From helpnetsecurity.com
Here’s an overview of some of last week’s most interesting news, reviews and articles:
Critical flaw in SonicWall’s firewalls patched, update quickly! (CVE-2020-5135)
SonicWall patched 11 vulnerabilities affecting its Network Security Appliance (NSA). Among those is CVE-2020-5135, a critical stack-based buffer overflow vulnerability in the appliances’ VPN Portal that could be exploited to cause denial of service and possibly remote code execution.
The anatomy of an endpoint attack
A lot has changed across the cybersecurity threat landscape in the last decade, but one thing has remained the same: the endpoint is under siege. What has changed is how attackers compromise endpoints. Threat actors have learned to be more patient after gaining an initial foothold within a system (and essentially scope out their victim).