By Mike Lennon on September 30, 2014
Enterprise network security firm Palo Alto Networks today announced the availability of a new security solution designed to prevent sophisticated cyber attacks targeting endpoints.
Called “Traps”, the new endpoint security solution is built on technology gained from Palo Alto’s $200 Million acquisition of Tel-Aviv, Israel-based Cyvera in March 2014.
http://www.securityweek.com/sites/default/files/paloalto_networks.jpg
Traps (PDF) was designed to proactively block all attacks targeting endpoints, including unknown malware and zero-day exploits. Cyvera previously claimed that its approach has been so powerful that they had successfully stopped every published zero-day attack since they first began deploying their product.
Reactive security models result in a never-ending chase after the thousands of new malware that emerge each day, or expanding number of software vulnerabilities that can be used to exploit an endpoint, Palo Alto Networks explained.
SecurityWeek/ full article here/ http://www.securityweek.com/palo-alto-networks-leverages-cyvera-acquisition-new-endpoint-protection-solution
Userlevel 7
The following article is a update
Misconfigured user identities for Palo Alto Networks firewalls are leaking onto the public web potentially exposing customer services including VPN and webmail, says security luminary HD Moore.
The mess is a result of a user control module being allowed to operate in untrusted zones, rather than a vulnerability in Palo's kit.
Moore said attackers could obtain user and domain names, plus encrypted NetNTLM password hashes.
"In summary, every time we triggered a PAN (Palo Alto Network) filter on a misconfigured appliance, our scanning node would receive an inbound authentication attempt by User-ID," Moore said in a post.
Full Article
(Palo Alto Networks boxes spray firewall creds across the net)
By Darren Pauli, 21 Oct 2014Misconfigured user identities for Palo Alto Networks firewalls are leaking onto the public web potentially exposing customer services including VPN and webmail, says security luminary HD Moore.
The mess is a result of a user control module being allowed to operate in untrusted zones, rather than a vulnerability in Palo's kit.
Moore said attackers could obtain user and domain names, plus encrypted NetNTLM password hashes.
"In summary, every time we triggered a PAN (Palo Alto Network) filter on a misconfigured appliance, our scanning node would receive an inbound authentication attempt by User-ID," Moore said in a post.
Full Article
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.