Category: Help Net Security

Faction is an open-source solution that enables pentesting report generation and assessment collaboration. Josh Summitt, the creator of Faction, has always disliked the process of writing reports, preferring to focus on uncovering bugs. A key frustration for him was the…

Read more →

A new user is signing up for a SaaS application. On the one hand, UX teams want that user to get into the app as quickly as possible. On the other hand, security teams want the user to strongly validate…

Read more →

In this Help Net Security video, Yochai Corem, CEO of Cyberint, explores the ransomware environment’s development, effects, and emerging patterns throughout the previous year. 2023 marked a historic high for ransomware groups, with a 55.5% increase in attacks, reaching 4,368…

Read more →

Despite stringent regulations and calls for ‘security by design’, organizations are still failing to equip teams with the knowledge to secure code, according to Security Journey. In fact, only 20% of respondents were confident in their ability to detect a…

Read more →

To manage an environment of increasing risks and limited resources, healthcare internal audit and compliance departments must align their risk assessments and audit work plans to areas most vital to achieving the strategic goals and business objectives of their organizations,…

Read more →

Dynatrace announced it signed a definitive agreement to acquire Runecast, a provider of AI-powered security and compliance solutions. Adding Runecast to the Dynatrace platform will extend Dynatrace contextual security protection and analytics with Runecast security posture management. This will enable…

Read more →

Juniper Networks announced an AI-Native Networking Platform, purpose-built to leverage AI to assure the best end-to-end operator and end-user experiences. Trained on seven years of insights and data science development, Juniper’s AI-Native Networking Platform was designed from the ground up…

Read more →

Several proof-of-concept (PoC) exploits for a recently patched critical vulnerability (CVE-2024-23897) in Jenkins has been made public and there’s evidence of exploitation in the wild. About CVE-2024-23897 Jenkins is a widely used Java-based open-source automation server that helps developers build,…

Read more →

Networks serve as the backbone of modern communication and business operations, facilitating seamless data exchange and connectivity. However, the increasing complexity of networks also brings forth heightened security challenges. Robust network security measures are essential to safeguard against cyber threats,…

Read more →

2024 is shaping up to be a record-breaking year for data breaches, according to Experian. Despite 2023 being labeled as a ‘successful’ year for malicious actors, the upcoming months may bring forth developments that could further disrupt the cybersecurity landscape.…

Read more →

In the last year, the world’s critical infrastructure – the medical, power, communications, waste, manufacturing, and transportation equipment that connects people and machines – has been under near-constant attack, according to Forescout. Despite the formidable challenges posed by the ongoing…

Read more →

In this Help Net Security interview, Alon Gal, CTO at Hudson Rock, discusses integrating cybercrime intelligence into existing security infrastructures. Our discussion will cover a range of essential aspects, from the importance of continuous adaptation in cybersecurity strategies to practical…

Read more →

With organizations increasingly relying on third-party vendors, upping the third-party risk management (TPRM) game has become imperative to prevent the fallout of third-party compromises. Third-party risks SecurityScorecard recently found that 98% of organizations are connected with at least one third-party…

Read more →

There’s a good reason why ransomware gangs started exfiltrating victims’ data instead of just encrypting it: those organizations pay more. University of Twente researcher Tom Meurs and his colleagues wanted to know which factors influence victims to pay the ransom…

Read more →

88% of organizations still use passwords as their primary method of authentication, according to Specops Software. The report found that 31.1 million breached passwords had over 16 characters, showing longer passwords aren’t safe from being cracked. 40,000 admin portal accounts…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from 1Kosmos, Atakama, Onfido, Regula, Searchlight Cyber, Seceon, and Veriti. Onfido Compliance Suite simplifies local and global identity verification Onfido’s Compliance Suite introduces Qualified Electronic Signature…

Read more →

In this Help Net Security interview, Amber Schroader, CEO at Paraben Corporation, discusses the challenges posed by the complexity of modern computer systems and networks on digital evidence collection. Schroader talks about the impact of exponential data growth on forensic…

Read more →

The past year saw developments and updates to privacy regulations across the globe—from India’s Personal Data Protection Bill to Brazil’s General Data Protection Law, according to ISACA. However, only 34% of organizations say they find it easy to understand their…

Read more →

Growing environmental, social, and governance (ESG) expectations and expanding global regulation are propelling organizations to consider implementing a stand-alone human rights policy, according to Gartner. Public focus on human rights Shareholder proposals and media reports continue to put human rights…

Read more →

Vercara is introducing a new Private Data Lake feature to its UltraDNS product. The UltraDNS Private Data Lake offers a novel approach to managing and analyzing DNS data, providing businesses with access to their entire DNS query data and advanced…

Read more →