Posts tagged ‘Security’
Resiliency Is the New SLA: Why AI Demands an Always-On Intelligent Edge
For decades, we’ve measured the network in terms of uptime percentages and bandwidth tiers. In the AI era, those metrics are no longer enough. Resiliency, which is the ability to deliver uninterrupted, any-directional, application-aware connectivity in the face of unpredictable AI workloads, is the new SLA.
CVE-2026-41940: Inside the cPanel/WHM Authentication Bypass
Introduction Hosting control panels operate with near-total authority over a server: websites, databases, DNS, email, and the account lifecycle are all driven from one place. That privilege makes them a high-value target—when a control-plane bug appears, compromise can extend far beyond a single site. CVE-2026-41940 is a pre-authentication bypass affecting WebPros cPanel & WHM (WebHost Manager) and WP2 (WordPress Squared). In practical terms, it lets a remote, unauthenticated attacker reach administrator-level control without supplying valid credentials. Background: What Is cPanel/WHM? cPanel is a widely deployed, Linux-based hosting panel. WHM is the higher-privileged layer used by resellers and server administrators to…
Compliance: Mapping the Coast Guard’s MTSA Cyber Rule to VersaONE
Here is how Versa Unified SASE platform translates 33 CFR Part 101, Subpart F into controls for compliance.
The Ghost in the Leased Line: Unmasking MuddyWater, Surgical Cyber Arm
In the high-stakes theater of global geopolitics, the most effective weapons aren’t always missiles; sometimes, they are just few lines of code.
Closing the Cloud Security Posture Management Gap with Versa CSPM
Today’s environments span multi-cloud infrastructure, SaaS ecosystems, remote endpoints, and an increasing layer of AI-driven applications and integrations. This expansion has introduced a new class of challenges—not just scale, but visibility.
Identity Is the New Perimeter. Stryker Just Taught Us That the Hard Way.
A story on how an Iran-linked group wiped tens of thousands of Stryker’s devices A nation-state attack that changes every assumption we had For years, we have treated nation-state threats as a “Tier 1” problem — something reserved for defense contractors and the energy grid. The March 2026 attack on Stryker Corporation by Iran-linked group Handala officially kills that assumption. On March 11, 2026, Stryker’s corporate Microsoft environment was hit. Employees arrived to find their managed devices wiped out overnight through entirely legitimate Intune commands. Handala claimed 200,000+ systems affected; independent reporting confirms that tens of thousands were impacted. Stryker’s…
Automating Branch-to-Cloud Connectivity and Security: Versa Secure SD-WAN Integration with Zscaler Internet Access
We’re excited to introduce an automated integration between Versa Secure SD-WAN and Zscaler that makes dual-vendor SASE faster, secure and resilient. This integration helps you secure local internet breakout, improve user experience and simplify operations
Why Identity Alone Isn’t Enough: Device Posture in Contextual Zero Trust Security
Identity-based access is incomplete without device posture. Learn how contextual Zero Trust and continuous endpoint profiling reduce standing privilege risk in Dynamic Enterprises.
BrickStorm Malware: Anatomy of a Stealth Linux Backdoor Targeting Modern Infrastructure
BrickStorm is a highly stealthy Linux backdoor designed for long-term, targeted cyber-espionage. Brickstorm is closely associated with Cyber Espionage group UNC5221, which is known for exploiting zero-days vulnerability in network edge appliances like Ivanti, F5 and MiTRE breach. Unlike commodity malware, BrickStorm is deployed post-compromise, operates largely in memory, and uses a modular architecture with custom encrypted command-and-control (C2). Its focus on Linux servers, network appliances, and embedded systems reflects a broader trend: attackers increasingly target infrastructure layers where visibility and detection are weakest.
‘Secure by Design’ at Versa: One Year of Progress
Security is a product decision, not an afterthought. As a further commitment to this principle and as a reflection of our pledge to the CISA Secure by Design goals, over the past year Versa has been putting them into practice across our platform, processes, and programs. Organized below around the seven Secure by Design pledge goals is a summary of the related new capabilities and enhancements we’ve delivered, along with a quick explanation of the importance of the changes.
Intelligent Edge
Resiliency Is the New SLA: Why AI Demands an Always-On Intelligent Edge
By Rajesh Kari
Director, Product Marketing
June 4, 2026
For decades, we’ve measured the network in terms of uptime percentages and bandwidth tiers. In the AI era, those metrics are no longer enough. Resiliency, which is the ability to deliver uninterrupted, any-directional, application-aware connectivity in the face of unpredictable AI workloads, is the new SLA.
