Security News

LaSalle Solutions is launching LAMP 5.0, the latest version of the industry benchmark technology information management platform. By leveraging public cloud technologies including containers and Kubernetes orchestration, LAMP 5.0 delivers more accurate information directly from the cloud, with superior process and deeper automation, more scalable search and security optimized for an evolving world of mobile workforces and new privacy laws.

The SolarWinds security breach disclosed last month, which US authorities believe was of Russian origin and led to the compromise of at least 18,000 organizations, may have been enabled in part by software from JetBrains. One of these, build management and continuous integration system TeamCity, is used by SolarWinds as part of its application build process.

Chris DeRamus: Providing a platform that secures cloud data through automation has resulted in companies becoming enablers of the cloud. Chris DeRamus: Cloud operations will improve and become more secure once automation is implemented early on in the cloud development lifecycle, significantly decreasing the potential for human error.

Without proper planning, organizations adopting security automation tools can fall victim to common missteps that quickly lead to less efficiency and a weaker security posture. Start by examining the processes and procedures your organization's security team already has in place and identify the tasks that consume the majority of team member's time.

Vulnerabilities discovered by researchers in Rockwell Automation's FactoryTalk Linx product can allow attackers to compromise engineering workstations in industrial environments. FactoryTalk Linx, formerly known as RSLinx Enterprise, is a widely used product designed for connecting Allen Bradley programmable logic controllers to Rockwell applications, including for programming, data acquisition and HMI interaction.

Automation will play a major role in shaping cybersecurity attack and defence activities in 2021, WatchGuard predicts. Traditionally a high-investment, high-return targeted attack, in 2021 automation tools will replace manual techniques to help cybercriminals launch spear phishing campaigns at record volumes, by harvesting victim-specific data from social media sites and company web pages.

Rockwell Automation announced the release of new industrial PCs and software to markedly improve the reliability and security of visualization applications. The new industrial Allen-Bradley VersaView 6300 PCs and thin clients combine with FactoryTalk View human-machine interface software and ThinManager thin-client management software to create a complete visualization system.

A critical vulnerability uncovered in Real-Time Automation's 499ES EtherNet/IP stack could open up the industrial control systems to remote attacks by adversaries. RTA's ENIP stack is one of the widely used industrial automation devices and is billed as the "Standard for factory floor I/O applications in North America."

Flashpoint already produces the industry's highest-quality threat intelligence from online illicit communities. By integrating CRFT's no-code security automation into Flashpoint's product suite, the company is now positioned to empower Cyber Threat Intelligence, Fraud, and Security teams to take rapid, automated action from inbound intelligence and event-based alerts.

SaltStack has officially revealed three bugs in its code - two of them seemingly critical - and told users: "We strongly recommend that you prioritize this update." But the biz appears to have known about the bugs for months and quietly patched them over the summer. SaltStack offers open-source, Python-based automation tools.