Category: Help Net Security

OneTrust announced new platform capabilities and enhancements to help organizations discover, secure, and responsibly use data. Available as part of the Company’s latest release, these innovations empower organizations to activate data responsibly, surface and mitigate risk, and navigate the complex…

Read more →

Authelia is an open-source authentication and authorization server that offers 2FA and SSO for applications through a web portal. It works alongside reverse proxies to permit, deny, or redirect requests. Authelia connects directly to the reverse proxy but never to…

Read more →

Associate Director, Cyber Security AstraZeneca | Sweden | On-site – View job details You will develop and implement security policies, procedures, and operating practices in this role. You will coordinate risk profile development and distribution to IT business-facing audiences and…

Read more →

CEOs are facing workforce, culture and governance challenges as they act quickly to implement and scale generative AI across their organizations, according to IBM. The annual global study of 3,000 CEOs from over 30 countries and 26 industries found that…

Read more →

Security leaders are facing increased technological and organizational complexity, which is creating a new wave of identity risks for their organizations, according to ConductorOne. Based on a survey of 523 US-based IT security leaders at companies with 250 to 10,000…

Read more →

Researchers have found 15 vulnerabilities in QNAP’s network attached storage (NAS) devices, and have released a proof-of-concept for one: an unauthenticated stack overflow vulnerability (CVE-2024-27130) that may be leveraged for remote code execution. The vulnerabilities and the CVE-2024-27130 PoC “With…

Read more →

Tenable researchers have discovered a critical vulnerability (CVE-2024-4323) in Fluent Bit, a logging utility used by major cloud providers and tech companies, which may be leveraged for denial of service, information disclosure, or remote code execution. About CVE-2024-4323 Fluent Bit…

Read more →

In this Help Net Security interview, Robert Haist, CISO at TeamViewer, discusses how AI is being leveraged by cybercriminals to enhance the effectiveness of BEC scams. How is AI being leveraged by cybercriminals to enhance the effectiveness of BEC scams?…

Read more →

This article includes excerpts from various reports that offer statistics and insights into the current phishing landscape. AI-driven phishing attacks deceive even the most aware users Zscaler | Zscaler ThreatLabz 2024 Phishing Report | May 2024 In 2023, the United…

Read more →

In this Help Net Security video, Patrick Harding, Chief Architect at Ping Identity, discusses the state of identity fraud prevention. Businesses must adopt more advanced technologies to combat the advancing tactics of identity fraud. Organizations that do not implement MFA…

Read more →

Social engineering threats – those which rely on human manipulation – account for most cyberthreats faced by individuals in 2024, according to Avast. According to the latest quarterly Avast Threat Report, which looks at the threat landscape from January-March 2024,…

Read more →

Current demand for cloud security specialists far exceeds available talent. Especially for companies seeking protection in multicloud environments, professionals with vendor-neutral knowledge and skills to their hiring wish lists. Find out how cloud security is evolving and why global demand…

Read more →

Strata Identity announced Maverics Identity Continuity, a new add-on product to its Maverics Identity Orchestration platform that provides always-on identity continuity in multi-cloud environments. Unlike regional redundancy offerings from cloud providers and existing backup and restore products that only shorten…

Read more →

Strata Identity announced Maverics Identity Continuity, a new add-on product to its Maverics Identity Orchestration platform that provides always-on identity continuity in multi-cloud environments. Unlike regional redundancy offerings from cloud providers and existing backup and restore products that only shorten…

Read more →

CyberArk has signed a definitive agreement to acquire Venafi from Thoma Bravo. This acquisition will combine Venafi’s machine identity management capabilities with CyberArk’s identity security capabilities to establish a unified platform for end-to-end machine identity security at enterprise scale. Digital…

Read more →

Technical details about and a proof-of-concept (PoC) exploit for CVE-2024-22026, a privilege escalation bug affecting Ivanti EPMM, has been released by the vulnerability’s reporter. About CVE-2024-22026 Ivanti Endpoint Manager Mobile (formerly MobileIron Core) is used by enterprises to securely manage…

Read more →

The Securities and Exchange Commission (SEC) announced the adoption of amendments to Regulation S-P to modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal information by certain financial institutions. The amendments update the rules’ requirements for…

Read more →

Due to the cybersecurity disclosure rules the Securities and Exchange Commission (SEC) has adopted in 2023, public entities in the US are required to disclose any material cybersecurity incidents. Moving forward, these organizations will need in-depth knowledge of the impact,…

Read more →

Grafana is an open-source solution for querying, visualizing, alerting, and exploring metrics, logs, and traces regardless of where they are stored. Grafana provides tools to transform your time-series database (TSDB) data into meaningful graphs and visualizations. Additionally, its plugin framework…

Read more →

Ransomware didn’t just grow in the US in 2023, it evolved, with the frequency of ransomware claims jumping 64% year-over-year, according to At-Bay. This was primarily driven by an explosion in “indirect” ransomware incidents which increased by more than 415%…

Read more →