Industry Insights
CVE-2026-41940: Inside the cPanel/WHM Authentication Bypass
By Ronak Dhandha
Security Engineer 2 - Research
May 13, 2026
Introduction Hosting control panels operate with near-total authority over a server: websites, databases, DNS, email, and the account lifecycle are all driven from one place. That privilege makes them a high-value target—when a control-plane bug appears, compromise can extend far beyond a single site. CVE-2026-41940 is a pre-authentication bypass affecting WebPros cPanel & WHM (WebHost Manager) and WP2 (WordPress Squared). In practical terms, it lets a remote, unauthenticated attacker reach administrator-level control without supplying valid credentials. Background: What Is cPanel/WHM? cPanel is a widely deployed, Linux-based hosting panel. WHM is the higher-privileged layer used by resellers and server administrators to…
Industry Insights
Compliance: Mapping the Coast Guard’s MTSA Cyber Rule to VersaONE
By Dhiraj Sehgal
Senior Director, Product Marketing
May 12, 2026
Here is how Versa Unified SASE platform translates 33 CFR Part 101, Subpart F into controls for compliance.
Industry Insights
The Ghost in the Leased Line: Unmasking MuddyWater, Surgical Cyber Arm
By Jayesh Gangadas Patel
Principle Threat Researcher, Versa Networks
May 11, 2026
In the high-stakes theater of global geopolitics, the most effective weapons aren’t always missiles; sometimes, they are just few lines of code.
Company Updates
Closing the Cloud Security Posture Management Gap with Versa CSPM
By Kapil Bajaj and Udaykumar TJ
May 6, 2026
Today’s environments span multi-cloud infrastructure, SaaS ecosystems, remote endpoints, and an increasing layer of AI-driven applications and integrations. This expansion has introduced a new class of challenges—not just scale, but visibility.
Industry Insights
Identity Is the New Perimeter. Stryker Just Taught Us That the Hard Way.
By Shruti Badami and Prasad T
Security Engineer - Research, and Field CISO
April 2, 2026
A story on how an Iran-linked group wiped tens of thousands of Stryker’s devices A nation-state attack that changes every assumption we had For years, we have treated nation-state threats as a “Tier 1” problem — something reserved for defense contractors and the energy grid. The March 2026 attack on Stryker Corporation by Iran-linked group Handala officially kills that assumption. On March 11, 2026, Stryker’s corporate Microsoft environment was hit. Employees arrived to find their managed devices wiped out overnight through entirely legitimate Intune commands. Handala claimed 200,000+ systems affected; independent reporting confirms that tens of thousands were impacted. Stryker’s…
Company Updates
Automating Branch-to-Cloud Connectivity and Security: Versa Secure SD-WAN Integration with Zscaler Internet Access
By Rajesh Kari
Director, Product Marketing
March 20, 2026
We’re excited to introduce an automated integration between Versa Secure SD-WAN and Zscaler that makes dual-vendor SASE faster, secure and resilient. This integration helps you secure local internet breakout, improve user experience and simplify operations
Industry Insights
Why Identity Alone Isn’t Enough: Device Posture in Contextual Zero Trust Security
By Sambuj Dhara
Product Analyst
March 19, 2026
Identity-based access is incomplete without device posture. Learn how contextual Zero Trust and continuous endpoint profiling reduce standing privilege risk in Dynamic Enterprises.
Research Lab
BrickStorm Malware: Anatomy of a Stealth Linux Backdoor Targeting Modern Infrastructure
By Jayesh Gangadas Patel
Principle Threat Researcher, Versa Networks
February 5, 2026
BrickStorm is a highly stealthy Linux backdoor designed for long-term, targeted cyber-espionage. Brickstorm is closely associated with Cyber Espionage group UNC5221, which is known for exploiting zero-days vulnerability in network edge appliances like Ivanti, F5 and MiTRE breach. Unlike commodity malware, BrickStorm is deployed post-compromise, operates largely in memory, and uses a modular architecture with custom encrypted command-and-control (C2). Its focus on Linux servers, network appliances, and embedded systems reflects a broader trend: attackers increasingly target infrastructure layers where visibility and detection are weakest.
Company Updates
‘Secure by Design’ at Versa: One Year of Progress
By Sunil Ravi
Chief Security Architect, Versa Networks
January 30, 2026
Security is a product decision, not an afterthought. As a further commitment to this principle and as a reflection of our pledge to the CISA Secure by Design goals, over the past year Versa has been putting them into practice across our platform, processes, and programs. Organized below around the seven Secure by Design pledge goals is a summary of the related new capabilities and enhancements we’ve delivered, along with a quick explanation of the importance of the changes.
Subscribe to the Versa Blog



