Category: Help Net Security

Argus is an open-source toolkit that simplifies information gathering and reconnaissance. It features a user-friendly interface and a collection of powerful modules, enabling the exploration of networks, web applications, and security configurations. Argus offers a collection of tools categorized into…

Read more →

Recently, IBM X-Force released its 2024 Cloud Threat Landscape Report. This uses incident data and insights to reveal how attackers successfully compromise organizations by leveraging adversary-in-the-middle (AITM) attacks to bypass multi-factor authentication (MFA). This often leads to business email compromise…

Read more →

Cybersecurity Engineer Texas Instruments | USA | On-site – View job details As a Cybersecurity Engineer, you will design, implement and maintain cybersecurity controls for security tools to help drive zero trust and secure by design principles across complex environments.…

Read more →

As a historically male-dominated industry, many IT companies have been described as having limited career development opportunities for female employees, according to Acronis. Issues like lack of mentorship, inadequate policies for work-life balance, and sometimes even a culture of exclusion…

Read more →

Cranium launched Detect AI, an AI discovery tool at scale. With this launch, Cranium is extending its platform capabilities to include visibility and access across an organization’s AI instances, which enables security and compliance teams to uncover and label all…

Read more →

SailPoint launched SailPoint Machine Identity Security, a new Identity Security Cloud product. SailPoint Machine Identity Security is a dedicated product built specifically for machine accounts such as service accounts and bots. Built on SailPoint Atlas, Machine Identity Security unifies the…

Read more →

By ingesting Software Bill of Materials (SBOM) data – a list of all software components – the Kusari platform presents a timeline of the software to identify where impacts are likely to surface. In creating a single source of truth,…

Read more →

As hybrid cloud-, AI-, and quantum-related risks upend the traditional data security paradigm, IBM is launching IBM Guardium Data Security Center – allowing organizations to protect data in any environment, throughout its full lifecycle, and with unified controls. IBM Guardium Data…

Read more →

cPacket Networks launched Packet Capture cStor 200S, the latest addition to its Packet Capture and analytics portfolio. Engineered to meet the escalating demands of enterprise data centers, high-frequency trading platforms, and mission-critical networks, the Packet Capture cStor 200S delivers 200Gbps…

Read more →

Broadcom has released new patches for previously fixed vulnerabilities (CVE-2024-38812, CVE-2024-38813) in vCenter Server, one of which hasn’t been fully addressed the first time and could allow attackers to achieve remote code execution. The vulnerabilities were privately reported by zbl…

Read more →

The convergence of IT and operational technology (OT) and the digital transformation of OT have created new opportunities for innovation and efficiency in critical Industrial Automation and Control Systems. However, these advancements also broaden the potential attack surface, making it…

Read more →

Ivanti introduced Ivanti Neurons for App Control, which safeguards devices from unauthorized applications. In addition, Ivanti released new analytics in the Ivanti Neurons platform and new features for Ivanti Neurons for Patch Management to enhance security and ensure compliance. With…

Read more →

Attackers have exploited an XSS vulnerability (CVE-2024-37383) in the Roundcube Webmail client to target a governmental organization of a CIS country, Positive Technologies (PT) analysts have discovered. The vulnerability was patched in May 2024, in Roundcube Webmail versions 1.5.7 and…

Read more →

Fastly released Fastly DDoS Protection to provide automatic protection from Layer 7 and other application-level DDoS attacks. With a click of a button, organizations can enable Fastly DDoS Protection to automatically shield their applications and APIs against highly disruptive data…

Read more →

Government information technology leaders find themselves at a challenging balance point: On one end of the scale are increasing threats from cyber actors, bolstered by advanced technology like artificial intelligence (AI); on the other end is a longstanding commitment to…

Read more →

Phishing scams aimed at voters, malicious domain registrations impersonating candidates, and other threat activity designed to exploit unassuming victims take center stage as the US election approaches, according to Fortinet. “As the 2024 US presidential election approaches, it’s critical to…

Read more →

In this Help Net Security interview, Dr Kathryn Jones, Head of School, Computer Science and Informatics at Cardiff University, discusses the challenges and misconceptions that deter women from pursuing careers in cybersecurity. Dr Jones also outlines the diverse skills, mentorship,…

Read more →

AI adoption and integration has continued its rapid momentum within the hacking community, according to Bugcrowd. Nevertheless, it continues to pose both benefits and unfortunate cyber risks. This year’s report revealed a significant shift in the perceived value of AI…

Read more →

The ultimate guide to AI security: key AI security risks, vulnerabilities and strategies for protection. 61% of companies use AI, but few secure it. This whitepaper covers the key AI risks being overlooked from LLMs to RAG. Inside the Securing…

Read more →

In the last couple of days, Fortinet has released critical security updates for FortiManager, to fix a critical vulnerability that is reportedly being exploited by Chinese threat actors. Security updates are trickling out The company, which is known for pushing…

Read more →