Archive for the ‘Uncategorized’ Category

WatchGuard Completes Panda Acquisition

WatchGuard Completes Panda Acquisition

US security company WatchGuard Technologies has concluded the acquisition of Spanish cybersecurity solutions provider Panda Security



WatchGuard announced the signing of a definitive agreement to purchase Panda in March 2020. Three months on, 30-year-old company Panda is now a wholly owned subsidiary of WatchGuard.



In a statement released today, the combined company said the completed deal will “enable current and future customers and partners to consolidate their fundamental security services for protection from network to endpoint under a single company.”



CEO of WatchGuard Prakash Panjwani said the finalized deal would bring both immediate and long-term benefits.



“Our customers and partners need access to enterprise-grade security built for the unique needs and requirements of the midmarket. WatchGuard is focused on delivering these security services via an MSP-focused security platform that simplifies every aspect of security delivery and solidifying our position as the de facto security solution for the midmarket,” said Panjwani.



“The completed acquisition of Panda Security, and the subsequent integration of its portfolio into WatchGuard Cloud, represents a significant milestone for the company and will result in both immediate and long-term benefits for our customers and partners that will address common challenges with security complexity, rapidly changing network topologies, purchasing models, and more.”



One of the first orders of business for the new combined company will be to provide partners and customers from both companies access to the newly expanded portfolio of security solutions. 



By integrating portfolios, the company hopes that partners and customers will benefit from advanced threat detection and response functionality fueled by modern AI capabilities, behavior-profiling techniques, and cutting-edge security event correlation, as well as additional operational benefits such as a centralized management across network and endpoint security.



WatchGuard is headquartered in Seattle, Washington, with offices throughout North America, Europe, Asia Pacific, and Latin America. The company describes itself as a leading global provider of network security and intelligence, secure Wi-Fi, and multi-factor authentication.



Prior to its acquisition by WatchGuard, Panda was owned by Investing Profit Wisely (IPW), an investment company focused exclusively on software publishing companies and based in Spain. Panda is headquartered in Madrid and Bilbao. 


Source: Infosecurity
WatchGuard Completes Panda Acquisition

Thycotic Buys Onion ID to Extend PAM Portfolio

The acquisition brings three new products into Thycotic’s privileged access management lineup.
Source: DarkReading
Thycotic Buys Onion ID to Extend PAM Portfolio

Exostar to Be Acquired by Thoma Bravo

Exostar to Be Acquired by Thoma Bravo

A Virginia software company specializing in cloud-based solutions has agreed to be acquired by private equity firm Thoma Bravo.



Exostar was developed as a joint venture between some of the world’s leading businesses, including BAE Systems, Boeing, Lockheed Martin, Raytheon, Rolls-Royce, and, more recently, Merck. 



Initially formed as a B2B aerospace and defense industry exchange, the company’s secure platform now serves over 150,000 organizations in over 150 different countries in not only aerospace and defense, but the life sciences and healthcare markets as well.



After 20 years of joint-venture ownership by five global aerospace and defense industry leaders and one of the world’s largest pharmaceutical companies, Exostar has reached an agreement to be acquired by Thoma Bravo. 



A spokesperson for Exostar said that the owners “whose careful guidance has been integral to Exostar’s success”—BAE Systems, Boeing, Lockheed Martin, Merck, Raytheon Technologies, and Rolls-Royce—will “remain actively engaged as valued customers and trusted advisors.”



Exostar CEO and president Richard Addi said that the planned transaction “reflects the logical next step in our company’s evolution.”



“Thoma Bravo’s strategic investment positions us to more rapidly expand our community and deliver the digital trust that must exist between an enterprise and its suppliers, customers and partners,” said Addi.  



“We can leverage Thoma Bravo’s deep technology and security experience to take full advantage of our unique market position. Together, we plan to accelerate time-to-market for the Exostar suite of solutions that enable global enterprises to execute their mission-critical supply chain and drug development initiatives.”



Carl Press, a principal at Thoma Bravo, said the PE firm was thrilled to partner with Addi and the Exostar team.



“Exostar’s identity access management and secure collaboration software is utilized by some of the most respected and well-known enterprise customers in aerospace and defense, life sciences and healthcare,” said Press.



“The company’s understanding of complex organizations’ procurement and collaboration needs is a key differentiator inherent in its products.”



Thoma Bravo said it was hoping to expand Exostar’s capabilities, particularly in the realm of cybersecurity. 



The transaction is subject to customary closing conditions and regulatory approvals. Terms of the transaction were not disclosed.


Source: Infosecurity
Exostar to Be Acquired by Thoma Bravo

CVE-2020-3680

A race condition can occur when using the fastrpc memory mapping API. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053, MSM8909W, MSM8917, MSM8953, QCS605, QM215, SA415M, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX24, SXR1130
Source: NIST
CVE-2020-3680

CVE-2020-3641

Integer overflow may occur if atom size is less than atom offset as there is improper validation of atom size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996AU, MSM8998, QCA6574AU, QCM2150, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR2130
Source: NIST
CVE-2020-3641

CVE-2020-3645

Firmware will hit assert in WLAN firmware If encrypted data length in FILS IE of reassoc response is more than 528 bytes in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, Kamorta, Nicobar, QCA6390, QCA8081, QCN7605, QCS404, QCS405, QCS605, Rennell, SC7180, SC8180X, SDA845, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130, SXR2130
Source: NIST
CVE-2020-3645

CVE-2020-3625

When making query to DSP capabilities, Stack out of bounds occurs due to wrong buffer length configured for DSP attributes in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in SM8250, SXR2130
Source: NIST
CVE-2020-3625

CVE-2020-3618

NULL exception due to accessing bad pointer while posting events on RT FIFO in Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, QCA8081, SC8180X, SXR2130
Source: NIST
CVE-2020-3618

CVE-2020-3630

Possibility of out of bound access while processing the responses from video firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS405, QCS605, QM215, Rennell, SA415M, SA6155P, Saipan, SC8180X, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
Source: NIST
CVE-2020-3630

CVE-2020-3623

kernel failure due to load failures while running v1 path directly via kernel in Snapdragon Mobile in SM8250, SXR2130
Source: NIST
CVE-2020-3623