June 14, 2024 at 03:45PM Apple’s announcement of its generative AI capabilities, called Apple Intelligence, emphasized data security and privacy. The system enables context-sensitive searches, email tone editing, and graphics creation locally on devices. While Apple detailed privacy and security measures, challenges with large language models and app interactions remain. Companies need to address potential … Read more
June 11, 2024 at 05:39PM Checkmarx, a leading cloud-native application security provider, has launched Checkmarx Application Security Posture Management (ASPM) and Cloud Insights to offer unparalleled visibility into organizations’ application security posture from code to cloud. These new solutions empower enterprises to reduce application and business risk and prioritize remediation efforts effectively. For more information, … Read more
June 11, 2024 at 05:24PM Backslash Security unveils new platform capabilities, including on-premises integrations, CI/CD integrations, and enhanced language support. These enhancements enable the platform to serve the entire software development lifecycle and the application security needs of large enterprises. Backslash’s reachability analysis aids in prioritizing and fixing reachable vulnerabilities, and the platform now offers … Read more
June 7, 2024 at 08:12AM AirMDR, an AI-powered autonomous managed detection and response (MDR) startup, has secured $5 million in seed funding led by Foundation Capital and Storm Ventures. The company, founded in 2023, utilizes AI to triage security events, respond to natural language questions, and offer cybersecurity capabilities to small and medium-sized businesses. The … Read more
June 4, 2024 at 08:13AM Summary: The browser security landscape has evolved, with traditional Browser Isolation now inadequate. A new report recommends a shift to Secure Browser Extensions due to the limitations of Browser Isolation, impact on productivity, and changing web-borne threats. Secure Browser Extensions offer improved performance, visibility, risk analysis, and granular enforcement, with … Read more
June 3, 2024 at 07:30AM Cato’s Cyber Threat Research Lab has released its first SASE threat report, providing a comprehensive view of enterprise and network threats based on extensive network analysis. The report covers threats across strategic, tactical, and operational standpoints and highlights insights such as the adoption of AI tools, exploitation of unpatched systems, … Read more
May 29, 2024 at 11:40AM Check Point warns of zero-day vulnerability in Network Security gateway products, exploited by threat actors. Tracked as CVE-2024-24919, it affects various products. Attackers could read certain information on Internet-connected Gateways with remote access VPN or mobile access enabled. Hotfixes are available for impacted versions. Recent attacks targeted VPN devices to … Read more
May 22, 2024 at 12:33AM Veeam Backup Enterprise Manager users are advised to update to version 12.1.2.172 due to a critical security flaw (CVE-2024-29849, CVSS 9.8) that allows unauthorized access. Three other vulnerabilities have been disclosed as well. Notably, environments without Veeam Backup Enterprise Manager are not affected. Other recent fixes include flaws in Veeam … Read more
May 21, 2024 at 06:27PM Veeam has urged customers to address a critical security vulnerability in Veeam Backup Enterprise Manager (VBEM), allowing unauthenticated attackers to access any account. VBEM, not enabled by default, may be patched to mitigate this and other high-severity vulnerabilities. These flaws have been exploited in ransomware attacks targeting global IT infrastructure. … Read more
May 20, 2024 at 06:16PM Google is leveraging a recent critical report of Microsoft’s security practices by the US Cyber Safety Review Board to promote its own Google Workspace suite. The report highlighted security failures and weaknesses in Microsoft’s Exchange Online. Google is offering a Secure Alternative Program with special pricing to attract organizations to … Read more