Category: Help Net Security

Industrial Defender announced a strategic technology partnership with Dragos. The collaboration between these leaders in OT cybersecurity integrates their respective platform capabilities, representing a major move towards combining their leading strengths to enhance outcomes for OT operators. The partnership is…

Read more →

In the new stable release of the Chrome browser, Google has fixed three security vulnerabilities affecting the V8 engine, including one zero-day (CVE-2024-0519) with an existing exploit. About CVE-2024-0519 V8 is an open-source JavaScript and WebAssembly engine developed by the…

Read more →

Navigating layoffs is complex and difficult for many reasons. Not only do human resources and direct managers bear the onus of responsibility when conducting exit conversations, but security teams should also make the necessary preparations for monitoring anomalies in employee…

Read more →

In this Help Net Security interview, Chris Mixter, Vice President, Analyst at Gartner, discusses the dynamic world of CISOs and how their roles have evolved significantly over the years. He outlines the critical skills for CISOs in 2024, addresses the…

Read more →

Employees play a significant role in safeguarding organizational assets. With a constantly evolving threat landscape, cybersecurity awareness training is an essential component in creating a good security culture. Why cybersecurity awareness training? 81% of organizations were hit by malware, phishing,…

Read more →

In this Help Net Security video, Peter Manev, Chief Strategy Officer at Stamus Networks, discusses a pervasive problem plaguing security analysts called “alert fatigue,” – which occurs when security teams become desensitized to an overwhelming volume of alerts, causing them…

Read more →

Increasing data requests overwhelm IT teams, but security concerns hinder their ability to provide employees with access to timely data, according to CData Software. The majority of Ops professionals feel that they are prohibited from accessing the data they need…

Read more →

Atlassian has patched a critical vulnerability (CVE-2023-22527) in Confluence Data Center and Confluence Server that could lead to remote code execution. The good news is that the flaw was fixed in early December 2023 with the release of versions 8.5.4…

Read more →

Fortinet announced a comprehensive secure networking solution integrated with Wi-Fi 7. Fortinet’s first Wi-Fi 7 access point, FortiAP 441K, delivers increased speed and capacity, and the new FortiSwitch T1024 is purpose-built with 10 Gigabit Ethernet (GE) access and 90W Power…

Read more →

Skopenow launched Grid, its new 360-degree situational awareness solution. Grid equips security, intelligence, and investigative teams worldwide with enhanced proactive threat intelligence capabilities, enabling real-time detection of risks to people, assets, and operations. In a global landscape marked by uncertainty,…

Read more →

Over 1,700 Ivanti Connect Secure VPN devices worldwide have been compromised by attackers exploiting two zero-days with no patches currently available. “Additional threat actors beyond UTA0178 appear to now have access to the exploit and are actively trying to exploit…

Read more →

Accenture and SandboxAQ are partnering to deliver AI and quantum computing solutions to help organizations identify and remediate cybersecurity vulnerabilities. According to recent Accenture research, executives’ top concern for 2024 is the ability to adapt to advancements in technology and…

Read more →

As cyber threats grow more sophisticated, understanding and implementing robust cybersecurity frameworks is crucial for organizations of all sizes. This article lists the most essential cybersecurity frameworks developed to guide businesses and governments in safeguarding their digital assets. From the…

Read more →

OAuth attacks are on the rise. In December, the Microsoft Threat Intelligence team observed threat actors misusing OAuth apps to take over a cloud server and mine cryptocurrency, establish persistence following business email compromise and launch spam activity using the…

Read more →

Tsurugi Linux is a heavily customized open-source distribution focused on supporting DFIR investigations. The project focuses mainly on live forensics analysis, post-mortem analysis, and digital evidence acquisition. Users can also perform malware analysis, OSINT and computer vision activities. “We’ve crafted…

Read more →

Misinformation and disinformation are biggest short-term risks, while extreme weather and critical change to Earth systems are greatest long-term concern, according to the Global Risks 2024 Report from the World Economic Forum. Against a backdrop of systemic shifts in global…

Read more →

A vulnerability (CVE-2023-36025) that Microsoft fixed in November 2023 continues to be exploited by malware peddlers: this time around, the delivered threat is a variant of the Phemedrone Stealer. About the malware Phemedrone Stealer is a piece of malware written…

Read more →

Trellix announced Trellix XDR Platform for Ransomware Detection and Response (RDR), available immediately worldwide. Trellix XDR Platform for RDR provides visibility across an organization’s entire security ecosystem and delivers critical coverage for each stage of a ransomware campaign. The solution…

Read more →

Trellix announced Trellix XDR Platform for Ransomware Detection and Response (RDR), available immediately worldwide. Trellix XDR Platform for RDR provides visibility across an organization’s entire security ecosystem and delivers critical coverage for each stage of a ransomware campaign. The solution…

Read more →

Juniper Networks has fixed a critical pre-authentication remote code execution (RCE) vulnerability (CVE-2024-21591) in Junos OS on SRX firewalls and EX switches. About CVE-2024-21591 CVE-2024-21591 is an out-of-bounds write vulnerability that could allow an unauthenticated, network-based threat actor to carry…

Read more →