Security News

SafeGuard Cyber announced the addition of two cybersecurity industry leaders to its management team. Karen Kukoda and Robert Freeman have joined the company to manage SafeGuard Cyber's partner program and global sales, respectively, and to manage increased demand for the company's comprehensive security solution for collaboration, mobile chat, and social media applications.

A dozen vulnerabilities have been found in OpenClinic GA, a popular open source hospital management system, including flaws that can be exploited to access sensitive information or install malware on the hosting server. OpenClinic GA is described as an "Integrated hospital information management system covering management of administrative, financial, clinical, lab, x-ray, pharmacy, meals distribution and other data." The product is used worldwide and it has been downloaded nearly 120,000 times from SourceForge.

Nutanix announced new solutions that will allow IT teams to deploy, upgrade and troubleshoot their cloud infrastructure while working from anywhere - whether at home or from a central office location. These solutions will be delivered via Nutanix Foundation Central, Insights and Lifecycle Manager - all of which will be available as part of Nutanix HCI software at no additional cost to customers.

Apple has acquired Fleetsmith, a San Francisco-based company that specializes in solutions designed to help organizations manage the Apple devices used by their employees. Fleetsmith's enterprise device management solution automates setup, patching, intelligence and security for Macs, iPhones, iPads and Apple TV devices.

Alfresco Software, an open source, content services provider announced the availability of Alfresco Claims Management as a Service offering, which enables insurance companies to access content faster and modernize their claims processes. "As clients consider a move away from legacy, on-premises solutions, there is a need for a solution that can enable remote, secure and efficient claims management in the cloud."

ServiceNow announced it has signed an agreement to acquire Sweagle, a Belgium-based configuration data management company. The transaction will extend ServiceNow's DevOps and IT Operations Management capabilities, giving customers the ability to leverage machine learning to identify and help prevent potential misconfigurations from causing outages in production and speeding up remediation.

"There are more than 900 global privacy laws to which organizations must adhere, making privacy management an ongoing and dynamic challenge," said Chris Babel, CEO, TrustArc. Though 90% of respondents agree or strongly agree that they are "Mindful of privacy as a business," many privacy professionals are left building privacy programs without automation.

To explain: SSRF is a way that someone with possibly very limited access to your network can send a legitimate looking query to one of your servers. If you can trick the vulnerable server into calling outside its own network by sending it an otherwise legimitate request, you may be able to capture server data such as secret authentication tokens or special HTTP headers that are usually only visible if you are already inside the network.

A high-severity vulnerability patched recently by IBM in its Maximo asset management solution makes it easier for hackers to move around in enterprise networks, cybersecurity firm Positive Technologies warned on Thursday. The security hole, tracked as CVE-2020-4529, has been described as a server-side request forgery issue that allows an authenticated attacker to send unauthorized requests from a system, which IBM says can facilitate other attacks.

Ricoh announced major enhancements to its RICOH Smart Integration platform, a part of its RICOH Cloud Workflow Solutions portfolio. RICOH Smart Integration technology is available in a scalable, modular subscription model, from both direct and Ricoh Family Group dealer channels, to fit the evolving digital productivity requirements of any organization.