Category: Help Net Security

ArmorCode announced it closed a pre-emptive $40 million Series B round to advance its mission of helping companies ship secure software fast and at scale. Premier venture firm HighlandX led the round, joined by NGP Capital, along with participation from…

Read more →

Iran-affiliated attackers CyberAv3ngers continue to exploit vulnerable Unitronics programmable logic controllers (PLCs), US and Israeli authorities have said in a joint cybersecurity advisory. CyberAv3ngers targeting Unitronics PLCs CISA has recently confirmed that Iran-affiliated attackers took over a Unitronics Vision Series…

Read more →

Scammers are hijacking hotels’ Booking.com accounts and using them as part of a hotel booking scam aimed at tricking guests into sharing their payment card information. “Customers of multiple properties received email or in-app messages from Booking.com that purported to…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Vulnerability disclosure: Legal risks and ethical considerations for researchers In this Help Net Security interview, Eddie Zhang, Principal Consultant at Project Black, explores the complex…

Read more →

A cybersecurity budget is an allocation of resources, both financial and otherwise, dedicated to protecting an organization’s digital assets from cyber threats. This includes funds for security software, hardware, training, and personnel. A well-structured cybersecurity budget ensures that an organization…

Read more →

In their 2024 cybersecurity outlook, WatchGuard researchers forecast headline-stealing hacks involving LLMs, AI-based voice chatbots, modern VR/MR headsets, and more in the coming year. Companies and individuals are experimenting with LLMs to increase operational efficiency. But threat actors are learning…

Read more →

According to Cisco, only 14% of organizations worldwide are ready to implement and utilize AI technologies. The report found that 61% of respondents indicated they have a maximum of one year to deploy their AI strategy before there’s a negative…

Read more →

Artificial intelligence (AI) is a topic that’s currently on everyone’s minds. While in some industries there is concern it could replace workers, other industries have embraced it as a game-changer for streamlining processes, automating repetitive tasks, and saving time. But…

Read more →

Voltron Data introduced Theseus, a distributed execution engine built to solve today’s data processing challenges at a scale beyond the capabilities of CPU-based analytics systems like Apache Spark. Theseus is available to enterprises and government agencies as well as through…

Read more →

Cable launched Transaction Assurance, pioneering a new wave of financial crime compliance and transaction testing. “In recent years, we’ve witnessed a surge in compliance lapses, highlighted by billions in fines levied against major institutions for financial crime failures. These cases…

Read more →

Hitachi Vantara announced Pentaho+, an integrated platform from the Pentaho software business designed to help organizations connect, enrich, and transform operations with refined, reliable data necessary for AI and generative AI accuracy. Automating the work of complex data management with…

Read more →

Attackers are exploiting three critical vulnerabilities in internet-facing Qlik Sense instances to deliver Cactus ransomware to target organizations, Arctic Wolf researchers have warned. The exploited vulnerabilities Qlik Sense is a business intelligence and data analytics solution popular with governmental organizations…

Read more →

Zyxel has patched six vulnerabilities affecting its network attached storage (NAS) devices, including several (OS) command injection flaws that can be easily exploited by unauthenticated attackers. The vulnerabilities in Zyxel NAS devices One of the six plugged security holes is…

Read more →

With the latest round of security updates, Apple has fixed two zero-day WebKit vulnerabilities (CVE-2023-42916, CVE-2023-42917) that “may have been exploited against versions of iOS before iOS 16.7.1.” About the vulnerabilities (CVE-2023-42916, CVE-2023-42917) CVE-2023-42916 is a out-of-bounds read flaw, while…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Amazon, Datadog, Entrust, Fortanix, GitHub, Nitrokey, and Paladin Cloud. Amazon One Enterprise palm-based identity service improves security of physical spaces, digital assets Amazon One Enterprise…

Read more →

With the proliferation of SaaS applications, remote work and shadow IT, organizations feel obliged to embrace cloud-based cybersecurity. And rightly so, because the corporate resources, traffic, and threats are no longer confined within the office premises. Cloud-based security initiatives, such…

Read more →

Nearly 72% of applications in the financial services sector contain security flaws, according to Veracode. Despite the alarming figure, this rate of software vulnerability was the lowest of all industries analyzed and has improved since last year. The research also…

Read more →

97% of US-based CIOs expressed serious concerns about at least one cybersecurity threat, according to Opengear. Failing to have the correct human oversight over the network can open up opportunities for cybercriminals to find vulnerabilities in underserved setups. It’s perhaps…

Read more →

Flow Security announced its extension to GenAI Security with the launch of a new GenAI DLP module. The widespread use of Generative AI, while leading to advancements across the enterprise and fueling exceptional innovation, has led to increasing concern over…

Read more →

Secret Double Octopus (SDO) has enhanced its Passwordless MFA platform to offer government- caliber identity verification to enterprises who need high-assurance login for privileged business and technical users. SDO’s new Proximity Assurance feature uses familiar mobile push notifications to cryptographically…

Read more →