Security News

The SolarWinds security breach disclosed last month, which US authorities believe was of Russian origin and led to the compromise of at least 18,000 organizations, may have been enabled in part by software from JetBrains. One of these, build management and continuous integration system TeamCity, is used by SolarWinds as part of its application build process.

Chris DeRamus: Providing a platform that secures cloud data through automation has resulted in companies becoming enablers of the cloud. Chris DeRamus: Cloud operations will improve and become more secure once automation is implemented early on in the cloud development lifecycle, significantly decreasing the potential for human error.

Without proper planning, organizations adopting security automation tools can fall victim to common missteps that quickly lead to less efficiency and a weaker security posture. Start by examining the processes and procedures your organization's security team already has in place and identify the tasks that consume the majority of team member's time.

Vulnerabilities discovered by researchers in Rockwell Automation's FactoryTalk Linx product can allow attackers to compromise engineering workstations in industrial environments. FactoryTalk Linx, formerly known as RSLinx Enterprise, is a widely used product designed for connecting Allen Bradley programmable logic controllers to Rockwell applications, including for programming, data acquisition and HMI interaction.

Automation will play a major role in shaping cybersecurity attack and defence activities in 2021, WatchGuard predicts. Traditionally a high-investment, high-return targeted attack, in 2021 automation tools will replace manual techniques to help cybercriminals launch spear phishing campaigns at record volumes, by harvesting victim-specific data from social media sites and company web pages.

Rockwell Automation announced the release of new industrial PCs and software to markedly improve the reliability and security of visualization applications. The new industrial Allen-Bradley VersaView 6300 PCs and thin clients combine with FactoryTalk View human-machine interface software and ThinManager thin-client management software to create a complete visualization system.

A critical vulnerability uncovered in Real-Time Automation's 499ES EtherNet/IP stack could open up the industrial control systems to remote attacks by adversaries. RTA's ENIP stack is one of the widely used industrial automation devices and is billed as the "Standard for factory floor I/O applications in North America."

Flashpoint already produces the industry's highest-quality threat intelligence from online illicit communities. By integrating CRFT's no-code security automation into Flashpoint's product suite, the company is now positioned to empower Cyber Threat Intelligence, Fraud, and Security teams to take rapid, automated action from inbound intelligence and event-based alerts.

SaltStack has officially revealed three bugs in its code - two of them seemingly critical - and told users: "We strongly recommend that you prioritize this update." But the biz appears to have known about the bugs for months and quietly patched them over the summer. SaltStack offers open-source, Python-based automation tools.

CyberSaint announced new updates to the CyberStrong platform allowing customers to drastically reduce manual intervention previously necessary to assess, manage, and communicate cyber and IT compliance and risk posture. CyberStrong is purpose-built for enterprises looking to transform their cyber risk management programs through automation in the wake of extensive digital transformation initiatives.