Category: Help Net Security

Fortinet has patched critical remote code execution vulnerabilities in FortiOS (CVE-2024-21762, CVE-2024-23313), one of which is “potentially” being exploited in the wild. The exploitation-in-the-wild has been confirmed by CISA, by adding it to its Known Exploited Vulnerabilities (KEV) catalog, though…

Read more →

OneTrust announced its newest platform features that make it easier for customers to govern their use of AI and accelerate AI innovation, ensure the responsible use of data across the entire data lifecycle, and achieve compliance program efficiency through enhanced…

Read more →

While most organizations focus cybersecurity efforts on fortifying their networks, the mobile devices connected to them often remain vulnerable. In addressing this gap, the Center for Internet Security (CIS) introduces CIS Endpoint Security Services (ESS) Mobile, a tailored solution offered…

Read more →

Bugcrowd has secured $102 million in strategic growth funding to scale its AI-powered crowdsourced security platform offerings globally. Led by General Catalyst, with participation from longtime existing investors Rally Ventures and Costanoa Ventures, this funding round underscores investor confidence in…

Read more →

Visa announced extended digital wallet capabilities within Visa Commercial Pay, a suite of B2B payment solutions built in partnership with Conferma Pay to revolutionize how businesses manage transactions globally. The innovation enables financial institutions to add virtual corporate cards into…

Read more →

Files encrypted by Rhysida ransomware can be successfully decrypted, due to a implementation vulnerability discovered by Korean researchers and leveraged to create a decryptor. About Rhysida Rhysida is a relatively new ransomware-as-a-service gang that engages in double extortion. First observed…

Read more →

In this Help Net Security interview, Yaron Edan, CISO at REE Automotive, discusses the cybersecurity landscape of the automotive industry, mainly focusing on electric and connected vehicles. Edan highlights the challenges of technological advancements and outlines strategies for automakers to…

Read more →

As we enter 2024, ransomware remains the most significant cyberthreat facing businesses, according to Malwarebytes. Malwarebytes reveals that the United States accounted for almost half of all ransomware attacks in 2023. “Small and medium-sized organizations face a deluge of cyber…

Read more →

In this Help Net Security video, Andy Thompson, Offensive Cybersecurity Research Evangelist at CyberArk, discusses the dire consequences of hacking water systems and why their cybersecurity must be prioritized. From contaminating water supplies to disrupting essential services, the impact of…

Read more →

SiCat is an open-source tool for exploit research designed to source and compile information about exploits from open channels and internal databases. Its primary aim is to assist in cybersecurity, enabling users to search the internet for potential vulnerabilities and…

Read more →

2024 is expected to witness a surge in cyberattacks driven by global events and the widespread accessibility of advanced technologies. In this Help Net Security round-up, we present segments from previously recorded videos where cybersecurity experts discuss predictions for 2024,…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: How CISOs navigate policies and access across enterprises In this Help Net Security interview, Marco Eggerling, Global CISO at Check Point, discusses the challenge of…

Read more →

The FCC has revealed the unanimous adoption of a Declaratory Ruling that recognizes calls made with AI-generated voices are “artificial” under the Telephone Consumer Protection Act (TCPA). The ruling, which takes effect immediately, makes voice cloning technology used in common…

Read more →

Action1 announced its latest release and the introduction of a new guiding concept for its business. The latest feature update contains multiple enhancements to the Action1 platform, empowering customers to bring their patching efforts ‘down to science,’ ensuring precision and…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Cisco, Metomic, OPSWAT, Qualys, and Varonis. Varonis MDDR helps organizations prevent data breaches Varonis introduced Varonis Managed Data Detection and Response (MDDR), a managed service…

Read more →

Have you ever been swept away by an enticing headline and didn’t bother to probe the news in-depth? You might have shared an eye-catching news story or engaged with a compelling post, only to realize later that what appeared to…

Read more →

January 2024 Patch Tuesday is behind us. A relatively light release from Microsoft with 39 CVEs addressed in Windows 10, 35 in Windows 11, and surprisingly no zero-day vulnerabilities from Microsoft to start the new year. January’s release was a…

Read more →

97% of office workers across the UK and US trust their cybersecurity team’s ability to prevent or minimize damage from cyberattacks, according to CybSafe. The study examining attitudes towards cybersecurity teams within organizations has uncovered that despite minor issues around…

Read more →

In this Help Net Security interview, Robin Long, founder of Kiowa Security, shares insights on how best to approach the implementation of the ISO/IEC 27001 information security standard. Long advises organizations to establish a detailed project roadmap and to book…

Read more →

Nearly half of businesses reported a growth in synthetic identity fraud, while biometric spoofs and counterfeit ID fraud attempts also increased, according to AuthenticID. Consumers and businesses alike are facing new challenges in today’s digital existence, from considering the ramifications…

Read more →