Category: Help Net Security

AI is becoming recognized for its potential to strengthen cybersecurity measures and tackle the skills gap across various sectors. Its ability to streamline data management processes boosts efficiency and strengthens security protocols. However, the rise of GenAI has raised alarms…

Read more →

Netwrix released a new version of Netwrix Threat Manager. The upgrade expands the product’s capabilities to the cloud environment of Microsoft Entra ID (formerly Azure AD) in addition to on-premises instances of Active Directory (AD). Now, real-time alerting to suspicious…

Read more →

HiddenLayer launched several new features to its AISec Platform and Model Scanner, designed to enhance risk detection, scalability, and operational control for enterprises deploying AI at scale. As the pace of AI adoption accelerates, so do the threats targeting these…

Read more →

If you run a self-managed GitLab installation with configured SAML-based authentication and you haven’t upgraded it since mid-September, do it now, because security researchers have published an analysis of CVE-2024-45409 and an exploit script that may help attackers gain access…

Read more →

Commvault launched Cloud Rewind on the Commvault Cloud platform. This offering, which integrates cloud-native distributed application recovery and rebuild capabilities from the Appranix acquisition, gives cloud-first organizations a secret weapon to transform their cyber resilience capabilities. Today, when organizations are…

Read more →

Frontegg launched Flows, a journey-time orchestration capability that uses generative AI to simplify the creation of advanced customer identity processes. As growing businesses emerge from startup mode and enter scale-up mode, their user identities start to enter the thousands. In…

Read more →

Edgio launched Premier Bot Manager, a next-generation bot management solution designed to protect enterprise applications against increasingly sophisticated automated threats. Premier Bot Manager introduces enhanced detection capabilities, AI-powered threat intelligence, and granular categorization of known and unknown bot attacks, providing…

Read more →

Trulioo launched Trulioo Fraud Intelligence, a new capability that delivers predictive risk insights across more than 195 countries. Trulioo Fraud Intelligence transforms how global businesses fight synthetic and third-party fraud. The capability provides comprehensive coverage across diverse markets by combining…

Read more →

Bitwarden expanded its integration capabilities with the release of a Microsoft Sentinel integration to enhance security information and event management (SIEM) for organizations. Security teams can now monitor, detect, and respond to password management, account access activities, and potential threats…

Read more →

Tidal Cyber announced that it now incorporates test results from Breach and Attack Simulation (BAS) tools and other sources to complement the company’s existing Threat-Informed Defense capabilities. With this new integration, Tidal Cyber Enterprise Edition users can gain greater insight…

Read more →

Governance, risk, and compliance frameworks are critical. They enable cybersecurity professionals to accurately identify an organization’s risk posture, align business and strategic objectives with technology, and meet compliance responsibilities. However, selecting the right framework can be challenging. Inside this guide…

Read more →

YARA is a powerful tool designed primarily to aid malware researchers in identifying and categorizing malware samples, though its applications are broader. The tool enables users to create detailed descriptions, or “rules,” for malware families or any other target based…

Read more →

ESET researchers have discovered a series of attacks that took place in Europe from May 2022 to March 2024, where the attackers used a toolset capable of targeting air-gapped systems, in a governmental organization of a European Union country. Cyberespionage…

Read more →

In this Help Net Security interview, Emily Wienhold, Cyber Education Specialist at Optiv, discusses how business leaders can promote a security-first culture within their organizations. Wienhold also discusses strategies for maintaining ongoing cybersecurity awareness and making security protocols accessible to…

Read more →

Cloud Cybersecurity Analyst III Texas Health and Human Services | USA | Hybrid – View job details As a Cloud CSAIII, you will be responsible for designing, implementing, and managing security solutions for cloud environments. You will ensure that cloud…

Read more →

70% of customer-facing APIs are secured using HTTPS, leaving nearly one-third of these APIs completely unprotected, according to F5. This is a stark contrast to the 90% of web pages that are now accessed via HTTPS, following the push for…

Read more →

For October 2024 Patch Tuesday, Microsoft has released fixes for 117 security vulnerabilities, including two under active exploitation: CVE-2024-43573, a spoofing bug affecting the Windows MSHTML Platform, and CVE-2024-43572, a remote code execution flaw in the Microsoft Management Console (MMC).…

Read more →

Ivanti has patched three additional Cloud Service Appliance (CSA) zero-day flaws, which have been exploited by attackers in conjuction with a zero-day bug the company accidentally fixed in September. The fixed zero-days “We are aware of a limited number of…

Read more →

OpenBSD is a free, multi-platform 4.4BSD-based UNIX-like operating system. The 57th release, OpenBSD 7.6, comes with new features, various improvements, bug fixes, and tweaks. Security improvements Added -fret-clean option to the compiler, defaulting to off. This new option causes the…

Read more →

Dashlane launched Credential Risk Detection, a solution that continuously monitors and detects at-risk credential activity in real-time across the workforce, whether employees use a password manager or not. The web extension-based solution is the latest Dashlane innovation that shifts credential…

Read more →