Qualcomm Monthly Patches are out. New Alerts for SaltStack, Dell, Apache Tomcat, Synology, and Linux. 

More information is available about the genua firewall vulnerability.  See the link below...  

Bruce Schneier has an essay about SolarWinds, and identifies Thoma Bravo as an investor, "private-equity firms known for extreme cost-cutting."   

Thoma Bravo bought Barracuda back in 2017, and Barracuda never published another Security bulletin, and ultimately removed the Security Bulletin page entirely. When I see Thoma Bravo involved in a company/product, I assume security is no longer a priority.  I thought it was interesting when they bought Sophos in March last year. I hoped they might be trying to turn the reputation around. But it appears not. 


Authentication bypass vulnerability in Genua GenuGate High Resistance Firewall

The Genua GenuGate High Resistance Firewall is affected by a critical authentication bypass vulnerability. An unauthenticated attacker is able to successfully login as arbitrary user in the admin web interface, the side channel interface and user web interface, even as root with highest privileges, by manipulating certain HTTP POST parameters during login.
https://sec-consult.com/vulnerability-lab/advisory/authentication-bypass-genua-genugate/

National Security Risks of Late-Stage Capitalism - Schneier on Security


https://www.schneier.com/blog/archives/2021/03/national-security-risks-of-late-stage-capitalism.html

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts

Security Wizardry Cyber Threat Intelligence - The Radar Page

https://radar.securitywizardry.com