Security News

Security researchers found vulnerabilities in the Wodify fitness platform that allows an attacker to view and modify user workouts from any of the more than 5,000 gyms that use the solution worldwide. In a report published today, researchers at cybersecurity company Bishop Fox disclosed a set of vulnerabilities in the Wodify platform that could affect not only users' workouts and personal information but also the financials of a gym.

Intrigue's attack surface management technology will be integrated into the Mandiant Advantage platform, enabling organizations to discover, monitor, and manage risk across their entire attack surface. By offering Intrigue's technology through the Mandiant Advantage platform, customers will be able to address critical gaps in their security programs by leveraging the latest attack surface management capabilities in an easy-to-use software-as-a-service platform.

FireEye's Mandiant unit announced on Tuesday that it has acquired Intrigue, a provider of attack surface management technology for enterprises. According to FireEye, Intrigue's technology will be integrated into the Mandiant Advantage platform, and help customers discover, monitor, and manage risk across their attack surface.

Unbound Security announced its partnership with WaveStrong, a provider of cloud information security consulting services for enterprises, and a specialty in servicing the government and education sector that provides security solutions to its growing roster of clients. "We pride ourselves on our best-of-breed security solutions," said Harpreet S. Walia, president and chief executive officer at WaveStrong "Key security is now a hugely significant part of any organization's overall protection and by partnering with Unbound Security we can deliver the highest level of safety possible to our clients without any compromise of efficiency or business-as-usual. The Unbound CORE platform is unique in many ways, offering all the major advances of patented MPC technology from the market-leader."

Elastic announces new capabilities and updates to the Elastic Stack and Elastic Cloud to make data onboarding and management faster, simpler, and more secure. The general availability of Elastic Agent, centrally managed by Fleet, enables users and customers to integrate data across multiple data sources while also providing endpoint security.

Identity-as-a-service slinger Okta has poached Google veep of engineering Sagnik Nandy to become its president and chief tech officer. Nandy will run his new employer's engineering and business technology functions, including the planning of product development activities.

CDW announced that it has acquired Focal Point Data Risk, a provider of cybersecurity services with customers across a diverse set of industries. "Helping our customers leverage technology to protect their most critical data is core to our mission," said Christine A. Leahy, president and chief executive officer, CDW. "Adding Focal Point's array of security consulting, customer workforce skills development and professional services capabilities expands CDW's services portfolio and enhances our ability to address risks posed by malicious cyber threats and cyber workforce shortages, while helping customers successfully navigate shifting data protection laws."

While this digital shift is widely talked about, one of the often-overlooked repercussions of such rapid transformation is the need for a new approach to asset visibility. This lack of visibility is a major security risk and must be addressed by a renewed approach to asset management.

Nearly two-thirds of network managers, network architects, and network engineers said their organizations have hired dedicated network automation engineers to transition to network operations. NetOps 2.0, the current iteration, embeds a growing amount of automation, virtualisation, and orchestration to improve the speed and accessibility of networking operations.

TechRepublic's Karen Roby interviews Brandon Vigliarolo about how the ransomware risk management calculus is changing for OT, ICS and critical infrastructure.