Commvault launched Cloud Rewind on the Commvault Cloud platform. This offering, which integrates cloud-native distributed application recovery and rebuild capabilities from the Appranix acquisition, gives cloud-first organizations a secret weapon to transform their cyber resilience capabilities. Today, when organizations are…
Category: Help Net Security
Frontegg Flows simplifies customer identity processes
Frontegg launched Flows, a journey-time orchestration capability that uses generative AI to simplify the creation of advanced customer identity processes. As growing businesses emerge from startup mode and enter scale-up mode, their user identities start to enter the thousands. In…
Edgio Premier Bot Manager detects, classifies and mitigates bot traffic
Edgio launched Premier Bot Manager, a next-generation bot management solution designed to protect enterprise applications against increasingly sophisticated automated threats. Premier Bot Manager introduces enhanced detection capabilities, AI-powered threat intelligence, and granular categorization of known and unknown bot attacks, providing…
Trulioo Fraud Intelligence fights fraud during onboarding
Trulioo launched Trulioo Fraud Intelligence, a new capability that delivers predictive risk insights across more than 195 countries. Trulioo Fraud Intelligence transforms how global businesses fight synthetic and third-party fraud. The capability provides comprehensive coverage across diverse markets by combining…
Bitwarden integrates with Microsoft Sentinel to strengthen real-time threat detection
Bitwarden expanded its integration capabilities with the release of a Microsoft Sentinel integration to enhance security information and event management (SIEM) for organizations. Security teams can now monitor, detect, and respond to password management, account access activities, and potential threats…
Tidal Cyber empowers organizations to improve their protection efforts
Tidal Cyber announced that it now incorporates test results from Breach and Attack Simulation (BAS) tools and other sources to complement the company’s existing Threat-Informed Defense capabilities. With this new integration, Tidal Cyber Enterprise Edition users can gain greater insight…
Guide for selecting the right GRC framework, EU edition
Governance, risk, and compliance frameworks are critical. They enable cybersecurity professionals to accurately identify an organization’s risk posture, align business and strategic objectives with technology, and meet compliance responsibilities. However, selecting the right framework can be challenging. Inside this guide…
YARA: Open-source tool for malware research
YARA is a powerful tool designed primarily to aid malware researchers in identifying and categorizing malware samples, though its applications are broader. The tool enables users to create detailed descriptions, or “rules,” for malware families or any other target based…
GoldenJackal APT group breaches air-gapped systems in Europe
ESET researchers have discovered a series of attacks that took place in Europe from May 2022 to March 2024, where the attackers used a toolset capable of targeting air-gapped systems, in a governmental organization of a European Union country. Cyberespionage…
Cultivating a security-first mindset: Key leadership actions
In this Help Net Security interview, Emily Wienhold, Cyber Education Specialist at Optiv, discusses how business leaders can promote a security-first culture within their organizations. Wienhold also discusses strategies for maintaining ongoing cybersecurity awareness and making security protocols accessible to…
Cybersecurity jobs available right now: October 9, 2024
Cloud Cybersecurity Analyst III Texas Health and Human Services | USA | Hybrid – View job details As a Cloud CSAIII, you will be responsible for designing, implementing, and managing security solutions for cloud environments. You will ensure that cloud…
30% of customer-facing APIs are completely unprotected
70% of customer-facing APIs are secured using HTTPS, leaving nearly one-third of these APIs completely unprotected, according to F5. This is a stark contrast to the 90% of web pages that are now accessed via HTTPS, following the push for…
Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572)
For October 2024 Patch Tuesday, Microsoft has released fixes for 117 security vulnerabilities, including two under active exploitation: CVE-2024-43573, a spoofing bug affecting the Windows MSHTML Platform, and CVE-2024-43572, a remote code execution flaw in the Microsoft Management Console (MMC).…
Ivanti fixes three CSA zero-days exploited in the wild (CVE-2024-9379, CVE-2024-9380, CVE-2024-9381)
Ivanti has patched three additional Cloud Service Appliance (CSA) zero-day flaws, which have been exploited by attackers in conjuction with a zero-day bug the company accidentally fixed in September. The fixed zero-days “We are aware of a limited number of…
OpenBSD 7.6 released: security improvements, new hardware support, and more!
OpenBSD is a free, multi-platform 4.4BSD-based UNIX-like operating system. The 57th release, OpenBSD 7.6, comes with new features, various improvements, bug fixes, and tweaks. Security improvements Added -fret-clean option to the compiler, defaulting to off. This new option causes the…
Dashlane Credential Risk Detection prevents credential-based breaches
Dashlane launched Credential Risk Detection, a solution that continuously monitors and detects at-risk credential activity in real-time across the workforce, whether employees use a password manager or not. The web extension-based solution is the latest Dashlane innovation that shifts credential…
Data Theorem Code Secure helps security and DevOps teams secure their software
Data Theorem launched Code Secure, the latest evolution in application security designed to protect the software supply chain from code to deployment. Code Secure uniquely integrates Static Application Security Testing (SAST), Software Composition Analysis (SCA), and Supply Chain Security capabilities—including…
Juniper Secure AI-Native Edge accelerates detection of potential network threats
Juniper Networks announced its new Juniper Secure AI-Native Edge solution, with a new Security Assurance product, combining Juniper Mist’s AI-Native and cloud-native network operations with the efficacy security solution. By integrating network and security operations together under a single cloud…
OTAVA S.E.C.U.R.E. Score simplifies cybersecurity strategy for businesses
OTAVA introduced the OTAVA S.E.C.U.R.E. Score to help businesses further improve their security posture. The S.E.C.U.R.E. Score is a dynamic metric that assesses vulnerabilities, and makes recommendations on how to close security gaps and minimize risk. The S.E.C.U.R.E. acronym stands…
Qualcomm zero-day under targeted exploitation (CVE-2024-43047)
An actively exploited zero-day vulnerability (CVE-2024-43047) affecting dozens of Qualcomm’s chipsets has been patched by the American semiconductor giant. About CVE-2024-43047 On Monday, Qualcomm has confirmed patches for 20 vulnerabilities affecting both proprietary and open source software running on its…