Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On May 31, Forescout Research – Vedere Labs uncovered a significant incident where threat actors exploited a critical zero-day vulnerability in the MOVEit Transfer software, which resulted in unauthorized access to and exfiltration of private data, as well as privilege escalation. MOVEit Transfer is a widely adopted managed file transfer (MFT) solution that enables organizations to securely exchange files with their business partners and customers.

During a red team assessment for a client, Charles Fol and Dany Bach from LEXFO, discovered a heap overflow bug in Fortigate’s SSL VPN that can be exploited to achieve remote code execution on Fortigate instances. This vulnerability is reachable without authentication, and can be used to execute arbitrary code on vulnerable systems, which could lead to a complete compromise of the system.

Last month, Corelight had the distinct privilege of joining Cisco, NetWitness, Palo Alto Networks, Arista, and our internet service provider, MyRepublic, to provide availability and network security overwatch to the Black Hat Asia network in Singapore. This marked our first appearance in the Black Hat Network Operations Center (NOC).

APIs power today’s digital economy and enable organizations to succeed in their business innovation efforts. Because every company’s APIs are unique, so are its security gaps, which bad actors will inevitably try to exploit. Only through rich context and deep behavioral analysis can these attackers be stopped. Many of the APIs that enable today’s applications and business services live and breathe within the Amazon Web Service (AWS) ecosystem.

Corporate networks are rapidly becoming more complex and distributed. With the growth of cloud computing, remote work, mobile and Internet of Things (IoT), companies have users and IT assets everywhere, requiring connectivity. Software-defined WAN (SD-WAN) provides the ability to implement a secure, high-performance corporate WAN on top of existing networks. However, SD-WAN infrastructures must be carefully designed and implemented to provide full value to the organization.

Network security monitoring tools are a critical component of any IT security toolkit. These tools help protect your network from online threats by looking for weaknesses and potential dangers in your organization's digital properties. But as digital ecosystems have expanded into the cloud, remote locations, and across geographies – the number of monitoring tools has skyrocketed.

Several months ago, we announced that our strategic alliance partner CrowdStrike decided to use our Open NDR technology across its professional services portfolio. This wasn’t just a meaningful validation for us—it was also a testament to the importance CrowdStrike places in arming its world-class Services teams with the technology that can best ensure the protection of its customers.