Category: Help Net Security

Cybercriminals are beginning to take advantage of the new malicious options that large language models (LLMs) offer them. LLMs make it possible to upload documents with hidden instructions that are executed by connected system components. This is a boon to…

Read more →

In this Help Net Security interview, Umaimah Khan, CEO of Opal Security, shares her insights on implementing the Principle of Least Privilege (PoLP). She discusses best practices for effective integration, benefits for operational efficiency and audit readiness, and how to…

Read more →

Amidst global economic and geopolitical uncertainty, markets are jittery, companies are spending frugally, and investors remain cautious, according to IANS Research and Artico Search. Security budgets are also affected by these realities with most budgets remaining flat or increasing modestly.…

Read more →

The frequency of phishing attacks is rising as attackers increasingly utilize AI to execute more scams than ever before. In this Help Net Security video, Abhilash Garimella, Head Of Research at Bolster, discusses how phishing scams are now being hosted…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Vulnerability allows Yubico security keys to be cloned Researchers have unearthed a cryptographic vulnerability in popular Yubico (FIDO) hardware security keys and modules that may…

Read more →

The US Department of Justice has named five Russian computer hackers as members of Unit 29155 – i.e., the 161st Specialist Training Center of the Russian General Staff Main Intelligence Directorate (GRU) – which they deem resposible for the 2022…

Read more →

For the fourth time in the last five months, Apache OFBiz users have been advised to upgrade their installations to fix a critical flaw (CVE-2024-45195) that could lead to unauthenticated remote code execution. About CVE-2024-45195 Apache OFBiz is an open-source…

Read more →

Cequence Security announced a new partnership with Netskope. Through the partnership, Netskope customers can now leverage unique API threat intelligence from the Cequence Unified API Protection (UAP) platform to unlock insights into real-world threats and ultimately strengthen organizational security posture.…

Read more →

Veza announced a partnership with HashiCorp to deliver an integrated solution for solving modern identity security challenges. Together, the Veza Access Platform and HashiCorp Vault empower joint customers to strengthen their identity security posture by bringing least privilege to the…

Read more →

Resecurity announced its recognition in the prestigious Frost & Sullivan’s Global Cyber Threat Intelligence 2024 report. This annual report is an essential indicator of market trends and highlights the most influential vendors and tools shaping the cybersecurity and risk management…

Read more →

Respotter is an open-source honeypot designed to detect attackers when they launch Responder within your environment. This application identifies active instances of Responder by exploiting its behavior when responding to any DNS query. Respotter leverages LLMNR, mDNS, and NBNS protocols…

Read more →

Businesses run on SaaS solutions: nearly every business function relies on multiple cloud-based tech platforms and collaborative work tools like Slack, Google Workspace apps, Jira, Zendesk and others. We recently surveyed security leaders and CISOs on top data security priorities…

Read more →

I asked for a calm August 2024 Patch Tuesday in last month’s forecast article and that came to pass. The updates released were limited to the regular operating systems and all forms of Office applications. Six zero-day vulnerabilities were announced,…

Read more →

Ransomware is an all-too-common occurrence: 83% of organizations have experienced at least one ransomware attack in the last year, 46% of respondents experienced four or more and 14% indicated they experienced 10 or more. Of those respondents who experienced at…

Read more →

As cybercriminals continue to refine their methods, blending traditional strategies with new technologies, the financial toll on individuals and organizations has reached alarming levels. Businesses are also grappling with mounting cybercrime costs from ransomware and DDoS attacks, which can inflict…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Binarly, Bitdefender, Prompt Security, Revenera, Skyhigh Security, and Vanta. Bitdefender Security for Creators protects YouTube content creators and influencers from hackers Bitdefender Security for Creators…

Read more →

Vanta announced new product features and milestones, allowing customers to automate existing GRC workflows and gain continuous visibility across their security and compliance program. Vanta’s new Report Center, enhancements to VRM and milestone achievements for pre-built integrations and frameworks give…

Read more →

Proofpoint introduced its Digital Communications Governance (DCG) offering, bolstering its existing offerings in pace with the evolving modern data governance and enterprise archiving market. The new offering helps organizations simplify governance of communication data and provides security insights across all…

Read more →

Bitdefender unveiled Bitdefender Security for Creators, a service specifically designed for digital content producers, online creative professionals and social media influencers who are prime targets for account takeovers, fraud, and other cybercrimes. Initially the new offering protects YouTube accounts with…

Read more →

Revenera announced OSS Inspector, a comprehensive, time-efficient approach to open source software (OSS) management. The Revenera OSS Inspector plugin enables developers using IntelliJ IDEA, an integrated development environment (IDE), to examine, within the IDE itself, the licenses and security vulnerabilities…

Read more →