August 2024
Another critical SolarWinds Web Help Desk bug fixed (CVE-2024-28987)
A week after SolarWinds released a fix for a critical code-injection-to-RCE vulnerability (CVE-2024-28986) in Web Help Desk (WHD), another patch for another critical flaw …
Drawbridge expands cyber risk assessment service
Drawbridge released its next generation cyber risk assessment service. Provided as a suite of modules, the solution combines a set of analytics with Drawbridge’s client …
Vulnerability prioritization is only the beginning
To date, most technology solutions focused on vulnerability management have focused on the prioritization of risks. That usually took the shape of some risk-ranking structure …
Fraud tactics and the growing prevalence of AI scams
In the first six months of 2024, Hiya flagged nearly 20 billion calls as suspected spam – more than 107 million spam calls everyday. The data showed spam flag rates of more …
The changing dynamics of ransomware as law enforcement strikes
After peaking in late 2023, the ransomware industry is beginning to stabilize in productivity, with notable developments in ransomware targets, and industry dynamics, …
New infosec products of the week: August 23, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Entrust, Fortanix, McAfee, Own, RightCrowd, and Wallarm. Own proactively detects and …
QNAP releases QTS 5.2 to prevent data loss from ransomware threats
QNAP has released the QTS 5.2 NAS operating system. A standout feature of this release is the debut of Security Center, which actively monitors file activities and thwarts …
Enzoic for Active Directory enhancements help teams identify and remediate unsafe credentials
Enzoic released the latest version of Enzoic for Active Directory. The solution provides a frictionless way to continuously monitor, identify and remediate unsafe credentials …
Anomali announces expanded capabilities for Copilot
Anomali announced new capabilities for Anomali Copilot to help security, and now also IT departments, use the latest innovations in AI to successfully defend, protect, and …
Prism Infosec PULSE bridges the gap between penetration testing and red teaming
Prism Infosec launched its innovative PULSE testing service to enable organizations which may not have the bandwidth or resource to dedicate to a full-scale red team exercise …
Critical GitHub Enterprise Server auth bypass flaw fixed (CVE-2024-6800)
A critical vulnerability (CVE-2024-6800) affecting all currently supported versions of GitHub Enterprise Server (GHES) may allow attackers to gain unrestricted access to the …
Wallarm API Attack Surface Management mitigates API leaks
Wallarm announced its latest innovation: API Attack Surface Management (AASM). This agentless technology transforms how organizations identify, analyze, and secure their …
Featured news
Resources
Don't miss
- 7-Zip vulnerability is being actively exploited, NHS England warns (CVE-2025-11001)
- Exam prep hacked: Study tips and tricks that really work
- Stealth-patched FortiWeb vulnerability under active exploitation (CVE-2025-58034)
- Threat group reroutes software updates through hacked network gear
- The long conversations that reveal how scammers work