Security News > 2024 > June > Week in review: CDK Global cyberattack, critical vCenter Server RCE fixed
The rise of SaaS security teamsIn this Help Net Security interview, Hillary Baron, Senior Technical Director for Research at CSA, highlights that the recent surge in organizations establishing dedicated SaaS security teams is driven by significant data breaches involving widely used platforms.
Enhancing security through collaboration with the open-source communityIn this Help Net Security interview, Alan DeKok, CEO at NetworkRADIUS, discusses the need for due diligence in selecting and maintaining open-source tools, and brings out the potential risks and benefits of collaborating with the open-source community to enhance software security.
SELKS: Open-source Suricata IDS/IPS, network security monitoring, threat huntingSELKS is a free, open-source, turnkey solution for Suricata-based network intrusion detection and protection, network security monitoring, and threat hunting.
Critical RCE flaws in vCenter Server fixedVMware by Broadcom has fixed two critical vulnerabilities affecting VMware vCenter Server and products that contain it: vSphere and Cloud Foundation.
US bans Kaspersky antivirus software due to national security risksThe US Department of Commerce has announced an upcoming US-wide ban of cybersecurity and antivirus software by Kaspersky, as its "Ability to gather valuable US business information, including intellectual property, and to gather US persons' sensitive data for malicious use by the Russian Government pose an undue or unacceptable national security risk."
Improving OT cybersecurity remains a work in progressOrganizations have made progress in the past 12 months related to advancing their OT security posture, but there are still critical areas for improvement as IT and OT network environments continue to converge, according to Fortinet.
News URL
Related news
- Broadcom fixes critical RCE bug in VMware vCenter Server (source)
- Critical VMware vCenter Server bugs fixed (CVE-2024-38812) (source)
- Week in review: Critical VMware vCenter Server bugs fixed, Apple releases iOS 18 (source)
- Critical Apache OFBiz pre-auth RCE flaw fixed, update ASAP! (CVE-2024-38856) (source)
- Critical Progress WhatsUp RCE flaw now under active exploitation (source)
- Cisco warns of critical RCE zero-days in end of life IP phones (source)
- SolarWinds fixes critical RCE bug affecting all Web Help Desk versions (source)
- Critical RCE bug in SolarWinds Web Help Desk fixed (CVE-2024-28986) (source)
- CISA warns critical SolarWinds RCE bug is exploited in attacks (source)
- GitHub Enterprise Server vulnerable to critical auth bypass flaw (source)