New infosec products of the week: October 4, 2024 - Help Net Security

It also makes it possible to create effective security controls that keep a business’ most sensitive data safe from becoming a data security risk (e.g. revoking public access to files marked ‘confidential’). The Legit Posture Score sets a new, universal, and fully transparent application security scoring standard for security teams to measure, operationalize, and accelerate AppSec maturity throughout the SDLC. Using AI, Balbix D3 enables security and IT teams to take immediate (and automated) action based on insights surfaced by Balbix’s risk assessment engine. Now with the new Legit Posture Score, no longer are AppSec teams stuck piecing together slices of visibility from disparate security scanners and veiled, proprietary scores. Here’s a look at the most interesting products from the past week, featuring releases from Balbix, Halcyon, Metomic, Red Sift, SAFE Security, Veeam Software, and Legit Security. SAFE X delivers CISOs real-time business impact insights into their cybersecurity posture, enabling better decision-making and risk prioritization. Halcyon Linux monitors and detects ransomware-specific behaviors such as unauthorized access, lateral movement, or modification of critical files in real-time, providing instant alerts with critical context. With Metomic’s Data Classification solution, organizations can automate complex data workflows and implement “data rules” that ensure files are labeled appropriately within Google. Powered by AI, it delivers instant answers on an organization’s cyber risk posture and offers personalized risk mitigation recommendations. By regular scans, the Recon Scanner recognizes suspicious activity and adversary tactics, techniques, and procedures (TTPs), enabling organizations to take defensive and mitigation actions in advance. By translating investigations into clear, natural language conversations, Radar empowers both technical and non-technical users to troubleshoot effectively, allowing teams to upskill quickly without extensive training. As part of Veeam Data Platform Premium, Recon Scanner offers customers the ability to identify threats before they can cause damage. This allows teams to resolve critical risks before they can be exploited, shifting from traditional, reactive vulnerability management to continuous and proactive exposure management.

This Cyber News was published on www.helpnetsecurity.com. Publication date: Fri, 04 Oct 2024 03:13:06 +0000


Cyber News related to New infosec products of the week: October 4, 2024 - Help Net Security

CVE-2024-26633 - In the Linux kernel, the following vulnerability has been resolved: ...
1 year ago
CVE-2025-21707 - In the Linux kernel, the following vulnerability has been resolved: ...
1 month ago
CVE-2024-36886 - In the Linux kernel, the following vulnerability has been resolved: ...
9 months ago
CVE-2024-26857 - In the Linux kernel, the following vulnerability has been resolved: ...
11 months ago
CVE-2024-35893 - In the Linux kernel, the following vulnerability has been resolved: ...
9 months ago
CVE-2024-58071 - In the Linux kernel, the following vulnerability has been resolved: ...
1 month ago
CVE-2024-47685 - In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() syzbot reported that nf_reject_ip6_tcphdr_put() was possibly sending garbage on the four reserved tcp bits (th->res1) Use ...
5 months ago Tenable.com
CVE-2024-42106 - In the Linux kernel, the following vulnerability has been resolved: ...
3 months ago
CVE-2025-21959 - In the Linux kernel, the following vulnerability has been resolved: ...
1 week ago
CVE-2024-50083 - In the Linux kernel, the following vulnerability has been resolved: tcp: fix mptcp DSS corruption due to large pmtu xmit Syzkaller was able to trigger a DSS corruption: TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending ...
5 months ago Tenable.com
CVE-2024-26781 - In the Linux kernel, the following vulnerability has been resolved: mptcp: fix possible deadlock in subflow diag Syzbot and Eric reported a lockdep splat in the subflow diag: WARNING: possible circular locking dependency detected ...
1 year ago Tenable.com
CVE-2023-52784 - In the Linux kernel, the following vulnerability has been resolved: bonding: stop the device in bond_setup_by_slave() Commit 9eed321cde22 ("net: lapbether: only support ethernet devices") has been able to keep syzbot away from net/lapb, until today. ...
10 months ago Tenable.com
Week in review: Terrapin SSH attack, Mr. Cooper breach - Creating a formula for effective vulnerability prioritizationIn this Help Net Security interview, Michael Gorelik, CTO and Head of Malware Research at Morphisec, provides insights into the business impact of vulnerabilities. EMBA: Open-source ...
1 year ago Helpnetsecurity.com
CVE-2024-57802 - In the Linux kernel, the following vulnerability has been resolved: netrom: check buffer length before accessing it Syzkaller reports an uninit value read from ax25cmp when sending raw message through ieee802154 implementation. ...
2 months ago Tenable.com
CVE-2025-21858 - In the Linux kernel, the following vulnerability has been resolved: ...
4 weeks ago
Week in review: PoC for Splunk Enterprise RCE flaw released, scope of Okta breach widens - Vulnerability disclosure: Legal risks and ethical considerations for researchersIn this Help Net Security interview, Eddie Zhang, Principal Consultant at Project Black, explores the complex and often controversial world of vulnerability disclosure in ...
1 year ago Helpnetsecurity.com
Week in review: 15 million Trello users' scraped data on sale, attackers can steal NTLM hashes - The reality of hacking threats in connected car systemsIn this Help Net Security interview, Ivan Reedman, Director of Secure Engineering at IOActive, discusses how manufacturers, government regulations, and consumers are adapting to these new ...
1 year ago Helpnetsecurity.com Cozy Bear
CVE-2024-50035 - In the Linux kernel, the following vulnerability has been resolved: ppp: fix ppp_async_encode() illegal access syzbot reported an issue in ppp_async_encode() [1] In this case, pppoe_sendmsg() is called with a zero size. Then ppp_async_encode() is ...
5 months ago Tenable.com
Week in review: GitLab account takeover flaw, attackers exploiting Ivanti Connect Secure zero-days - Social engineer reveals effective tricks for real-world intrusionsIn this Help Net Security interview, Jayson E. Street, Chief Adversarial Officer at Secure Yeti, discusses intriguing aspects of social engineering and unconventional methods for ...
1 year ago Helpnetsecurity.com CVE-2024-20700 Akira
CVE-2025-21716 - In the Linux kernel, the following vulnerability has been resolved: ...
1 month ago
CVE-2022-48956 - In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6_fragment() Blamed commit claimed rcu_read_lock() was held by ip6_fragment() callers. It seems to not be always true, at least for UDP stack. syzbot ...
5 months ago Tenable.com
Week in review: Palo Alto Networks firewalls under attack, Microsoft patches two exploited zero-days - Strategies for secure identity management in hybrid environmentsIn this Help Net Security interview, Charlotte Wylie, SVP and Deputy CSO at Okta, discusses the challenges of managing user identities across hybrid IT environments. Leveraging AI for ...
11 months ago Helpnetsecurity.com
CVE-2024-50033 - In the Linux kernel, the following vulnerability has been resolved: slip: make slhc_remember() more robust against malicious packets syzbot found that slhc_remember() was missing checks against malicious packets [1]. slhc_remember() only checked the ...
5 months ago Tenable.com
CVE-2024-44999 - In the Linux kernel, the following vulnerability has been resolved: ...
3 months ago
CVE-2024-56648 - In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fill_frame_info() syzbot is able to feed a packet with 14 bytes, pretending it is a vlan one. Since fill_frame_info() is relying on ...
3 months ago Tenable.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)