CA26-02 & CA26-03: High Severity Vulnerabilities in Central Password Management
CyberArk has disclosed high severity vulnerabilities affecting Central Password Management in both self-hosted deployments (versions prior to 14.6.3) and Privilege Cloud environments (versions prior to 14.8). Customers should review the security bulletins (CA26-02, CA26-03) to understand their exposure and apply the recommended fixes as soon as possible.
SIA: Support for named instance connections in vaulted SQL Server targets
Secure Infrastructure Access (SIA) now supports connecting to specific SQL Server named instances by specifying the port and instance name when using vaulted credentials. Since enterprises commonly run multiple SQL instances on a single host, this closes a gap that previously made SIA impractical for complex database environments.
SIA: On-premises Windows connections to IP-based targets using ZSP
Secure Infrastructure Access (SIA) now allows users to establish RDP connections to on-prem Windows targets by IP address while maintaining Zero Standing Privileges. This is particularly useful for environments where DNS infrastructure or FQDNs aren’t available, removing a common deployment blocker for extending ZSP coverage across legacy or segmented networks.
Enhance Security and Simplify Enrollment with Okta’s Same Device Enrollment
Okta’s Same Device Enrolment streamlines and secures Okta Verify enrolment by allowing users to enrol on their current device using an OIDC flow, eliminating the need for QR codes, SMS, or email, which are vulnerable to interception. This approach enhances security, aligns with authentication policies, and provides a phishing-resistant, more intuitive enrolment experience. Organisations can choose to enforce Same Device Enrollment or offer it as an option alongside mobile-based methods.
