Security News > 2023 > July > Week in review: Ivanti zero-day exploited, MikroTik vulnerability could compromise 900,000 routers
Key factors for effective security automationIn this Help Net Security interview, Oliver Rochford, Chief Futurist at Tenzir, discusses how automation can be strategically integrated with human expertise, the challenges in ensuring data integrity, and the considerations when automating advanced tasks.
MikroTik vulnerability could be used to hijack 900,000 routersA privilege escalation vulnerability could allow attackers to commandeer up to 900,000 MikroTik routers, says VulnCheck researcher Jacob Baines.
Ivanti zero-day exploited to target Norwegian governmentA zero-day vulnerability affecting Ivanti Endpoint Manager Mobile has been exploited to carry out an attack that affected 12 Norwegian ministries, the Norwegian National Security Authority has confirmed on Tuesday.
Apple fixes exploited zero-day in all of its OSesApple has patched an exploited zero-day kernel vulnerability in iOS, iPadOS, macOS, watchOS and tvOS. US companies commit to safe, transparent AI developmentSeven US artificial intelligence giants - Amazon, Anthropic, Google, Inflection, Meta, Microsoft, and OpenAI - have publicly committed to "Help move toward safe, secure, and transparent development of AI technology."
Enterprises should layer-up security to avoid legal repercussionsThe role of CISO these days requires a strong moral compass: You have to be the one speaking up for the protection of customer data and be ready to handle uncomfortable situations such as pressure to downplay an actual breach.
Converging networking and security with SASEIn this Help Net Security video, Omri Guelfand, VP of Product Management and SASE/Networking as a Service at Cisco Meraki, discusses converging networking and security with SASE. SEC adopts new cybersecurity incident disclosure rules for companiesThe Securities and Exchange Commission today adopted rules requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy, and governance.
News URL
Related news
- Ivanti fixes RCE vulnerability reported by NATO cybersecurity researchers (CVE-2023-41724) (source)
- Ivanti Releases Urgent Fix for Critical Sentry RCE Vulnerability (source)
- Week in review: Ivanti fixes RCE vulnerability, Nissan breach affects 100,000 individuals (source)
- AI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022) (source)
- Ivanti fixes VPN gateway vulnerability allowing RCE, DoS attacks (source)
- Ivanti commits to secure-by-design overhaul after vulnerability nightmare (source)
- MITRE says state hackers breached its network via Ivanti zero-days (source)
- MITRE breached by nation-state threat actor via Ivanti zero-days (source)