloud, and more – these same technologies introduce new points where the network can be infiltrated, and new valuable data that must be secured. The result was a cyber security arms race where new threats were countered with new security point products.
Today, governments are consolidating security appliances and functions to gain better visibility and use scarce cybersecurity professionals wisely.
Read this use case to discover
• The advantages of a platform approach to network security consolidation.
• Best practices for deployment.
• How a government agency eliminated 10 security appliances at every location, simplifying compliance, management and reporting while improving security.
Currently available container-based infrastructure has limitations because containers are not truly sandboxed and share the host OS kernel. The root of the problem is the weak separation between containers when the host OS creates a virtualized userland for each container. This blog covers four unique projects from IBM, Google, Amazon, and OpenStack, respectively, that use different techniques to achieve the same goal, creating stronger isolation for containers. The overview in this blog of state of the art research should help readers prepare for the upcoming transformation.
The blog highlights the results from Unit 42’s research into misconfigured containers, methods for identifying services exposed to the public, and mitigation steps to secure container services. In this blog, we identify common misconfigurations in container services. This allows our readers to deploy their container platform structures in a more secure and private fashion, avoiding the methods of data gathering that we outline in this blog.