Category: Help Net Security

Last week, CISA added CVE-2024-23113 – a critical vulnerability that allows unauthenticated remote code/command execution on unpatched Fortinet FortiGate firewalls – to its Known Exploited Vulnerabilities catalog, thus confirming that it’s being leveraged by attackers in the wild. The Shadowserver…

Read more →

Calix announced significant updates to Calix SmartHome that will help broadband service providers (BSPs) meet every home internet need with enhanced security and comprehensive offerings. These SmartHome innovations make it easier for BSPs to support the growing demands of residential…

Read more →

Netwrix announced that Grady Summers has been appointed CEO effective immediately. Summers succeeds Steve Dickson, who has successfully led the company through record growth during his six-year tenure. Under Dickson’s leadership, Netwrix achieved significant growth and value creation. Since joining…

Read more →

An employee is exiting your organization. Regardless of the terms of departure, an ex-staffer has the potential when they leave or change roles to impact a wide range of non-human identities, digital credentials, and other secrets. Those secrets include the…

Read more →

In this Help Net Security interview, Ismael Valenzuela, Vice President of Threat Research & Intelligence at BlackBerry, discusses the impact of geopolitical tensions on the frequency and sophistication of cyberattacks. He explains how nation-states and politically motivated groups exploit unrest…

Read more →

APIs are the backbone of digital transformation efforts, connecting applications across organizations, so their security is of the utmost importance. In this Help Net Security video, Lori MacVittie, a Distinguished Engineer at F5, discusses the current state of API security.…

Read more →

Cyber claims have continued their upwards trend over the past year, driven in large part by a rise in data and privacy breach incidents, according to Allianz. Cyber claims frequency exceeds €1 million The frequency of large cyber claims (>€1…

Read more →

Starting with iOS 18, iPadOS 18, macOS Sequoia, and visionOS 2, the Apple Passwords app enables you to manage your passwords, passkeys, and verification codes. For websites and apps that support two-factor (2FA) or multi-factor authentication (MFA), the Passwords app…

Read more →

OneSpan announced an innovation in phishing-resistant transaction security, VISION FX. This new solution combines OneSpan’s patented CRONTO transaction signing with FIDO2 protocols that strengthen protection against phishing and account takeover threats (ATO), setting a standard for banking security. Merging both…

Read more →

Ridge Security released RidgeBot 5.0, a substantial upgrade to its automated penetration testing platform. This release introduces AI-driven Web API testing, expanded vulnerability management integrations, and an upgraded operating system. RidgeBot 5.0 is an automated penetration testing platform to support…

Read more →

Rancher Government Solutions launched Harvester Government, the first fully compliant, out-of-the-box Hyperconverged Infrastructure (HCI) solution tailored specifically for US Government and Military operations. Designed to meet the strict security standards required for government use cases, Harvester Government offers a pre-hardened…

Read more →

Stolen credentials remain the most common cause of a data breach. Various methods exist to prevent such breaches, and the most effective ones will have the least impact on developer productivity while catching issues as early as possible in the…

Read more →

If someone told you five years ago that you could pose questions to an AI agent about the most vexing issues in science and it could answer back swiftly and meaningfully, you would’ve thought they were joking. But AI has…

Read more →

While AI has captured the attention of the technology industry, the majority of CIOs and senior IT leaders are primarily focused on the convergence of networking and security, according to Extreme Networks. The survey, fielded in July and August 2024,…

Read more →

33.9% of tech professionals report a shortage of AI security skills, particularly around emerging vulnerabilities like prompt injection, according to O’Reilly. This highlights the need for specialized training as AI adoption continues to accelerate across industries. Critical skills gaps emerging…

Read more →

In this Help Net Security interview, Rickard Carlsson, CEO at Detectify, discusses the evolution of attack surface management in the context of remote work and digital transformation. Carlsson highlights the challenges CISOs face today, including maintaining visibility and managing compliance…

Read more →

We present a list of selected cybersecurity companies that received funding during the third quarter of 2024 (Q3 2024). Apono October | 15.5 million Apono has raised $15.5 million in a Series A funding led by New Era Capital Partners,…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) For October 2024 Patch Tuesday, Microsoft has released fixes for 117 security vulnerabilities, including two…

Read more →

The EU Council has adopted the Cyber Resilience Act (CRA), a new law that aims to make consumer products with digital components safe(r) to use. CRA requirements The CRA outlines EU-wide cybersecurity standards for digital products, i.e. products that are…

Read more →

Canonical released Ubuntu 24.10 Oracular Oriole, which brings notable advancements, including an updated kernel, new toolchains, and the GNOME 47 desktop environment, along with significant enhancements in software security. “Oracular Oriole sets a new pace for delivering the latest upstream…

Read more →