Category: Help Net Security

While the healthcare sector gets a “B+” security rating for the first half of 2024, it faces a critical vulnerability: supply chain cyber risk, according to SecurityScorecard. The US healthcare industry’s security ratings were better than expected, with an average…

Read more →

Progress Software has patched one critical (CVE-2024-5805) and one high-risk (CVE-2024-5806) vulnerability in MOVEit, its widely used managed file transfer (MFT) software product. According to WatchTowr Labs researchers, the company has been privately instructing users to implement the hotfixes before…

Read more →

Leveraging security telemetry across an organization’s log and network data sources, eSentire’s MDR for GenAI Visibility solution provides daily insights into an organization’s use of GenAI technology, including the most frequently used AI applications, the users of the technology, the…

Read more →

Ransomware attackers wielding a LockBit variant dubbed Brain Cipher have disrupted a temporary national data center facility which supports the operations of 200+ Indonesian government agencies and public services. The attackers are asking for a $8 million ransom, which the…

Read more →

Researchers at Graz University of Technology were able to spy on users’ online activities simply by monitoring fluctuations in the speed of their internet connection. This vulnerability, known as SnailLoad, does not require malicious code to exploit, and the data…

Read more →

In this Help Net Security interview, Kunal Modasiya, VP of Product Management and Growth at Qualys, explores the key features, significant advantages, and innovative technologies behind Qualys CyberSecurity Asset Management 3.0. Can you explain the key features of Qualys CyberSecurity…

Read more →

Zeek is an open-source network analysis framework. Unlike an active security device such as a firewall, Zeek operates on a versatile ‘sensor’ that can be a hardware, software, virtual, or cloud platform. This flexibility allows Zeek to quietly monitor network…

Read more →

We present a list of selected cybersecurity companies that received funding during the second quarter of 2024 (Q2 2024). Alethea April | $20 million Alethea closed a $20 million Series B funding round led by GV, with participation from Ballistic…

Read more →

We have a collective unaddressed weakness when it comes to basic cybersecurity. Out of the many reports circulating in the news today, many statistics revolve around the number of detected breaches. Why are credentials so sought after? How can we…

Read more →

As the financial services world becomes increasingly digitized and consumer demands evolve, fraudsters and their methods are becoming more sophisticated. Provenir is helping organizations fight back by detecting these emerging threats via sophisticated decisioning tools and advanced analytics to increase…

Read more →

The open-source Rafel RAT is being leveraged by multiple threat actors to compromise Android devices and, in some cases, to lock them, encrypt their contents, and demand money to restore the device to its original state. Check Point researchers have…

Read more →

Enzoic announces Kristen Ranta Haikal Wilson as its new CEO. With an exceptional track record of over 25 years in software and technology, Wilson assumes the role from Michael Greene, who remains involved with the company in an advisory capacity…

Read more →

Video piracy, a pressing issue often unnoticed in security discussions, is rising and demands immediate attention. In this Help Net Security video, Chris White, Chief Architect at Friend MTS, discusses monitoring, identifying, and disrupting piracy for the video market. He…

Read more →

Earlier this year Europcar discovered a hacker selling info on its 50 million customers on the dark web. The European car rental company immediately launched an investigation, only to discover that the data being sold was completely doctored, possibly using…

Read more →

As cybercrime continues to grow, law enforcement agencies worldwide face increased challenges in safeguarding organizations and individuals. In this article, we highlight law enforcement agencies that have scored notable successes against cybercriminals in recent years. FBI: Cyber Division Headquarters: Washington,…

Read more →

Organizations continue to struggle in detecting breaches as they become more targeted and sophisticated, with more than 1 out of 3 organizations citing their existing security tools were unable to detect breaches when they occur, according to Gigamon. As hybrid…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: The rise of SaaS security teams In this Help Net Security interview, Hillary Baron, Senior Technical Director for Research at CSA, highlights that the recent…

Read more →

A vulnerability (CVE-2024-0762) in the Phoenix SecureCore UEFI, which runs on various Intel processors, could be exploited locally to escalate privileges and run arbitrary code within the firmware during runtime. “This type of low-level exploitation is typical of firmware backdoors…

Read more →

The US Department of Commerce has announced an upcoming US-wide ban of cybersecurity and antivirus software by Kaspersky, as its “ability to gather valuable US business information, including intellectual property, and to gather US persons’ sensitive data for malicious use…

Read more →

Cilium is an open-source, cloud-native solution that leverages eBPF technology in the Linux kernel to provide, secure, and monitor network connectivity between workloads. What is eBPF? eBPF is a technology originating from the Linux kernel that allows sandboxed programs to…

Read more →