Here’s an overview of some of last week’s most interesting news, articles and interviews: Apple fixes “zero-click” iMessage zero-day exploited to deliver spyware (CVE-2021-30860) Apple has released security updates for macOS, iOS, iPadOS, watchOS and Safari that patch two vulnerabilities (CVE-2021-30860, CVE-2021-30858) that are being exploited in attacks in the wild. Kali Linux 2021.3 released: Kali NetHunter on a smartwatch, wider OpenSSL compatibility, new tools, and more! Offensive Security has released Kali Linux 2021.3, the … More
Here’s a look at the most interesting product releases from the past week, featuring releases from Alation, IDrive, Hornetsecurity, Palo Alto Networks, Qualys, ThreatConnect and Titania. Qualys Patch Management keeps endpoints up to date to reduce risk from exploits Qualys is integrating zero-touch patching capabilities into Qualys Patch Management. Zero-Touch Patch ensures that companies’ endpoints and servers are proactively updated as soon as patches are available, reducing their overall attack surface. Hornetsecurity launches security and … More
The post New infosec products of the week: September 17, 2021 appeared first on Help Net Security.
The ever-evolving shift to digital means that most of our day-to-day activities are carried out online. We’re now accustomed to simply toggling through a few apps to book a ride, order dinner and scroll through content from friends and public figures alike. Each of these actions requires a basic premise of trust and safety online which starts with identities needing to be verified and authenticated. But creating an identity layer wasn’t imperative for the creators … More
Sonatype released a report that revealed continued strong growth in open source supply and demand dynamics. Further, with regard to open source security risks, the report reveals a 650% year over year increase in supply chain attacks aimed at upstream public repositories, and a fascinating dichotomy pertaining to the level of known vulnerabilities present in popular and non-popular project versions. Based on survey responses collected from 702 software engineering professionals, the research observes a fundamental … More
The post Open source cyberattacks increasing by 650%, popular projects more vulnerable appeared first on Help Net Security.
A report on the skills and salaries of professionals in the technology sector reveals the true value of certification. It also identifies the number one reason for leaving a job is a lack of career growth and professional development. Questionmark, the online assessment provider, is encouraging leaders to embrace professional development and certification, both in terms of the value to the organization and to their employees. Based on an annual survey of 3,700 professionals, the … More
COVID-19 quickly ushered in the era of remote work, introducing new risks that IT professionals are struggling to manage with existing security tools, according to a Thales study. Six in 10 respondents said traditional security tools such as VPNs are still the primary vehicle for employees accessing applications remotely — likely the reason why 44% were not confident that their access security systems could scale effectively to secure remote work. These are among the key … More
The post Modern security strategies key to support remote workforce demands appeared first on Help Net Security.