Category: Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113) Last week, CISA added CVE-2024-23113 – a critical vulnerability that allows unauthenticated remote…

Read more →

Microsoft has lost several weeks of cloud security logs that its customers rely on to spot cyber intrusions. What happened As reported by Business Insider earlier this month, Microsoft privately notified affected customers of this incident and told them the…

Read more →

Attackers have tried to deliver wiper malware to employees at organizations across Israel by impersonating cybersecurity company ESET via email. The phishing email The attack took the form of a phishing email ostensibly sent by the “Eset Advanced Threat Defense…

Read more →

Law enforcement agencies have arrested suspects involved in cyber attacks claimed by USDoD and Anonymous Sudan, as well as a person involved in the hacking of SEC’s X (Twitter) account. USDoD On Wednesday, the Brazilian federal police (Policia Federal) arrested…

Read more →

CyCognito announced several enhancements to its CyCognito Automated Security Testing (AST) product, a module in the CyCognito platform built for automated exposure validation and security testing. These additions speed the configuration of automated testing for AWS cloud environments, provide enhanced data…

Read more →

Despite global information security spending projected to reach $215 billion in 2024, 44% of CISOs surveyed reported they were unable to detect a data breach in the last 12 months using existing security tools, according to Gigamon. Blind spots undermine…

Read more →

A lost, stolen, or compromised smartphone today means we are in serious trouble. Most people have everything related to their personal and professional lives stored on their phones, a fact that criminals are well aware of. Cybersecurity risks resulting from…

Read more →

Cybercrime in recent years shows no signs of slowing down, with phishing attacks surging and ransomware tactics becoming more advanced, forcing organizations to constantly adapt their defenses. The rise of deepfake technology, especially in creating realistic audio impersonations, poses new…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from ExtraHop, GitGuardian, Nametag, Okta, Rubrik, and Sectigo. GitGuardian Visual Studio Code extension helps developers protect their sensitive information GitGuardian’s new Visual Studio Code extension brings…

Read more →

Users of the Google Meet video communication service have been targeted by cyber crooks using the ClickFix tactic to infect them with information-stealing malware. Fake Google Meet video conference page with malicious ClickFix pop-up (Source: Sekoia) “The ClickFix tactic deceives…

Read more →

Cyber-physical devices are increasingly getting compromised and leveraged by criminal groups and state-sponsored threat actors. Fyodor Yarochkin, Senior Threat Solution Architect with Trend Micro, believes that getting a better understanding of attackers’ infrastructure leads to a better understanding of the…

Read more →

Cognizant announced the debut of Cognizant Neuro Cybersecurity, a new addition to Cognizant’s Neuro suite of platforms, designed to amplify cybersecurity resilience by integrating and orchestrating point cybersecurity solutions across the enterprise. Sophisticated threat actors, hybrid workforces, and the complexity…

Read more →

MongoDB Queryable Encryption allows customers to securely encrypt sensitive application data and store it in an encrypted format within the MongoDB database. It also enables direct equality and range queries on the encrypted data without the need for cryptographic expertise.…

Read more →

GhostStrike is an open-source, advanced cybersecurity tool tailored for ethical hacking and Red Team operations. It incorporates cutting-edge techniques, including process hollowing, to stealthily evade detection on Windows systems, making it an asset for penetration testing and security assessments. “I…

Read more →

In this Help Net Security interview, Mick Baccio, Global Security Advisor at Splunk SURGe, discusses the far-reaching implications of the NIS2 Directive beyond traditional IT security. He explains how NIS2 will fundamentally change cybersecurity governance, making it a core aspect…

Read more →

A recent Cohesity report found that consumers are highly concerned about the information companies collect from them – especially when it`s used for artificial intelligence – with consumers prepared to punish companies by switching providers for any loss of trust.…

Read more →

While businesses increasingly rely on SaaS tools, many leaders are not fully confident in their ability to safeguard their data, according to Keepit. Growing concerns over SaaS data protection According to the survey, while 28% of respondents expressed high confidence…

Read more →

Okta announced new Workforce Identity Cloud capabilities to address top security challenges such as unmanaged SaaS service accounts, governance risks, and identity verification. As part of a unified approach, these innovations help protect business before, during and after authentication, providing…

Read more →

ExtraHop unveiled new network-based file analysis capabilities in ExtraHop RevealX to detect malware, combat ransomware, and help prevent data loss. According to the 2024 Global Ransomware Trends Report, organizations experience an average of eight ransomware incidents per year. To carry…

Read more →

A new report from Mandiant reveals that the average time-to-exploit vulnerabilities before or after a patch is released has plunged to just five days in 2023, down from 32 days in 2021 in 2022. One reason for this is the…

Read more →