Security vulnerabilities stories

HackerOne has unveiled its first channel partner programme, PartnerOne, to expand global access to its human-powered cybersecurity solutions, involving key partners like GuidePoint Security and Softcat.

Revenera launches OSS Inspector for IntelliJ IDEA, helping developers identify open source software risks directly in their IDE, ensuring secure, compliant code.

Tenable unveils new features in Tenable Nessus, enhancing risk prioritisation with EPSS and CVSS v4 for improved vulnerability management and compliance.

Only 20.8% of finance professionals have stressed exit plans with suppliers, despite DORA recommendations, highlighting a key vulnerability exposed by a recent CrowdStrike outage.

GitLab unveils GitLab Duo Enterprise at USD $39 per user/month, offering AI-driven enhancements for secure, efficient software development to Ultimate customers.

Akamai’s data shows a surge in cyber threats aimed at the gaming industry in 2024, with bot activity, web attacks, and DDoS attacks reaching record highs.

Capital.com launches a public bug bounty programme on Intigriti to enhance cybersecurity. The programme invites global researchers and ethical hackers to earn rewards for identifying vulnerabilities.

Newcastle City Council has tackled major security vulnerabilities by replacing Oracle JDK 8 with Azul Platform Core, securing mission-critical Java applications.

Australian firms must enhance cyber defences by integrating technology with skilled personnel and robust processes, amid rising AI-driven threats, reports Logicalis.

Microsoft's August Patch Tuesday fixes 88 vulnerabilities, with evidence of in-the-wild exploitation and public disclosure for 10 of them.

Security experts underscore the importance of immediate remediation for vulnerabilities to mitigate risks and protect organisational assets.

Directed Technologies acquires Sofihub to bolster fleet safety solutions and expand into assisted living tech, enhancing services for fleet managers and vulnerable users.

Tenable releases new Vulnerability Intelligence and Exposure Response tools to aid IT and cloud environments in prioritising and addressing critical security threats.

Elastic Security Labs unveils critical flaws in Microsoft's Smart App Control and SmartScreen, exposing vulnerabilities that allow attackers to bypass security protocols with minimal user interaction.

SentinelOne unveils advanced generative AI features for its Singularity Platform, enhancing threat prevention and response, with innovations like the AI-powered Purple AI analyst.

Almost 40% of systems tested by Picus Security are vulnerable to complete takeover, with macOS being notably weaker in stopping cyber-attacks.

Armis achieves Protected classification through IRAP assessment, bolstering cybersecurity offerings for Australian public sector entities amidst rising foreign threats.

AttackIQ launches Mission Control, enhancing Enterprise Breach and Attack Simulation for distributed teams. The new feature aims to streamline security testing and improve ROI.

ShinyHunters claimed responsibility for compromising 33 million Twilio users' phone numbers via the Authy 2FA app, sparking major security concerns.

Microsoft's July 2024 Patch Tuesday reveals 139 vulnerabilities, including two zero-days under active exploitation: Hyper-V's EoP and MSHTML Spoofing.