Critical Buffer Overflow Vulnerability in PAN-OS Devices Disclosed

September 11, 2020

Palo Alto Networks (PAN) published nine security advisories for a series of vulnerabilities affecting PAN-OS, a custom operating system (OS) found in PAN’s next-generation firewalls. Below is a comment from Rody Quinlan, Security Response Manager, Tenable. A further analysis can be found in this blog.

CVE-2020-2040, a buffer overflow vulnerability is a major concern because PAN-OS is, fundamentally, the guardian between an organisation’s network and the outside world. Successful exploitation could allow an attacker to disrupt system processes, which includes preventing the firewall from doing its job. This would allow an attacker to essentially gain control of the organisation’s firewall rules too. In layman’s terms, an attacker could break down a line of defence to, or within, the network or rewrite the rules and decide who does or does not have access.

It’s important not to panic as there is no evidence that this vulnerability has been exploited in the wild and, for now, there is no proof-of-concept code available. However, as is often the case with this type of serious vulnerability, that could change at any moment. That, combined with the number of publicly accessible PAN-OS devices and the potential risk, means organisations running affected versions of PAN-OS should take the threat seriously and upgrade to a fixed version as soon as possible.” – Rody Quinlan, Security Response Manager at Tenable.


ColorTokens and TechnoBind Partner to Deliver Unparalleled Micro-Segmentation and Zero Trust Solutions Across India and the SAARC Region

September 11, 2020

BENGALURU, India – September 11, 2020

ColorTokens Inc. a leading innovator in cloud-based cybersecurity solutions, announced today that it has signed a strategic partnership agreement with TechnoBind, the first Specialist Distributor in the Indian IT channel space, to bring the award-winning protection of the ColorTokens Xtended ZeroTrust Platform to modern enterprises across India and the SAARC region.

TechnoBind recognizes that the traditional, castle-and-moat approach of creating a security perimeter has proven to be ineffective against advanced threats time and time again. Today’s enterprises are demanding a modern approach to managing security posture, which ColorTokens’ award-winning micro-segmentation and visibility solution, Xsheild, and endpoint protection solution, Xprotect, represent.

ColorTokens’ Xshield and Xprotect, part of the Xtended ZeroTrust Platform, deliver the ability to instantly visualize and segment, protect endpoints, contain and respond to zero-day attacks, and achieve all of this while seamlessly integrating with existing security tools. The easy-to-deploy, cloud-delivered platform goes far beyond perimeter security, making unprecedented visibility, micro-segmentation, and zero trust architecture a reality for organizations of all sizes. ColorTokens also delivers calculations of risk exposure and the related potential costs – providing security and risk leaders with unprecedented ability to quantify risk and prioritize security solutions to minimize such risks.

At TechnoBind, we look for innovative cybersecurity approaches that are leading the pack to support the cybersecurity market’s emerging needs. Micro-segmentation and zero trust architecture are two growing market opportunities that ColorTokens powerfully addresses and has also pioneered,” said Prashanth GJ, CEO at TechnoBind. “We recognize the value in leveraging ColorTokens’ best-in-class visibility, micro-segmentation, endpoint protection and zero trust approach in today’s cybersecurity marketplace, which has led us to align with ColorTokens and to lead our partners towards monetizing this value.”

Raja Ukil, Senior Vice President and Global Head, Enterprise Business at ColorTokens comments: “We see an immense opportunity in this partnership to harness TechnoBind’s established local presence, ecosystem and expertise to ultimately extend ColorTokens’ offering and deliver the highest business value to a wider range of partners and end clients across India and the SAARC region. ColorTokens’ powerfully streamlined approach is an ideal match to the innovative solutions that TechnoBind showcases and we look forward to working closely with TechnoBind to jointly-address the market’s emerging needs.”

# # #

About ColorTokens

ColorTokens Inc., a leader in cloud-delivered Zero Trust security, empowers global enterprises with a proactive approach to securing cloud workloads, dynamic applications, endpoints, and users. Through its award-winning Security Platform, ColorTokens delivers products and services that help businesses accurately assess and drastically improve their security posture. For more information, please visit www.colortokens.com.

About TechnoBind TechnoBind is first Specialist Distributor in the Indian IT channel, offering a hybrid distribution model placed synergistically between broad-based and niche distribution, in order to deliver the highest business values for each of its reseller partners. TechnoBind helps partners to implement solutions which solve specific business pain points arising out of rapidly changing facets of technology for businesses. Learn more at: https://www.technobind.com/


%d bloggers like this: