Category: Help Net Security

In this Help Net Security video, Karen Schuler, Global Privacy & Data Protection Chair at BDO, discusses overconfidence in data privacy and data protection practices. There is an apparent disconnect between tech CFOs’ confidence and consumer perceptions. BDO’s 2024 Technology…

Read more →

A fraudulent app named “LassPass Password Manager” that mimics the legitimate LastPass mobile app can currently be found on Apple’s App Store, the password manager maker is warning. The fraudulent app on Apple’s App Store “The app in question is…

Read more →

Invicti Security and Mend.io have partnered to bring the full spectrum of application security testing and supply chain security tools to customers. This partnership pairs Invicti’s DAST, IAST, and API Security domains with Mend’s SAST, SCA, and Container Security solutions…

Read more →

DigitalOcean announced the next evolution of DigitalOcean Backups, an offering that protects users from data disruptions and supports business continuity through enhanced daily, system-level backups of DigitalOcean Droplets. Through these more frequent and faster backups, startups, independent software vendors (ISVs),…

Read more →

F5 announced new capabilities that reduce the complexity of protecting and powering the exploding number of applications and APIs at the heart of modern digital experiences. As AI accelerates the growth of applications and the APIs that connect them, F5…

Read more →

VikingCloud announced CCS Advantage, a self-service Payment Card Industry Data Security Standard (PCI DSS) compliance and cybersecurity program for Level 4 (L4) businesses. CCS Advantage integrates VikingCloud’s new Cyber Risk Score and proprietary threat scanning technology into its global PCI…

Read more →

Akira and Lockbit ransomware groups are trying to breach Cisco ASA SSL VPN devices by exploiting several older vulnerabilities, security researcher Kevin Beaumont is warning. They are targeting vulnerabilities for which patches have been made available in 2020 and 2023.…

Read more →

Kyndryl announced an expanded partnership with Google Cloud to develop responsible generative AI solutions and to accelerate adoption among customers. Kyndryl and Google Cloud have worked together since 2021 to help global businesses transform with Google Cloud’s advanced AI capabilities…

Read more →

For more than 12 years, I’ve been organizing and running hackathons with the goal of finding security vulnerabilities and fixing them before a product hits the market. These events can play a pivotal role in the product development lifecycle, increasing…

Read more →

SOAPHound is an open-source data collection tool capable of enumerating Active Directory environments through the Active Directory Web Services (ADWS) protocol. How SOAPHound works SOAPHound is a substitute for various open-source security tools typically employed for extracting data from Active…

Read more →

In this Help Net Security interview, Anya Shpilman, Senior Executive, Cyber Security Services at WDigital, discusses the benefits and potential risks of outsourcing cybersecurity services. She compares the cost-effectiveness of outsourcing to maintaining an in-house team, noting the challenges of…

Read more →

As-a-service attacks continue to dominate the threat landscape, with Malware-as-a-Service (MaaS) and Ransomware-as-a-Service (RaaS) tools making up the majority of malicious tools in use by attackers, according to Darktrace. Cybercriminals exploit as-a-Service tools As-a-Service tools can provide attackers with everything…

Read more →

OAuth apps have become prominent in several attack groups’ TTPs in recent years. OAuth apps are used for every part of the attack process. In this Help Net Security video, Tal Skverer, Research Team Lead at Astrix Security, shares insights…

Read more →

Securiti AI released AI Security & Governance offering, providing a solution to enable safe adoption of AI. It combines comprehensive AI discovery, AI risk ratings, Data+AI mapping and advanced Data+AI security & privacy controls, helping organizations adhere to global standards…

Read more →

Qualys unveiled TotalCloud 2.0. This significant upgrade to Qualys’ AI-powered cloud native application protection platform (CNAPP) delivers a single prioritized view of cloud risk and is the first to extend its protection to SaaS applications. The shift toward multi-cloud and…

Read more →

Chinese state-sponsored hackers have breached the Dutch Ministry of Defense (MOD) last year and deployed a new remote access trojan (RAT) malware to serve as a backdoor. “The effects of the intrusion were limited because the victim network was segmented…

Read more →

SolarWinds announced enhancements to its SaaS-based and self-hosted, on-premises observability solutions built to monitor and observe complex, distributed environments from anywhere. The AI-powered enhancements enable teams to manage on-prem, hybrid, or cloud-native ecosystems with full-stack visibility across networks, infrastructure, databases,…

Read more →

Though there are organizations out there investigating how commercial spyware is misused to target journalists, human rights defenders and dissidents, the growing market related to the development and sale of this type of software and the exploits used to deploy…

Read more →

OneTrust introduced Data Privacy Maturity Model. The model provides privacy, security, marketing, and data teams with the resources to transform their privacy programs from tactical compliance initiatives that mitigate risk, to strategic customer trust imperatives that unlock the value of…

Read more →

DynaRisk launched Cyber Intelligence Data Lake. This major feature upgrade propels the company’s capabilities in preventing and predicting hacker activity. DynaRisk’s Cyber Intelligence Data Lake is a leap forward in the cyber risk management landscape, offering next-generation intelligence quickly and…

Read more →