Security News > 2021 > June

While many business leaders are drawn to vaccine passports as a solution to bring their workforces back to the office full-time, Forrester predicts that 70% of US and European companies will pivot to a hybrid work model post-pandemic. In a hybrid model setup, at least some employees can work anywhere they want for two or more days a week while coming into the office on the remaining workdays.

Google has built an online tool that maps out all the dependencies in millions of open-source software libraries and flags up any unpatched vulnerabilities. "It then constructs a full dependency graph - transitively tracking dependencies, dependencies' dependencies, and so on - and incorporates the metadata, then publishes it so you can see how it all might affect your software. And the information it provides is continually updated."

Changes and advances in technology have prompted a revamp of the CIS Community Defense Model. The findings in v1.0 show that the CIS Controls - a prioritized and prescriptive set of Safeguards that mitigate the most common cyber-attacks against systems and networks - are effective at mitigating approximately 83% of all the ATT&CK Techniques, and more specifically 90% of the ransomware ATT&CK Techniques identified in the framework.

CloudLinux announces the release of CloudLinux OS Solo. "Our starting point was clear. Based on research results, our clients overwhelmingly want the classic CloudLinux OS with VPS and VMs, which only a few users can then utilize. One main request is a robust set of CloudLinux features on one server at affordable prices. Consequently, we found hundreds of VPSs with five or fewer websites hosted by a single client, many of which use VMs for staging and production. Some clients want a stable OS with technical support that is secure and not open-sourced."

An AWS Technology Partner, Baffle Data Protection Services enables de-identification, encryption, and masking of data in the cloud to ensure compliance with data privacy regulations and reduce the risk of data breaches and leaks. Baffle is the first and only vendor that allows customers to migrate data to the cloud, simultaneously de-identify the data, and seamlessly facilitate reporting and analytics on Amazon RDS. This comprehensive data protection capability operates with no impact on business intelligence or analyst functions.

Tigera announced that SUSE has chosen to add open source Calico container network interface plugin as an option to Rancher Kubernetes Engine 2, enabling consistent Kubernetes network policy definition and enforcement. Calico provides highly scalable, high-performance and resource-efficient Kubernetes networking and security that works across multi-cloud and hybrid environments with support for multiple data planes, such as eBPF, Linux and Windows.

The acquisition of Trueface will aid Pangiam in achieving its mission to provide a safer, faster, and more personalized travel experience for all. Trueface will add an additional capability to Pangiam's existing technologies, creating a comprehensive and seamless solution to satisfy the needs of both federal and commercial enterprises.

Riverbed announced the appointment of Nick Boyle as Vice President Sales, Asia Pacific and Japan. Reporting to Dan Smoot, Chief Operating Officer at Riverbed, Boyle will lead the strategic direction and growth of Riverbed APJ teams.

Today, the US Supreme Court restricted the scope of the federal Computer Fraud and Abuse Act after overturning the conviction of a Georgia police officer who searched a police database for money. The CFAA is a cybersecurity bill created in 1986 that prohibits unauthorized access to computer systems and networks or acts that "Exceeds authorized access." Due to the vague nature of the bill, the CFAA can be broadly interpreted to allow harmless actions such as violating a website's terms of service or violating corporate policies by using work devices to access personal accounts on social sites.

Pindrop announces the appointment of Collin Davis as its first Chief Technology Officer to continue evolving Pindrop's contact center solutions, including fraud, IVR, and authentication as well as define and envision its additional IoT offerings. Davis joins Pindrop from Amazon Web Services, where he was a general manager for Productivity Apps, leading three AWS services, including Chime, WorkMail, and WorkDocs.