Here’s an overview of some of last week’s most interesting news, articles and interviews: Apple fixes “zero-click” iMessage zero-day exploited to deliver spyware (CVE-2021-30860) Apple has released security updates for macOS, iOS, iPadOS, watchOS and Safari that patch two vulnerabilities (CVE-2021-30860, CVE-2021-30858) that are being exploited in attacks in the wild. Kali Linux 2021.3 released: Kali NetHunter on a smartwatch, wider OpenSSL compatibility, new tools, and more! Offensive Security has released Kali Linux 2021.3, the … More →

The post Week in review: Kali Linux 2021.3, how to avoid cloud configuration breaches, hybrid digital dexterity appeared first on Help Net Security.

Cyber attacks pose a massive risk for financial institutions. The cost of data breaches averages tens of millions of dollars, and other after-effects are often far-reaching for organizations and their customers. At the root of these breaches are passwords – in an estimated 80% of cases. “Eliminating passwords and replacing them with more secure and user-friendly solutions is critical,” says Entersekt’s SVP Product, Christian Ali. Ali says there’s been a massive surge in online fraud … More →

The post Entersekt offers FIDO authentication to improve security for financial institutions appeared first on Help Net Security.

McAfee announced that Gunther Bright, Executive Vice President and General Manager of Global and U.S. Large Enterprises at American Express, has joined its Board of Directors. Bright is a payments industry veteran with extensive experience materially growing consumer and retailer businesses directly and through partnerships. With his vast experience, his appointment strengthens the McAfee board. “We are excited to welcome Gunther to the McAfee board,” said Peter Leav, McAfee President and Chief Executive Officer. “His … More →

The post Gunther Bright joins McAfee Board of Directors appeared first on Help Net Security.

Mirantis launched Mirantis Flow, a vendor-agnostic, cloud-native data center-as-a-service aimed at businesses currently using costly, lock-in cloud infrastructure technology to modernize infrastructure while enabling both virtualization and containerization for all application types. Mirantis Flow also simplifies onboarding for businesses just beginning their cloud journey. Flow makes it easy to quickly — in as little as five days — deploy and run a centrally managed, scalable cloud infrastructure providing virtualization and containerization in the data center, … More →

The post Mirantis Flow provides virtualization and containerization in the data center appeared first on Help Net Security.

SnapLogic released the latest version of its SnapLogic Flows solution. SnapLogic Flows allows teams in departments such as sales, marketing, finance, and HR to build new integrations and automations themselves that support their daily operations, solve their most pressing business needs, and speed up time-to-market and results. “Business users want self-service tools to get their hands on timely critical data and be able to act fast to deliver results. Our new Flows capability empowers these … More →

The post SnapLogic Flows enables non-technical business teams to build integrations and automations appeared first on Help Net Security.

Cytracom announced the acquisition of OmniNet. OmniNet combines SD-WAN and cloud security to enable secure connectivity without the need for or limitations of traditional, on-premises UTMs and firewalls. “Cytracom is solely focused on enabling our partners to connect the modern workforce. Our mission began with building a partner-first voice platform that has since expanded to include rich integrations into the tools our customers are using every day, and most recently, a comprehensive business text messaging … More →

The post Cytracom acquires OmniNet to deliver security and connectivity solutions for their customers appeared first on Help Net Security.

Kolide raised $17M in Series B investment funding bringing the total funding to date to $27M. The round was led by Boston-based OpenView Partners, a VC that exclusively invests in product-led SaaS B2B companies. OpenView joined other participating investors such as Matrix Partners, who previously led the Series A. Kolide is betting big on a user-focused approach to endpoint security. Unlike other endpoint security products which ignore users and only alert the security team, Kolide’s … More →

The post Kolide raises $17M to fuel the growth and expansion of its go-to market strategy appeared first on Help Net Security.

Torq announced that Jason Chan has joined the company’s CISO Advisory board. The former leader of information security at Netflix, Jason will leverage his decades-long career building and leading security teams to help Torq continue to accelerate product development and build the company’s market presence. He will work closely with Torq’s leadership and product teams, as well as with customers seeking to modernize their security automation practices. “Jason’s experience leading rapidly-growing security organizations gives him … More →

The post Jason Chan joins Torq CISO Advisory Board appeared first on Help Net Security.

Here’s a look at the most interesting product releases from the past week, featuring releases from Alation, IDrive, Hornetsecurity, Palo Alto Networks, Qualys, ThreatConnect and Titania. Qualys Patch Management keeps endpoints up to date to reduce risk from exploits Qualys is integrating zero-touch patching capabilities into Qualys Patch Management. Zero-Touch Patch ensures that companies’ endpoints and servers are proactively updated as soon as patches are available, reducing their overall attack surface. Hornetsecurity launches security and … More →

The post New infosec products of the week: September 17, 2021 appeared first on Help Net Security.

The ever-evolving shift to digital means that most of our day-to-day activities are carried out online. We’re now accustomed to simply toggling through a few apps to book a ride, order dinner and scroll through content from friends and public figures alike. Each of these actions requires a basic premise of trust and safety online which starts with identities needing to be verified and authenticated. But creating an identity layer wasn’t imperative for the creators … More →

The post The digital identity imperative appeared first on Help Net Security.

