Security News

British infosec firm NCC Group has been rapped over the knuckles after infosec accreditation body CREST found it was "Vicariously responsible" for employees who helped staff cheat certification exams. "On two occasions between 2012 and 2014, the examination-related activities of one of more NCC Group employees and candidates breached the CREST Code of Conduct and NCC Group was, as their employer, vicariously responsible for those individuals at the time," said CREST. The certification body added that NCC Group's actions also breached its non-disclosure agreements, signed by exam candidates to confirm they won't reveal the exams' contents to anyone.

Here's a look at the most interesting product releases from the past week, featuring releases from ARMO, Palo Alto Networks, Guardicore, Radiflow and Ermetic. Palo Alto Networks Cortex XDR 3.0 automates threat detection and investigation across cloud environments.

The FireEye XDR platform provides native security protections for endpoint, network, email, and cloud with a focus on improving organizations' capabilities for controlling incidents from detection to response. SailPoint Workflows enables customers to automate security tasks with no coding required.

China has drafted new rules required of its autonomous and networked vehicle builders. Data security is front and centre in the rules, with manufacturers required to store data generated by cars - and describing their drivers - within China.

NETGEAR Armor offers enhanced security and threat detection for the smart connected home. Unlike traditional endpoint antivirus products, NETGEAR Armor is built into the router to monitor activity going to and from the internet, protecting the devices on your network and eliminating the need and cost for multiple security subscriptions or software.

Here's a look at the most interesting product releases from the past week, featuring releases from McAfee, AppOmni, Satori, SentinelOne, and Optiv Security. The AppOmni SaaS Security Management platform, which offers a full suite of SaaS security posture, protection, and monitoring capabilities, covers the most widely adopted and business-critical SaaS applications on the market including Salesforce, ServiceNow, Microsoft 365, Microsoft Teams, GitHub, Workday, Box, Slack, and Zoom.

SolarWinds is urging a US federal judge to throw out a lawsuit brought against it by aggrieved shareholders who say they were misled about its security posture in advance of the infamous Russian attack on the business. Financial newswire Reuters reported that the suit was originally filed over allegations that former SolarWinds chief exec Kevin Thompson cut cybersecurity efforts in the hope of driving greater dividends into the pockets of major investors, Silver Lake and Thoma Bravo, who each reportedly held around 40 per cent of SolarWinds' stocks at the time.

Here's a look at the most interesting product releases from the past week, featuring releases from Ivanti, Stellar Cyber, SpecterOps, Aqua Security, Infinipoint, Acronis, and Neustar. Stellar Cyber announced a major leap to boost security analyst efficiency to identify attacks earlier.

Western cybersecurity agencies have published a list of 30 of the most exploited vulnerabilities abused by hostile foreign states in 2020, urging infosec bods to ensure their networks and deployments are fully patched against them. Number one on the US, UK, and Australia's jointly published [PDF] list was the well-known Citrix arbitrary code execution vuln in Application Delivery Controller, aka Netscaler load-balancer.

The Biden administration has issued a National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems to address what it describes as a "Woefully insufficient" security posture. "The Memorandum was accompanied by transcripts of remarks made by a"Senior administration official" who said the edicts are needed because "We have a patchwork of sector-specific statutes that have been adopted piecemeal, typically in response to discrete security threats in particular sectors that gained public attention.