Security News > 2020 > January

Apstra, the leader in Intent-Based Networking for the data center announces the latest product release, Apstra AOS 3.2, to empower IT with increased control and flexibility of their data center network operations without increasing budget or adding resources. Apstra AOS 3.2 enables IT to recover quickly from mishaps caused by humans or machines by enabling network engineers to recover their entire data center fabric state, configuration, and real time continuous validation to a specific point in time; backward or forward with a few simple clicks.

Cybersecurity researchers have discovered a new critical vulnerability in the OpenSMTPD email server that could allow remote attackers to take complete control over BSD and many Linux based servers. OpenSMTPD is an open-source implementation of the server-side SMTP protocol that was initially developed as part of the OpenBSD project but now comes pre-installed on many UNIX-based systems.

ControlUp, a technology company at the forefront of self-driven IT management and monitoring solutions, has announced the general availability of ControlUp v8.1. ControlUp v8.1 delivers native integration with VMware Horizon and enhanced scalability, enabling end user computing admins to seamlessly manage Horizon environments and control enterprise-scale implementations from the ControlUp console.

Tripwire, a leading global provider of security and compliance solutions for enterprises and industrial organizations has announced a technology partnership with power management company Eaton. With this partnership, Tripwire and Eaton are making it easier and faster for U.S. utilities to comply with evolving cybersecurity requirements, including North American Electric Reliability Corporation critical infrastructure protection.

New investor Inner Loop Capital also participated in the round, joining existing investors Costanoa Ventures, Silicon Valley Data Capital, and Twilio's COO George Hu. AppOmni, which has secured a total of $13 million in financing to date, will use the funding to accelerate sales and marketing operations, and bolster the startup's product development teams at both their corporate headquarters in San Francisco and their Innovation Center in Carbondale, Colo. With increasing adoption of SaaS, more and more burden falls on the enterprise to secure sensitive data. Rather than identifying data breaches as they occur, AppOmni enables organizations to quickly identify and remediate risky configurations, improper access controls, and data exposures.

The United Nations' European headquarters in Geneva and Vienna were hacked last summer, putting thousands of staff records at miscreants' fingertips. Despite the size and extent of the hack, the UN decided to keep it secret.

Apple's latest security fixes, released Tuesday, tackle a wide range of bugs, including several patches for high-risk flaws that could allow for remote code execution. The fixes address vulnerabilities in Apple's Xcode, watchOS, Safari, iTunes for Windows, iOS, iPadOS, macOS and tvOS. The most severe of the bugs include four RCE flaws in Apple TV's operating system, tvOS - each rated high-severity.

The hacking incidents, which took place at three United Nations' offices in Vienna and Geneva sometime around July 2019, appear to have compromised at least 40 servers as well as several domains, according to the Wednesday New Humanitarian report, which is based on confidential UN report it obtained. While some United Nations' officials knew about the hacking, most were kept in the dark for months until this week's news reports, the news agency says.

A federal court has invalidated certain HITECH Act provisions and Department of Health and Human Services guidance related to patient requests for copies of their health records, creating new requirements for compliance officers and others to follow. "We already are having a substantial debate about the overall and potential inconsistencies between the HIPAA right to access and interoperability/information blocking rules - and a potential tension between the patient access right and appropriate protections of the data," he notes.

The latest version of the BitWarden Android client supports facial recognition. BitWarden is an outstanding password manager that includes all the bells and whistles you've come to expect from such a tool.