Security News

Cybersecurity researchers on Thursday disclosed as many as ten critical vulnerabilities impacting CODESYS automation software that could be exploited to achieve remote code execution on programmable logic controllers. The Russian cybersecurity firm noted that it detected the vulnerabilities on a PLC offered by WAGO, which, among other automation technology companies such as Beckhoff, Kontron, Moeller, Festo, Mitsubishi, and HollySys, use CODESYS software for programming and configuring the controllers.

Researchers have identified 10 vulnerabilities in CODESYS automation software for industrial control systems. "The vendor rated some of these vulnerabilities as 10 out of 10, or extremely dangerous. Their exploitation can lead to remote command execution on PLC, which may disrupt technological processes and cause industrial accidents and economic losses," said Vladimir Nazarov, Head of ICS Security at Positive Technologies.

Opengear unveiled Lighthouse Enterprise: Automation Edition, out-of-band management software solution to include automation capabilities and secure provisioning. Part of a robust, new tier of product offerings, the Lighthouse Enterprise platform has evolved to give enterprise users full visibility and future-proof management capabilities across entire networks.

Security teams need to monitor IT asset health from a cybersecurity perspective by detecting security tool blind spots and responding to exposures quickly. "As an organization focused on Security Operations, we believe that 'you can't protect what you don't understand,' with understand being the key word. Hence, asset management in the security operations context isn't just 'seeing' an asset; it is having the right 'risk' context of each and every software, hardware and IoT asset at our fingertips," said Jatinder Pal Singh, director of security operations at Informatica.

Shujinko announced the availability of free automation software to help auditors and their clients streamline SOC 2 audit preparation and readiness. This free solution includes the full capabilities of AuditX for SOC 2, automating evidence collection, mapping and crosswalking, while dramatically streamlining audit workflow and collaboration for compliance certification.

Automation can't be just about running the process, but must include three important stages. New product categories have emerged to tackle the automation challenge, including Security Orchestration, Automation and Response platforms and tools and Extended Detection and Response solutions.

Trend Micro launched a new, co-built SaaS solution with Snyk. Trend Micro Cloud One - Open Source Security by Snyk is the newest Cloud One service and the first partner addition to the platform, which is available through the channel as well as AWS Marketplace.

The webinar explores automation as it exists today in the cybersecurity industry. The question isn't what we can automate today, but what could we automate tomorrow?

The study also found that this increased spending comes after a year in which 48% of IT decision makers already accelerated their automation projects as a result of the disruption caused by the COVID-19 pandemic. The research, which was conducted across the US and UK, found that cost savings were the primary driver behind new automation initiatives, according to 63% of ITDMs. However, other benefits were cited, with 60% employing automation to increase customer engagement and satisfaction, and 59% using automation to drive employee productivity.

1Password launched Secrets Automation, a new way to easily secure, manage and orchestrate the rapidly expanding infrastructure secrets required in a modern enterprise. In addition to the new product launch, 1Password also completed the acquisition of SecretHub, a secrets management company that protects nearly 5 million enterprise secrets a month.