Sonatype released a report that revealed continued strong growth in open source supply and demand dynamics. Further, with regard to open source security risks, the report reveals a 650% year over year increase in supply chain attacks aimed at upstream public repositories, and a fascinating dichotomy pertaining to the level of known vulnerabilities present in popular and non-popular project versions. Based on survey responses collected from 702 software engineering professionals, the research observes a fundamental … More →

The post Open source cyberattacks increasing by 650%, popular projects more vulnerable appeared first on Help Net Security.

A report on the skills and salaries of professionals in the technology sector reveals the true value of certification. It also identifies the number one reason for leaving a job is a lack of career growth and professional development. Questionmark, the online assessment provider, is encouraging leaders to embrace professional development and certification, both in terms of the value to the organization and to their employees. Based on an annual survey of 3,700 professionals, the … More →

The post Highest paying IT certifications in 2021 appeared first on Help Net Security.

COVID-19 quickly ushered in the era of remote work, introducing new risks that IT professionals are struggling to manage with existing security tools, according to a Thales study. Six in 10 respondents said traditional security tools such as VPNs are still the primary vehicle for employees accessing applications remotely — likely the reason why 44% were not confident that their access security systems could scale effectively to secure remote work. These are among the key … More →

The post Modern security strategies key to support remote workforce demands appeared first on Help Net Security.

O’Reilly announced the results of a survey, which revealed that 64% of respondents took part in training or obtained new certifications in the past year to build upon their professional skills. The survey also found that 61% of respondents participated in training or earned certifications to solicit a salary increase or promotion. Despite this, the average change in compensation over the last three years was $9,252—an increase of just 2.25% annually. Most interested in learning … More →

The post Data and AI professionals prioritize learning new skills amid labor shortage appeared first on Help Net Security.

5G trends are continuing to accelerate, with 5G SA Core evaluation, testing and launch activities growing significantly across all geographic regions, according to Spirent. In particular, there is considerable demand for managed solutions and XaaS (Anything as a Service) offerings, with automation technology providing a proven, practical approach to cumbersome testing in complex, multi-vendor environments. “At the halfway point in 2021, the dominant 5G trends that were present at the start of the year continue … More →

The post 5G trends accelerating, all major regions pursuing 5G Core testing and deployments appeared first on Help Net Security.

Safe Systems released CloudInsight M365 Security Basics, which provides financial institutions visibility into their security settings for Azure Active Directory and O365/M365 tenants. Digital security will continue to be a growing concern for modern financial institutions. According to a recent KPMG report, 92% of companies have their cloud service credentials for sale on the dark web. Safe Systems’ M365 Security Basics protects against common risks and helps improve cloud security posture. “Many people don’t realize … More →

The post Safe Systems CloudInsight M365 Security Basics provides visibility into Microsoft security settings appeared first on Help Net Security.

Sentry announced new capabilities that reduce management overhead and accelerate issue response times for enterprise development teams. With percent-based alerts, Code Owners for GitHub and GitLab, team and personal notifications in Slack, and SCIM support for Okta, teams can find the right people at the right time to fix the right issues, streamline workflows, and improve developer efficiency. Excessive time spent on management and code maintenance are why most developers spend less than one-third of … More →

The post Sentry’s capabilities enable enterprise teams to reduce risk and management overhead appeared first on Help Net Security.

Push Technology announced new personalized client data delivery capability in the company’s Diffusion Intelligent Event-Data Platform, that delivers data among applications, systems and devices. Introducing personalization with Session Trees The new release expands the range of Diffusion’s Data Wrangling capabilities with the introduction of Session Trees. With Session Trees you can easily create event-data streams, for example: by geography focused on a local event or regulatory requirements; by network connection type such as 4G or … More →

The post Push Technology Diffusion 6.7 secures personalized data delivery to individual clients appeared first on Help Net Security.

Versa Networks launched 5G-native products for the wide area network (WAN) edge delivering complete SASE integration and SASE services to the network edge. Natively supporting private 5G functions, Versa enables ease of deployment and equips organizsations with QoS, network segmentation, and SASE services to meet the highest levels of compliance and privacy requirements for an optimal 5G network architecture. 5G connectivity is a requirement for many organizations because it offers extremely fast speeds, high performance … More →

The post Versa Networks offers 5G WAN Edge products to deliver SASE services to the network edge appeared first on Help Net Security.

DDN and Tintri announced the IntelliFlash N6000 series. This next-generation NVMe-based system optimizes the user experience across all workloads, eliminating IO contention and enhancing IT efficiencies with autonomous AI-driven operations. DDN and Tintri also introduced higher-capacity IntelliFlash H6000 series hybrid systems that easily scale to multiple petabytes, so customers can flexibly combine both primary and secondary storage – NVMe performance and hybrid cost-efficiency – within a single appliance. The new IntelliFlash N-Series systems and enhancements … More →

The post DDN and Tintri announces IntelliFlash N6000 series to enhance latency and throughput for file services appeared first on Help Net Security.