Category: Help Net Security

CISOs have long been spreadsheet aficionados, soaking up metrics and using them as KPIs for security progress. These metrics have traditionally measured specific systems or single indicators — vulnerabilities detected, percentage of vulnerabilities patched, software and hardware asset inventory coverage,…

Read more →

In this Help Net Security video, Tom Gorup, VP of Security Services at Edgio, discusses the continually changing threat landscape. It is riddled with vulnerabilities that are frequently exploited and only intensify as geopolitics and state-sponsored activity increase. Key highlights…

Read more →

Although the goals and challenges of IT and security professionals intersect, 72% report security data and IT data are siloed in their organization, which contributes to corporate misalignment and elevated security risk, according to Ivanti. Leadership plays a crucial role…

Read more →

Incident response today is too time consuming and manual, leaving organizations vulnerable to damage due to their inability to efficiently investigate and respond to identified threats, according to Cado Security. The incident response challenge is further complicated as enterprises rapidly…

Read more →

Detectify announced a new Domains page and major improvements to existing capabilities for setting custom attack surface policies. These updates bring control over attack surface data and enable organizations to seamlessly configure alerts for policy breaches based on their unique…

Read more →

While fears of cyber attacks continue to rise, CISOs demonstrate increasing confidence in their ability to defend against these threats, reflecting a significant shift in the cybersecurity landscape, according to Proofpoint. CISOs’ confidence is growing despite fear of cyber attacks…

Read more →

Chronon is an open-source, end-to-end feature platform designed for machine learning (ML) teams to build, deploy, manage, and monitor data pipelines for machine learning. Chronon enables you to harness all the data within your organization, including batch tables, event streams,…

Read more →

As digital transformation accelerates, understanding how businesses are preparing for and implementing digital ID technologies is crucial for staying ahead in security and efficiency, according to Regula. The role of digital identity in efficiency and services security Digital identity is…

Read more →

Ransomware remains one of the most pressing cybersecurity threats in 2024, with attackers continually evolving their methods to maximize impact and evade detection. In this Help Net Security round-up, we present excerpts from previously recorded videos featuring cybersecurity experts discussing…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Google fixes yet another Chrome zero-day exploited in the wild (CVE-2024-5274) For the eighth time this year, Google has released an emergency update for its…

Read more →

SoSafe introduced their pioneering Human Risk Operating System, The Human Risk OS, a set of capabilities designed to help customers identify, quantify, monitor, and intervene on human security risk. SoSafe has also presented new capabilities to its Sofie Human Security…

Read more →

Earlier this month, the FBI published a private industry notification about Storm-0539 (aka Atlas Lion), a Morocco-based cyber criminal group that specializes in compromising retailers and creating fraudulent gift cards. Microsoft then went more in-dept on the group’s tactics, techniques,…

Read more →

Huntress announced that its Managed Endpoint Detection and Response (EDR) product now includes Active Remediation and macOS coverage. Huntress EDR previously included proactive isolation to stop the spread of threats immediately, click-to-approve remediation, and guided recovery and cleanup. With the…

Read more →

Illumio and Netskope announced a Zero Trust partnership that brings together the power of Zero Trust Segmentation (ZTS) and Zero Trust Network Access (ZTNA) to protect against breaches and build cyber resilience. The new partnership combines Illumio ZTS with Netskope…

Read more →

For the eighth time this year, Google has released an emergency update for its Chrome browser that fixes a zero-day vulnerability (CVE-2024-5274) with an in-the-wild exploit. About CVE-2024-5274 As per usual, Google keeps technical details of the vulnerability under wraps.…

Read more →

Picus Security announced security validation for Kubernetes. This new capability allows Security and DevOps teams to realize the benefits of containers securely by proactively measuring and optimizing the resilience of clusters. It is the latest innovative addition to the Picus…

Read more →

Code42 announced that it has partnered with Mimecast to release Mimecast for Incydr Flows. The integrated solution helps to protect organizations from data leaks and theft by giving users visibility into risky user activities across email, web, cloud, and more…

Read more →

Compared to the last quarter of 2023, data breaches rose from 81M to 435M in Q1 2024. That’s a 5-fold increase in just a few months. One of the most common ways data breaches happen is through apps like Facebook…

Read more →

Fail2Ban is an open-source tool that monitors log files, such as /var/log/auth.log, and blocks IP addresses that exhibit repeated failed login attempts. It does this by updating system firewall rules to reject new connections from those IP addresses for a…

Read more →

The frequency and severity of cyberattacks are increasing—yet most businesses remain unprepared, according to VikingCloud. Between a growing talent shortage, alert fatigue, and new sophisticated attack methods, companies are more susceptible than ever. The research reveals that 40% of cyber…

Read more →