Category: Help Net Security

Researchers have brought to light a new attack method – dubbed TunnelVision and uniquely identified as CVE-2024-3661 – that can be used to intercept and snoop on VPN users’ traffic by attackers who are on the same local network. “This…

Read more →

CyberSaint released the NIST Cybersecurity Framework (CSF) Benchmarking Feature, which allows CISOs and security teams to measure their NIST posture against industry peers through a historical maturity graph on the CyberStrong Executive Dashboard. Organizations across industries struggle to compare themselves…

Read more →

Ghost Security announced the early access availability of Phantasm, application-specific threat intelligence poised to fill a large gap that currently exists in both threat intelligence and application security. Developed by a team of industry experts from Ghost Labs, the research…

Read more →

MITRE has shared a timeline of the recent breach if fell victim to and has confirmed that it began earlier than previously thought: on December 31, 2023. On that day, the attackers deployed a web shell on an external-facing Ivanti…

Read more →

Traceable AI has revealed an Early Access Program for its new Generative AI API Security capabilities. As enterprises increasingly integrate Generative AI such as Large Language Models (LLMs) into critical applications, they expose those applications to attacks that exploit the…

Read more →

RSA Conference 2024 is taking place at the Moscone Center in San Francisco. Help Net Security is on-site, and this gallery takes you inside the event. The featured vendors are: Sophos, NetSPI, IT-Harvest, Cisco, GitGuardian, Delinea, Splunk, Entrust, and Trellix.…

Read more →

MITRE is building a new capability intended to give its AI researchers and developers access to a massive increase in computing power. The new capability, MITRE Federal AI Sandbox, will provide better experimentation of next generation AI-enabled applications for the…

Read more →

Cloudflare announced Cloudflare for Unified Risk Posture, a new suite of risk management solutions designed to streamline the process of identifying, evaluating, and managing cyber threats that pose risk to an organization, across all environments. Powered by Cloudflare’s rich security…

Read more →

Inpher released SecurAI, a solution that protects the privacy and security of user inputs on large language models. This release of SecurAI leverages the NVIDIA H100 Tensor Core GPU for maximum speed and performance. “Enterprises need to harness the power…

Read more →

nodeQ has developed PQtunnel, a tool designed to assist businesses – ranging from SMEs to large enterprises – in transitioning their end-to-end (E2E) secure communication to PQC. This software application is available in two variants: PQtunnel TLS and PQtunnel SSH,…

Read more →

Forcepoint introduced Forcepoint ONE Data Security, an enterprise-grade unified cloud-managed solution designed to simplify data protection with zero-trust principles for all organizations. The new Forcepoint SaaS solution provides unified management for endpoint and multi-channel cloud data security, eliminating the need…

Read more →

Red Hat has launched Red Hat Enterprise Linux AI (RHEL AI), a foundation model platform that enables users to more seamlessly develop, test and deploy generative AI (GenAI) models. RHEL AI brings together the open source-licensed Granite large language model…

Read more →

Theori unveiled its latest security management solution, Xint. Xint streamlines and automates security operations across cloud and hybrid environments, providing comprehensive visibility throughout the entire security ecosystem. Xint integrates cloud security, external threat detection, and an advanced Offensive Security AI…

Read more →

Eclypsium announced new GenAI assessment capabilities for its Supply Chain Security Platform. The new capabilities help secure the fundamental layers of the GenAI tech stack through support for NVIDIA hardware and popular GenAI foundation models. As demand for GenAI skyrockets,…

Read more →

Veeam has patched a high-severity vulnerability (CVE-2024-29212) in Veeam Service Provider Console (VSPC) and is urging customers to implement the patch. About CVE-2024-29212 Veeam Service Provider Console is a cloud platform used by managed services providers (MSPs) and enterprises to…

Read more →

AppOmni unveiled AppOmni Zero Trust Posture Management (ZTPM), a solution set that strengthens security in modern infrastructures by bridging a critical gap in network-centric zero trust (ZT) architectures. Specifically, the framework provides visibility and monitoring into the configuration, security posture,…

Read more →

ExtraHop has revealed a set of AI tools in the RevealX platform designed to automate SOC workflows and relieve analyst fatigue. Against the backdrop of a rapidly expanding threat landscape and alert overload, SOC analysts are increasingly overworked and under-resourced.…

Read more →

Nudge Security announced new funding from Forgepoint Capital, which joins Ballistic Ventures in bringing the fast-growing startup’s seed funding to $16.5 million. Forgepoint Co-Founder and Managing Director Alberto Yépez will join the Nudge Security board. ‍ “With its patented, turnkey…

Read more →

AppViewX announced AVX ONE, a fully integrated SaaS-based CLM platform for PKI, IAM, security, DevOps, cloud, platform and application teams. AVX ONE provides enterprise scale, visibility, automation and control of certificates and keys. It enables governance, and remediation, and crypto-agility…

Read more →

New Relic launched Secure Developer Alliance. Industry leaders including FOSSA, Gigamon, Lacework, Aviatrix, and Opus are among the first to join the alliance, which provides them with pragmatic research, education, and guidance to implementing observable security. In addition, the Secure…

Read more →