Category: Help Net Security

Threat actors continue to probe the payments ecosystem for vulnerabilities and were successful in conducting fraud schemes affecting multiple financial institutions, technologies, and processes, according to Visa. The resurgence of physical theft Scammers are going back to basics with an…

Read more →

In this Help Net Security video, Jake King, Head of Threat & Security Intelligence at Elastic, discusses the key findings from the 2024 Elastic Global Threat Report. Adversaries are utilizing off-the-shelf tools Offensive security tools (OSTs), including Cobalt Strike and…

Read more →

The ethical and responsible use of technology is fast becoming part of the mandate for CIOs, as organizations balance the need for progress with the protection of stakeholders’ trust and well-being, according to Gartner. “This year’s top strategic technology trends…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Fortinet releases patches for publicly undisclosed critical FortiManager vulnerability In the last couple of days, Fortinet has released critical security updates for FortiManager, to fix…

Read more →

The Securities and Exchange Commission charged four current and former public companies – Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd, and Mimecast Limited – with making materially misleading disclosures regarding cybersecurity risks and intrusions. The SEC also…

Read more →

Threat actors have been leveraging zero and n-day vulnerabilities in Cisco security appliances (CVE-2024-20481), Microsoft Sharepoint (CVE-2024-38094), and Google’s Chrome browser (CVE-2024-4947). CVE-2024-20481 (Cisco ASA/FTD) In the past few days, Cisco has released fixes for a slew of vulnerabilities affecting…

Read more →

Proof launched Verify, a live face-to-face experience that delivers high-level assurance with identity verification performed in the presence of an agent, reducing the risk of fraudulent activities such as deepfakes by ensuring that users are legitimate. Organizations and consumers alike…

Read more →

Concentric AI has secured financing of $45 million in a Series B round, bringing the company’s total funding to more than $67 million. The funding round was led by Top Tier Capital Partners and HarbourVest Partners. CyberFuture, a global CISO…

Read more →

AuthenticID released AuthenticID360, its new holistic identity verification platform. AuthenticID360 delivers robust verification and risk signaling capabilities, including a 2-second response time for identity transactions. A unified solution for comprehensive identity verification and risk scoring AuthenticID360 combines ID verification, biometric…

Read more →

Climbing Mount Everest isn’t a feat for the faint hearted. Extreme weather, dangerous terrain and acclimatization requirements make the trek challenging for even the most experienced climbers. It’s estimated that the expedition takes more than two months, on average. That’s…

Read more →

In this Help Net Security video, IEEE member Marc Lijour explains quantum computing and offers insight into how to fend off a quantum computer attack. The post How to fend off a quantum computer attack appeared first on Help Net…

Read more →

In this Help Net Security interview, Michael Daum, Head of Global Cyber Claims for Allianz Commercial, discusses the significant rise in cyber claims in 2024, driven by an increase in data breaches and ransomware attacks. Daum highlights the need for…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Fastly, IBM, Ivanti, Kusari, and Nucleus Security. IBM Guardium Data Security Center protects hybrid cloud and AI IBM Guardium Data Security Center provides a common…

Read more →

Due to widely varying government, risk, and compliance (GRC) tool pricing, enterprise risk management (ERM) leaders must understand four different pricing-tier categories of GRC solutions and apply a scoping framework to further estimate likely costs ahead of vendor selection, according…

Read more →

Fortinet has finally made public information about CVE-2024-47575, a critical FortiManager vulnerability that attackers have exploited as a zero-day. About CVE-2024-47575 CVE-2024-47575 is a vulnerability stemming from missing authentication for a critical function in FortiManager’s fgfmd daemon. Remote, unauthenticated attackers…

Read more →

Nucleus Security announced Nucleus POAM Process Automation, a comprehensive solution for federal agencies and their vendors to streamline risk management and automate their Plan of Action and Milestones (POA&M) process. This solution overcomes error-prone and labor-intensive manual processes by automating…

Read more →

F5 announced BIG-IP Next for Kubernetes, an AI application delivery and security solution that equips service providers and large enterprises with a centralized control point to accelerate, secure, and streamline data traffic that flows into and out of large-scale AI…

Read more →

In this Help Net Security interview, John Cohen, Executive Director, Program for Countering Hybrid Threats at the Center for Internet Security, discusses the four pillars of the National Framework for Action, emphasizing how these measures can combat the exploitation of…

Read more →

When building a cybersecurity team, you likely asked yourself, “Should I focus on certifications or real-world skills?” And since you rarely encounter entry-level candidates who can hit the ground running, naturally, you’d consider a candidate with both. But that’s not…

Read more →

Cyber insurance is vital for companies mitigating cyber risks, but the industry still encounters significant challenges, including shifting policy requirements and uncertainty around coverage in the event of an incident. As cyberattacks continue to cause problems for organizations worldwide, it’s…

Read more →