Category: Help Net Security

Here’s a look at the most interesting products from the past week, featuring releases from Appdome, GitGuardian, RunSafe Security, Stairwell, and Netwrix. GitGuardian launches multi-vault integration to combat secrets sprawl GitGuardian unveiled a comprehensive Non-Human Identity (NHI) security strategy with…

Read more →

As the financial industry is the most targeted sector for data breaches in 2024, it’s now more important than ever to strengthen the industry moving into 2025, according to SailPoint. Financial institutions face growing cyber threats In 2024, roughly 65%…

Read more →

$2.2 billion worth of cryptocurrency was stolen from various platforms in 2024, Chainalysis’ 2025 Crypto Crime Report has revealed. Of that sum, $1.34 billion was stolen by North Korea-affiliated hackers, across 47 hacking incidents (out of 303). Most targeted organizations…

Read more →

NETSCOUT updates its Arbor Edge Defense (AED) and Arbor Enterprise Manager (AEM) products as part of its Adaptive DDoS Protection Solution to combat AI-enabled DDoS threats and protect critical IT infrastructure. DDoS threats and protect critical IT infrastructure. NETSCOUT’s DDoS…

Read more →

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a binding operational directive (BOD 25-01) requiring federal civilian agencies to secure their (Microsoft) cloud environments. About the CISA BOD 25-01 directive The Implementing Secure Practices for Cloud Services directive…

Read more →

Legit Security announced enhancements to its secrets scanning product. Available as either a stand-alone product or as part of a broader ASPM platform, Legit released a new secrets dashboard for an integrated view of all findings and recovery actions taken…

Read more →

Ukrainian national Mark Sokolovsky was sentenced to 60 months in federal prison for one count of conspiracy to commit computer intrusion. According to court documents, he conspired to operate the Raccoon Infostealer as a malware-as-a-service (MaaS). Individuals who deployed Raccoon…

Read more →

Netwrix released a new version of its SaaS platform, Netwrix 1Secure. The latest version builds on its existing security monitoring functionality with more robust access rights assessment and expanded security auditing capabilities to overcome the lack of control when relying…

Read more →

Ataccama announced enhancements to the Ataccama ONE unified data trust platform v15.4 that enable customers to have confidence in using their data for business-critical decision-making. In this latest release, enhancements include augmenting its AI capabilities, streamlining user experience, and simplifying…

Read more →

NetSPI introduced three tiers of external attack surface management (EASM) solutions, delivered through the The NetSPI Platform. The new offerings address the evolving needs of NetSPI’s global customer base, to move toward a continuous threat exposure management (CTEM) model and…

Read more →

Enpass added Single Sign-On (SSO) for its admin console in support for its Business Enterprise customers. Enpass integrates seamlessly with prominent Identity Providers (IDPs) such as Google Workspace, Okta, and Microsoft Entra ID, further enhancing Enpass’s approach to simplifying compliance…

Read more →

Security teams that subscribe to threat feeds get lists of known malicious domains, IPs, and file signatures that they can leverage to blacklist and prevent attacks from those sources. The post Are threat feeds masking your biggest security blind spot?…

Read more →

In this Help Net Security interview, Dan Lohrmann, CISO at Presidio, discusses the need for organizations to rethink their leadership and operational strategies and the cybersecurity risks they have to deal with during digital transformation. The post Leadership skills for…

Read more →

In 2024, ransomware remained the top cybersecurity threat to organizations worldwide. New groups filled the void left by law enforcement crackdowns, targeting businesses with record-breaking ransom demands and sophisticated tactics. In this article, you will find excerpts from ransomware surveys…

Read more →

A threat actor looking to take over the Microsoft Azure cloud infrastructure of European companies has successfully compromised accounts of multiple victims in different firms, according to Palo Alto Networks’ Unit 42 researchers. The phishing campaign The attack started earlier…

Read more →

BeyondTrust has fixed an unauthenticated command injection vulnerability (CVE-2024-12356) in its Privileged Remote Access (PRA) and Remote Support (RS) products that may allow remote code execution, and is urging organizations with on-premise installations to test the patch and implement it…

Read more →

Appdome announced that the Appdome Mobile Defense Platform now protects applications running on mobile-enabled platforms like Apple macOS, Apple visionOS, Meta Quest, HarmonyOS Next, Android Auto, Apple CarPlay, Android TV, Apple TV, and Google Play Games for PC. Emerging mobile…

Read more →

GitGuardian unveiled a comprehensive Non-Human Identity (NHI) security strategy with integrations across major secrets management platforms, addressing the growing challenge of secrets sprawl in enterprise environments. With Non-Human Identities—digital references used to authenticate machine-to-machine access—now outnumbering human users 100:1, organizations…

Read more →

Stairwell announces Stairwell Core, which enables organizations to privately collect, store, and continuously reassess executable files so they can confidently determine if malware has affected their systems. Core offers customers an accessible entry point into the Stairwell ecosystem, giving users…

Read more →

What was once primarily a technical role, CISOs now find themselves accountable for organizational risk, regulatory compliance, and even legal liabilities across the entire organization. However, as cyber threats intensify, it’s clear that overseeing cybersecurity operations enterprise-wide is not feasible…

Read more →