With the latest round of security updates, Apple has fixed two zero-day WebKit vulnerabilities (CVE-2023-42916, CVE-2023-42917) that “may have been exploited against versions of iOS before iOS 16.7.1.” About the vulnerabilities (CVE-2023-42916, CVE-2023-42917) CVE-2023-42916 is a out-of-bounds read flaw, while…
Tag: Help Net Security
New infosec products of the week: December 1, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Amazon, Datadog, Entrust, Fortanix, GitHub, Nitrokey, and Paladin Cloud. Amazon One Enterprise palm-based identity service improves security of physical spaces, digital assets Amazon One Enterprise…
Bridging the gap between cloud vs on-premise security
With the proliferation of SaaS applications, remote work and shadow IT, organizations feel obliged to embrace cloud-based cybersecurity. And rightly so, because the corporate resources, traffic, and threats are no longer confined within the office premises. Cloud-based security initiatives, such…
Key drivers of software security for financial services
Nearly 72% of applications in the financial services sector contain security flaws, according to Veracode. Despite the alarming figure, this rate of software vulnerability was the lowest of all industries analyzed and has improved since last year. The research also…
Unhappy network professionals juggling more with less
97% of US-based CIOs expressed serious concerns about at least one cybersecurity threat, according to Opengear. Failing to have the correct human oversight over the network can open up opportunities for cybercriminals to find vulnerabilities in underserved setups. It’s perhaps…
Flow Security unveils GenAI DLP module to prevent data leaks in real-time
Flow Security announced its extension to GenAI Security with the launch of a new GenAI DLP module. The widespread use of Generative AI, while leading to advancements across the enterprise and fueling exceptional innovation, has led to increasing concern over…
SDO Introduces cryptographic proximity validation for mobile push
Secret Double Octopus (SDO) has enhanced its Passwordless MFA platform to offer government- caliber identity verification to enterprises who need high-assurance login for privileged business and technical users. SDO’s new Proximity Assurance feature uses familiar mobile push notifications to cryptographically…
Dremio introduces GenAI-powered data documentation and labeling to reduce manual work
Dremio has unveiled AI-powered data discovery capabilities that accelerate and simplify data contextualization and description for analytics, along with improved capabilities that extend its leadership as the analytics engine for Apache Iceberg. Expanding on previously announced Generative AI text-to-SQL capabilities,…
Delinea Secret Server enhancements increase privileged access management adoption
Delinea announced new features for Secret Server to improve usability and increase PAM adoption across organizations. These enhancements optimize how privileged users interact with the vault through Web Password Filler and Connection Manager, while new capabilities within the Delinea Mobile…
CISA urges water facilities to secure their Unitronics PLCs
News that Iran-affiliated attackers have taken over a programmable logic controller (PLC) at a water system facility in Pennsylvania has been followed by a public alert urging other water authorities to immediately secure their own PLCs. “The cyber threat actors…