Category: Help Net Security

In this Help Net Security video, Aaron Fulkerson, CEO of Opaque, discusses how the weaponization of generative AI (GenAI) has made existing data privacy practices (like masking, anonymization, tokenization, etc.) obsolete. Fulkerson provides recommendations for companies to realize they must…

Read more →

Version 8.1 of the CIS Critical Security Controls (CIS Controls) is an iterative update to version 8.0. It offers prescriptive, prioritized, and simplified cybersecurity best practices that provide a clear path to improve your organization’s cyber defense program. CIS Controls…

Read more →

Ransomware groups continue to refine their craft, building and scaling business models that resemble legitimate corporate enterprises, according to Rapid7. They market their services to prospective buyers, offer company insiders commissions in exchange for access, and run formal bug bounty…

Read more →

CrowdStrike has published a technical root cause analysis of what went wrong when a content update pushed to its Falcon sensors borked over 8.5 million Windows machines around the world on July 19, and has confirmed that it has hired…

Read more →

Veza has released Access AI, a generative AI-powered solution to maintain the principle of least privilege at enterprise scale. With Access AI, security and identity teams can now use an AI-powered chat-like interface to understand who can take what action…

Read more →

Elastic is accelerating the adoption of AI-driven security analytics by automating SIEM data onboarding with Automatic Import. This new feature — the only one of its kind for a security analytics or SIEM solution — automates the development of custom…

Read more →

Cequence introduced advancements to its Unified API Protection (UAP) platform, specifically tailored to support the secure use of AI applications like Generative AI and Large Language Models (LLMs). Cequence’s solutions protect applications deployed in the cloud, on-premises, and hybrid environments,…

Read more →

AppSOC has launched capabilities for safeguarding artificial intelligence (AI) applications and agents while providing the visibility and governance that enterprises need to leverage AI with confidence. Businesses across sectors are recognizing the immense potential of AI, but the rush to…

Read more →

Two cross-site scripting vulnerabilities (CVE-2024-42009, CVE-2024-42008) affecting Roundcube could be exploited by attackers to steal users’ emails and contacts, email password, and send emails from their account. About the vulnerabilities Roundcube is an open-source webmail software solution popular with European…

Read more →

Flashpoint has released new features and capabilities to its flagship platform, Flashpoint Ignite, and Echosec, its comprehensive location intelligence solution. Those working in security and threat analysis are at the forefront of the constantly evolving threat landscape. However, each organization…

Read more →

D3 has announced the release of Ace AI, a collection of new capabilities for D3’s Smart SOAR platform that leverage the power of artificial intelligence to make security operations faster and more intuitive. In a security operations climate where excessive…

Read more →

Cymulate AI Copilot is a generative AI solution designed to deploy, test and tune security controls to evaluate their effectiveness against real-time threats. The solution offers a dynamic attack planner, among other AI-powered features, for greater insights into cybersecurity control…

Read more →

Contrast Security introduced Application Detection and Response (ADR), which empowers security teams to identify vulnerabilities, detect threats, and stop attacks that target custom applications and APIs. Today’s layered “detection and response” security defenses have a gap. They provide visibility into…

Read more →

Forescout has published a new report examining the current state of the software supply chain in OT/IoT routers. The study uncovered that OT and IoT cellular routers and those used in small offices and homes contain outdated software components associated…

Read more →

RustScan is an open-source port scanner designed for speed and versatility. It combines a sleek interface with the power to adapt and improve over time. With RustScan’s Adaptive Learning, the tool continually optimizes its performance, making it the most efficient…

Read more →

Sporting events generate a lot of consumer activity, from hotels and restaurants to retail. Large sporting events are held together by webs of connectivity that include vendors, sponsors, employees, and consumers. These networks connect ticketing, merchandising, venue access, live events…

Read more →

In this Help Net Security interview, Doug Madory, Director of Internet Analysis at Kentik, discusses the FCC’s proposal requiring major U.S. ISPs to implement RPKI Route Origin Validation (ROV), and addresses concerns about the impact on smaller ISPs and the…

Read more →

Outages, human errors, cyberattacks, data breaches, ransomware, security vulnerabilities, and, as a result, data loss are the reality that DevSecOps teams have to face every few days, according to GitProtect.io. DevSecOps The possibility to integrate security in development processes has…

Read more →

Ransomware-as-a-service outfit Hunters International is wielding a new remote access trojan (RAT). “The malware, named SharpRhino due to its use of the C# programming language, is delivered through a typosquatting domain impersonating the legitimate tool Angry IP Scanner,” Quorum Cyber…

Read more →

Ransomware-as-a-service outfit Hunters International is wielding a new remote access trojan (RAT). “The malware, named SharpRhino due to its use of the C# programming language, is delivered through a typosquatting domain impersonating the legitimate tool Angry IP Scanner,” Quorum Cyber…

Read more →