Discover Cloud-Based Security Solutions for Protecting the New Way Businesses Work Trusted, reliable threat protection Cisco Umbrella provides a broader set of protection that not only improves security but simplifies management. From delivering unmatched threat protection to assisting with compliance considerations and reducing bandwidth costs, it’s security you can count on every day. Learn More

Hewlett Packard Enterprise will sell 30 percent of its shares of H3C to Chinese IT provider Unisplendour for approximately US$2.1 billion, HPE said in a regulatory filing. “The HPE Parties and UNIS [Unisplendour Corp.] have entered into the revised arrangements to restructure the Shares sale process in a manner that is expected to facilitate the sale by the HPE Parties of 30 percent of the total issued share capital of H3C to UNIS for approximately US$2. ...

Security researchers have released a proof-of-concept (PoC) exploit for a maximum-severity vulnerability in Fortinet’s security information and event management (SIEM) solution, which was patched in February. Tracked as CVE-2024-23108, this security flaw is a command injection vulnerability discovered and reported by Horizon3 vulnerability expert Zach Hanley that enables remote command execution as root without requiring authentication. “Multiple improper neutralization of special elements used in an OS Command vulnerability [CWE-78] in FortiSIEM supervisor may allow a remote unauthenticated attacker to execute unauthorized commands via crafted API requests,” Fortinet says. ...

Kate Woolley, IBM’s global channel chief, sat down with CRN US at IBM Think 2024 to discuss the company’s upcoming MSP program and IBM’s partner strategy behind selling its QRadar security business to Palo Alto Networks and what the channel should be doing about it. “Once the acquisition closes, our partners will have the opportunity to join Palo Alto Networks’ partner program, if they’re not already part of that, so they will be able to then sell Palo Alto’s Cortex XSIAM,” said Kate Woolley, general manager of IBM Ecosystem. ...

Threat actors are targeting Check Point Remote Access VPN devices in an ongoing campaign to breach enterprise networks, the company warned in a Monday advisory. Remote Access is integrated into all Check Point network firewalls. It can be configured as a client-to-site VPN for access to corporate networks via VPN clients or set up as an SSL VPN Portal for web-based access. Check Point says the attackers are targeting security gateways with old local accounts using insecure password-only authentication, which should be used with certificate authentication to prevent breaches. ...

A hacker has defaced the website of the pcTattletale spyware application, found on the booking systems of several Wyndham hotels in the United States, and leaked over a dozen archives containing database and source code data. As Vice reported three years ago, this stalkerware app was also found leaking real-time screenshots from Android phones. Described by its developers as an “employee and child monitoring software,” pcTattletale is a consumer-grade spyware solution that was leaking guest details and customer information captured from the hotels’ check-in systems because of an API security vulnerability, according to TechCrunch. ...