Spring4Shell: No need to panic, but mitigations are advised
Security teams around the world got another shock on Thursday when news of disclosure of a PoC for an unauthenticated RCE zero-day vulnerability in Spring Core, a massively …
Rapid7 introduces cloud workload protection in InsightCloudSec
Rapid7 announced new cloud workload protection capabilities for InsightCloudSec, the company’s fully-integrated cloud-native security platform (CNSP). These enhancements, …
It’s time to patch your SonicWall SMA 100 series appliances again!
SonicWall has fixed a handful of vulnerabilities affecting its SMA 100 series appliances and is urging organizations to implement the patches as soon as possible. Although …
Lightspin adds four executive members to its Advisory Board and Board of Directors
Lightspin announced the addition of four strategic executive members to its advisory board and board of directors: Guarav Kumar, Srinath Kuruvadi, Steve Pugh, and Ron Zoran. …
deepwatch appoints two cybersecurity industry executives to Board of Advisors
deepwatch announced the appointment of two prominent cybersecurity industry executives to its newly formed board of advisors, which will provide support and guidance for …
Plug critical VMware vCenter Server flaw before ransomware gangs start exploiting it (CVE-2021-22005)
VMware has fixed 19 vulnerabilities affecting VMware vCenter Server and VMware Cloud Foundation, the most critical of which is CVE-2021-22005. “This vulnerability can be …
Vulnerabilities allow attackers to remotely deactivate home security system (CVE-2021-39276, CVE-2021-39277)
A DiY home security system sold to families and businesses across the US sports two vulnerabilities (CVE-2021-39276, CVE-2021-39277) that, while not critical, “are …
Unpatched Fortinet FortiWeb vulnerability allows remote OS command injection
An unpatched vulnerability in the management interface for FortiWeb, Fortinet’s web application firewall, could allow a remote, authenticated attacker to execute …
Code42 partners with Rapid7 to help security teams prioritize risks and strengthen compliance
Code42 announced it has integrated the Code42 Incydr product with Rapid7 InsightIDR. Security teams using InsightIDR with the Code42 Incydr integration will have the ability …
Rapid7 acquires IntSights to enhance its XDR offering
Rapid7 announced it has acquired IntSights Cyber Intelligence Ltd., a leader in contextualized external threat intelligence and proactive threat remediation. Under the terms …
Illumio Core advancements help protect key assets from cyberattacks and ransomware
Illumio announced new innovations in Illumio Core which automate, accelerate, and simplify the path to a zero trust posture. Cyberattacks and ransomware are most successful …
IBM provides Kestrel, a threat hunting tool, to Open Cybersecurity Alliance
Open Cybersecurity Alliance (OCA) announced it has accepted IBM’s contribution of Kestrel, an open-source programming language for threat hunting that is used by Security …