The AP says that yesterday’s annual report of Germany’s Bundesamt für Verfassungsschutz warned that consumers providing information to Chinese companies may also be providing it to the Chinese government.

Attackers are actively scanning for recently patched vulnerabilities in Citrix Application Delivery Controller (ADC), Citrix Gateway, and the Citrix SD-WAN WANOP appliance, the SANS Institute reports. Users are urged to apply the patches as soon as possible.

Security researchers Pierre Kim and Alexandre Torres report finding vulnerabilities in widely used Fiber-To-The-Home (FTTH) and Optical Line Termination (OLT) devices sold by Shenzhen-based C-Data. ZDNet observes that, of the seven vulnerabilities found, the most serious is the hardcoding of Telnet accounts in the firmware. These grant intruders full administrative access to the devices. Security Affairs points out that the backdoors appear to be intentional.

A Zoom zero-day affects older and no-longer-supported Windows systems (Windows 7 and earlier) too many of which remain in use, according to 0Patch. ZDNet says Zoom is working on a fix.

BleepingComputer reports that Ryuk ransomware is fading while its malware sibling,…

Read More…

Software-defined wide-area networking (SD-WAN) is rapidly replacing the traditional WAN for remote office and branch deployments. SD-WAN was designed to provide a wide range of benefits to support digital innovation. However, far too many SD-WAN solutions lack critical networking and security features, requiring organizations to add complex and costly overlay solutions to manage and protect their SD-WAN deployments.

For example, one critical issue organizations face – especially when a large number of SD-WAN devices have been deployed – is orchestrating communications, workflows, and other traffic between branch offices. While a traditional WAN model is certainly inefficient from a bandwidth or application management perspective, its hub and spoke model for connecting remote environments is relatively simple to deploy and manage. Since SD-WAN enables direct connections to the internet, however, building a communications overlay requires a complex, fully meshed VPN solution that can be a nightmare to design, implement, and manage.

The best approach to addressing this and similar challenges, such as SD-WAN security, is through integration,

Read More…