Hitachi Vantara announced Pentaho+, an integrated platform from the Pentaho software business designed to help organizations connect, enrich, and transform operations with refined, reliable data necessary for AI and generative AI accuracy. Automating the work of complex data management with…
Category: Help Net Security
Qlik Sense flaws exploited in Cactus ransomware campaign
Attackers are exploiting three critical vulnerabilities in internet-facing Qlik Sense instances to deliver Cactus ransomware to target organizations, Arctic Wolf researchers have warned. The exploited vulnerabilities Qlik Sense is a business intelligence and data analytics solution popular with governmental organizations…
Critical Zyxel NAS vulnerabilities patched, update quickly!
Zyxel has patched six vulnerabilities affecting its network attached storage (NAS) devices, including several (OS) command injection flaws that can be easily exploited by unauthenticated attackers. The vulnerabilities in Zyxel NAS devices One of the six plugged security holes is…
Apple patches two zero-days used to target iOS users (CVE-2023-42916 CVE-2023-42917)
With the latest round of security updates, Apple has fixed two zero-day WebKit vulnerabilities (CVE-2023-42916, CVE-2023-42917) that “may have been exploited against versions of iOS before iOS 16.7.1.” About the vulnerabilities (CVE-2023-42916, CVE-2023-42917) CVE-2023-42916 is a out-of-bounds read flaw, while…
New infosec products of the week: December 1, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Amazon, Datadog, Entrust, Fortanix, GitHub, Nitrokey, and Paladin Cloud. Amazon One Enterprise palm-based identity service improves security of physical spaces, digital assets Amazon One Enterprise…
Bridging the gap between cloud vs on-premise security
With the proliferation of SaaS applications, remote work and shadow IT, organizations feel obliged to embrace cloud-based cybersecurity. And rightly so, because the corporate resources, traffic, and threats are no longer confined within the office premises. Cloud-based security initiatives, such…
Key drivers of software security for financial services
Nearly 72% of applications in the financial services sector contain security flaws, according to Veracode. Despite the alarming figure, this rate of software vulnerability was the lowest of all industries analyzed and has improved since last year. The research also…
Unhappy network professionals juggling more with less
97% of US-based CIOs expressed serious concerns about at least one cybersecurity threat, according to Opengear. Failing to have the correct human oversight over the network can open up opportunities for cybercriminals to find vulnerabilities in underserved setups. It’s perhaps…
Flow Security unveils GenAI DLP module to prevent data leaks in real-time
Flow Security announced its extension to GenAI Security with the launch of a new GenAI DLP module. The widespread use of Generative AI, while leading to advancements across the enterprise and fueling exceptional innovation, has led to increasing concern over…
SDO Introduces cryptographic proximity validation for mobile push
Secret Double Octopus (SDO) has enhanced its Passwordless MFA platform to offer government- caliber identity verification to enterprises who need high-assurance login for privileged business and technical users. SDO’s new Proximity Assurance feature uses familiar mobile push notifications to cryptographically…