News

Expert Insights Cybersecurity Vendor News Recap: November 7 –14, 2024

10 big headlines driving the news this week

Last updated on Nov 21, 2024
Joel Witts Written by Joel Witts
News Update

Welcome to your weekly vendor news, M&As, and investments recap.

🤔 Have any thoughts or stories to share? Get in touch with [email protected]

In the news:

  1. Cybereason (an endpoint detection and response firm) and Trustwave (an MSSP) have announced plans to merge. (MSSP alert)
  2. Palo Alto Networks has issued advisory actions for customers to respond to claims of an RCE vulnerability in PAN-OS. (SecurityWeek)
  3. VMWare has unveiled new SMB security packages after claims that small customers were looking to move off the platform following the Broadcom acquisition. (Ars Technica)
  4. Microsoft’s November 2024 ‘Patch Tuesday’ released this week, including updates for 89 security flaws – including four zero-day exploits. (BleepingComputer)
  5. Apple’s IOS 18.1 update has quietly included a new security feature that reboots iPhones after four days of inactivity. After reboot, the device requires a password to be accessed. (CyberNews)
  6. Google has announced that from now on it will assign CVEs to all critical vulnerabilities found in its products, even where users do not need to take any action, as part of a commitment to transparency. (SecurityWeek)
  7. Ivanti released patches for almost 50 security vulnerabilities this week, including critical bugs in their Connect Secure, Policy Secure, and Endpoint Manager products. (SecurityWeek)
  8. Bitdefender has released a decryptor for the ShrinkLocker ransomware malware, as well as releasing research as to how the ransomware works. Several researchers have previously expressed concern about the unique approach it used to decrypt systems. (The Record)
  9. Amazon have confirmed that employee data was stolen after a ‘security event’ impacted a third-party information. Amazon and AWS systems remain secure. (TechCrunch)
  10. Google Cloud has released fixes for two bugs in Vertex AI, it’s platform for custom dev and deployment of LLMs that could have allowed hackers to exfiltrate models from the system. The flaws were uncovered by Palo Alto Networks. (Dark Reading)

We’ll be back next week with another roundup of the biggest cybersecurity vendor stories. Until then!

Expert Insights’ Cybersecurity Resources

Joel Witts

Content Director

LinkedIn Email
Joel Witts is the Content Director at Expert Insights, meaning he oversees all articles published and topics covered. He is an experienced journalist and writer, specialising in identity and access management, Zero Trust, cloud business technologies, and cybersecurity. Joel is a co-host of the Expert Insights Podcast and conducts regular interviews with leading B2B tech industry experts, including directors at Microsoft and Google. Joel holds a First Class Honours degree in Journalism from Cardiff University.