Category: Help Net Security

IT-Harvest announced the integration of Black Kite‘s cyber third-party risk intelligence into the IT-Harvest Dashboard. This collaboration provides users with a detailed view into cyber third-party risk for more than 3,900 cybersecurity vendors, enhancing the platform’s capabilities with comprehensive insights…

Read more →

Pentera announced a major update to its RansomwareReady product, enabling customers to proactively test the security of their Linux environments. With this addition, Pentera empowers organizations to adopt proactive measures against the world’s most pervasive and destructive ransomware strains across…

Read more →

CVE-2024-38112, a spoofing vulnerability in Windows MSHTML Platform for which Microsoft has released a fix on Tuesday, has likely been exploited by attackers in the wild for over a year, Check Point researcher Haifei Li has revealed. “Check Point Research…

Read more →

Google has removed a potential obstacle for high-risk users who want to enroll in the company’s Advanced Protection Program (APP): they can now do it just by setting a passkey. Users already enrolled in APP have been provided the option…

Read more →

Command Zero emerged from stealth with $21 million in seed funding, led by Andreessen Horowitz with participation from Insight Partners and over 60 cyber industry thought leaders and executives. Using encoded expert knowledge, automation and advanced LLMs, Command Zero is…

Read more →

Mirantis announced Mirantis OpenStack for Kubernetes (MOSK) 24.2 with an exclusive dynamic resource balancer feature that automates workload distribution to solve hotspot and “noisy neighbor” problems. Now, MOSK automatically redistributes workloads within a cluster helping to balance resource consumption to…

Read more →

Command Zero emerged from stealth with $21 Million in seed funding, led by Andreessen Horowitz with participation from Insight Partners and over 60 cyber industry thought leaders and executives. Using encoded expert knowledge, automation and advanced LLMs, Command Zero is…

Read more →

Enzoic has unveiled its Enzoic Global Partner Program to help organizations strengthen their security posture in response to the evolving cybersecurity landscape. Participants have access to Enzoic’s award-winning threat intelligence solutions which continuously monitor the dark web for newly exposed…

Read more →

Technologies such as GenAI, ML and IoT are giving threat actors new tools that make it easier to target consumers and organizations. From Savvy Seahorse which lures victims into investment scams, to a self-replicating AI worm that uses the likes…

Read more →

In this Help Net Security interview, Jake King, Head of Threat & Security Intelligence at Elastic, discusses companies’ exposure to new security risks and vulnerabilities as they rush to deploy LLMs. King explains how LLMs pose significant risks to data…

Read more →

BunkerWeb is an open-source Web Application Firewall (WAF) distributed under the AGPLv3 free license. The solution’s core code is entirely auditable by a third party and the community. “The genesis of BunkerWeb comes from the following problem: every time someone…

Read more →

CISO HoneyBook | Israel | On-site – View job details As a CISO, you will develop and implement a multi-year security strategy and roadmap to anticipate and address security challenges in alignment with company growth objectives. Ensure that HoneyBook adheres…

Read more →

73% of security professionals admit to using SaaS applications that had not been provided by their company’s IT team in the past year, according to Next DLP. Unauthorized tool use poses major risks for organizations This is despite the fact…

Read more →

For July 2024 Patch Tuesday, Microsoft has released security updates and patches that fix 142 CVEs, including two exploited zero-days (CVE-2024-38080, CVE-2024-38112) in Windows Hyper-V and Windows MSHTML Platform (respectively). Zero-days exploited in the wild (CVE-2024-38080, CVE-2024-38112) CVE-2024-38080 is a…

Read more →

Optiv has launched its managed detection and response service, Optiv MDR, on the Google Security Operations (SecOps) platform, enabling organizations to detect and respond to emerging threats with managed threat detection and response capabilities. Cybersecurity remains a top concern for…

Read more →

AttackIQ has introduced a new functionality for enterprise customers – AttackIQ Mission Control. AttackIQ Mission Control enhances AttackIQ Enterprise BAS deployments within large organizations, streamlining security testing for distributed teams. As the use of the BAS platforms by large organizations…

Read more →

Skillsoft announced a comprehensive generative AI (GenAI) skilling program developed in collaboration with Microsoft. Leveraging Skillsoft’s AI Skill Accelerator, the program upskills organizations and their workforce to effectively use Microsoft AI — including Copilot and Azure Open AI — and…

Read more →

A new critical security vulnerability in the RADIUS protocol, dubbed BlastRADIUS, leaves most networking equipment open to Man-in-the-Middle (MitM) attacks. While the vulnerability can be difficult to exploit, the possible impact of an exploit is substantial. What’s at stake? To…

Read more →

Lookout discovered GuardZoo, Android spyware targeting Middle Eastern military personnel. This campaign leverages malicious apps with military and religious themes to lure victims via social engineering on mobile devices. While researchers are still actively analyzing data, thus far, they have…

Read more →

Chinese state-sponsored cyber group APT40 is amazingly fast at adapting public proof-of-concept (PoC) exploits for vulnerabilities in widely used software, an advisory released by intelligence and cybersecurity agencies from eight countries warns. The group, which is also known as Kryptonite…

Read more →