Forescout

Using Zero Trust to Prevent Agency Ransomware Attacks

Dec 13, 2021 By Tim Jones In Forescout

COVID-19 made moving agency employees and services off-premises essential. This move, however, has also sparked one of the biggest waves of cybercrime the internet has ever seen. Ransomware attacks have been particularly effective against government agencies and critical infrastructure.

Read Post

Forescout

Read more about Using Zero Trust to Prevent Agency Ransomware Attacks

Forescout's Response to Apache Log4j Vulnerabilities

Dec 12, 2021 By Forescout Research Labs In Forescout

Updated 12/20/21 On December 9, 2021, Apache published a zero-day vulnerability (CVE-2021-44228) for Apache Log4j being referred to as “Log4Shell”. This “critical” vulnerability (CVSS score: 10) allows a remote attacker to take control of an affected system. When exploited, this vulnerability allows an attacker to run arbitrary code on the device, giving full control over to the attacker.

Read Post

Forescout

Read more about Forescout's Response to Apache Log4j Vulnerabilities

2022 Cybersecurity Predictions - From Ransomware and Supply Chain Risks to Operational Technology and IoT

Dec 7, 2021 By Forescout Research Labs In Forescout

As we look ahead to 2022, we should pause to reflect on the trends of the past year. Ransomware and supply chain attacks have become two of the top concerns for organizations following a series of high-profile attacks, such as those conducted against Colonial Pipeline, SolarWinds and Kaseya. In 2021, our Project Memoria revealed close to 100 different vulnerabilities in common TCP/IP stacks, affecting hundreds of operational technology (OT) vendors.

Read Post

Forescout

Read more about 2022 Cybersecurity Predictions - From Ransomware and Supply Chain Risks to Operational Technology and IoT

Losing Control of Your Front Door

Dec 7, 2021 By Koren Molcho In Forescout

On November 10, 2021, Palo Alto Networks released advisories for eight different vulnerabilities affecting the company’s VPN firewall products. The vulnerabilities’ criticality ranges from ‘medium’ to ‘critical,’ with the most severe vulnerability, CVE-2021-3064 (CVSSv3.1 of 9.8), allowing for unauthenticated remote code execution, or RCE.

Read Post

Forescout

Read more about Losing Control of Your Front Door

See Every Device. Defend Your Entire Network with Forescout.

Dec 3, 2021 By Forescout In Forescout

With so many agentless devices being deployed every day, it’s never been harder to protect your network from threats. Forescout delivers actionable information so you can see the devices on your network and take action to prevent them from compromising your enterprise.

View Video

Forescout

Read more about See Every Device. Defend Your Entire Network with Forescout.

The Zero Trust model of information security has quickly become a hot topic among corporate security executives and a top priority within security teams.

Dec 1, 2021 By Forescout

That's because perimeter-focused security architectures that default to high trust levels on the internal network are ill-suited for an edgeless enterprise that increasingly supports mobile and remote workers as well as vast numbers of IoT devices. This Forescout white paper explains why visibility is essential for effective Zero Trust architecture and how continuous visibility can help you identify, segment and enforce compliance using Zero Trust principles. It also addresses foundational capabilities Forrester Research requires to designate solutions as a Zero Trust platform.

Get White Paper

Forescout

Read more about The Zero Trust model of information security has quickly become a hot topic among corporate security executives and a top priority within security teams.

Reducing Risks from IoT Devices in an Increasingly Connected World

Dec 1, 2021 By Forescout

With a staggering majority of devices - expected to reach more than 75 billion by 2025 - connected to vast networks and the internet, reducing cyber risk becomes a critical focal point for the age of IoT.

Get EBook

Forescout

Read more about Reducing Risks from IoT Devices in an Increasingly Connected World

Forescout Research Labs concludes Project Memoria - Lessons Learned after 18 months of vulnerability research

Nov 11, 2021 By Forescout Research Labs In Forescout

Project Memoria is the largest study on the security of TCP/IP stacks. The idea for this project emerged in May 2020 while collaborating with JSOF on Ripple20. Our researchers understood that the problem with TCP/IP stacks was much deeper and more widespread than initial research had suggested. We hypothesized that similar issues to those identified in Ripple20 could be present in other stacks as well.

Read Post

Forescout

Read more about Forescout Research Labs concludes Project Memoria - Lessons Learned after 18 months of vulnerability research

New Critical Vulnerabilities Found on Nucleus TCP/IP Stack

Nov 9, 2021 By Forescout Research Labs In Forescout

Forescout Research Labs, with support from Medigate Labs, have discovered a set of 13 new vulnerabilities affecting the Nucleus TCP/IP stack, which we are collectively calling NUCLEUS:13. The new vulnerabilities allow for remote code execution, denial of service, and information leak. Nucleus is used in safety-critical devices, such as anesthesia machines, patient monitors and others in healthcare.

Read Post

Forescout

Read more about New Critical Vulnerabilities Found on Nucleus TCP/IP Stack

NUCLEUS:13 - Dissecting the Nucleus TCP/IP stack

Nov 8, 2021 By Forescout In Forescout

In the fifth study of Project Memoria – NUCLEUS:13 – Forescout Research Labs and Medigate identified a set of 13 new vulnerabilities affecting the Nucleus TCP/IP stack. Nucleus is currently owned by Siemens. Its original release was in 1993 and, since then, it has been deployed in many industry verticals with safety and security requirements such as medical devices, automotive, and industrial systems. Upon identification of the new vulnerabilities, Forescout Research Labs and Medigate collaborated with Siemens, CISA, CERT/CC and other agencies to confirm the findings and notify vendors.

View Video

Forescout

Read more about NUCLEUS:13 - Dissecting the Nucleus TCP/IP stack

Subscribe to Forescout

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Forescout

Using Zero Trust to Prevent Agency Ransomware Attacks

Forescout's Response to Apache Log4j Vulnerabilities

2022 Cybersecurity Predictions - From Ransomware and Supply Chain Risks to Operational Technology and IoT

Losing Control of Your Front Door

See Every Device. Defend Your Entire Network with Forescout.

The Zero Trust model of information security has quickly become a hot topic among corporate security executives and a top priority within security teams.

Reducing Risks from IoT Devices in an Increasingly Connected World

Forescout Research Labs concludes Project Memoria - Lessons Learned after 18 months of vulnerability research

New Critical Vulnerabilities Found on Nucleus TCP/IP Stack

NUCLEUS:13 - Dissecting the Nucleus TCP/IP stack

Monthly Archive

Follow Us