Sectigo announced the newest member of its senior executive team with the appointment of Jason Scott as CISO. Jason will oversee all aspects of cybersecurity at Sectigo including data, infrastructure, network, applications, and products. He joins the company with more…
Rocket Software is addressing the growing demand for integrated security, compliance, and automation in software development with its latest release of Rocket DevOps, formerly known as Aldon. With its data validation tool and seamless support of CI/CD pipelines, Rocket DevOps,…
Akamai launched Akamai Shield NS53, a product that protects on-premises (on-prem) Domain Name System (DNS) infrastructure from resource exhaustion attacks. These attacks overwhelm servers to the point that they can no longer respond to valid DNS queries. The new offering…
New (down)loader malware called Latrodectus is being leveraged by initial access brokers and it looks like it might have been written by the same developers who created the IcedID loader. Malware delivery campaigns “[Latrodectus] was first observed being distributed by…
Darktrace has introduced the Darktrace ActiveAI Security Platform. The platform includes Darktrace’s existing security products supplemented by a set of new innovations and features, including for email and operational technology (OT). The platform uses AI to transform security operations from…
Production facilities are increasingly the target of cyberattacks. Industrial companies are therefore required to identify and close potential vulnerabilities in their systems. To address the need to identify cybersecurity vulnerabilities on the shop floor as quickly as possible, Siemens has…
Cloudflare announced a collaboration with Booz Allen Hamilton to support enterprises under attack by providing expedited Under Attack as a Service (UAaaS) with 30-Day Rapid Response DDoS Mitigation, including continuous monitoring and protection. Under this new agreement, Booz Allen’s Global…
Attackers are adept at identifying and exploiting the most cost-effective methods of compromise, highlighting the critical need for organizations to implement asset identification and understand their assets’ security posture in relation to the whole estate. Instead of asking, “Are we…
In this Help Net Security interview, Charlotte Wylie, SVP and Deputy CSO at Okta, discusses the challenges of managing user identities across hybrid IT environments. She emphasizes balancing and adopting comprehensive security controls, including cloud SSO and MFA technologies, to…
EJBCA is open-source PKI and CA software. It can handle almost anything, and someone once called it the kitchen sink of PKI. With its extensive history as one of the longest-standing CA software projects, EJBCA offers proven robustness, reliability, and…
End-user spending on security and risk management will total $215 billion in 2024, according to Gartner. In this Help Net Security video, Nicholas Kathmann, CISO at LogicGate, discusses why companies are turning to a holistic GRC strategy. Businesses often consider…
Bitdefender has enhanced Bitdefender Digital Identity Protection, a service that monitors personal data in real-time by proactively scanning the internet including public sites, dark web, and underground forums for unauthorized leaks and data breaches that may put user accounts and…
As the analysis of the backdoor in XZ Utils continues, several security companies have provided tools and advice on how to detect its presence on Linux systems. What happened? The open-source XZ Utils compression utility has been backdoored by a…
Veriato released their next generation Insider Risk Management (IRM) solution. With organizations of all sizes facing a more complex cybersecurity environment, Veriato IRM delivers flexibility and scalability using the power of GenAI. Veriato’s IRM solution offers technology for companies looking…
SymphonyAI announced SensaAI for Sanctions, a platform-agnostic “AI upgrade” for any sanctions solution. It impacts sanctions evasion efforts by optimizing match accuracy with deep, context-aware AI-based matching algorithms. SensaAI for Sanctions, delivered via API, is pre-trained and ready to use…
A vulnerability (CVE-2024-3273) in four old D-Link NAS models could be exploited to compromise internet-facing devices, a threat researcher has found. The existence of the flaw was confirmed by D-Link last week, and an exploit for opening an interactive shell…
Since it plays a vital role in every functioning society, the energy sector has always been a prime target for state-backed cybercriminals. The cyber threats targeting this industry have grown significantly in recent years, as geopolitical tensions have fueled an…
This month, we have a new product preview from Microsoft, and some older products are being prepared for end-of-support. But before we go there, March 2024 Patch Tuesday was pretty mild, with 60 unique vulnerabilities addressed. We saw updates to…
In this Help Net Security interview, Lynn Dohm, Executive Director at Women in CyberSecurity (WiCyS), talks about how the organization supports its members across different stages of their cybersecurity journey. WiCyS (pronounced Wee-Sis) is an organization dedicated to advancing the…
In this Help Net Security video, Josh Bartolomie, VP of Global Threat Services at Cofense, discusses how email will remain a target as long as it remains the predominant form of communication within a business. Cofense researchers have found that…