Category: Help Net Security

Onyxia Cyber unveiled OnyxAI to deliver insights that enable security leaders to proactively optimize security performance, resource allocation, and risk management. “We are seeing a real need in the market for security solutions that can simplify operations for CISOs, many…

Read more →

Synopsys introduced Polaris Assist, an AI-powered application security assistant on the Synopsys Polaris Software Integrity Platform. Polaris Assist combines Large Language Model (LLM) technology with decades of Synopsys’ application security knowledge and intelligence – including coding patterns, vulnerability detection rules,…

Read more →

There are proof-of-concept techniques allowing attackers to achieve persistence on Palo Alto Networks firewalls after CVE-2024-3400 has been exploited, the company has confirmed on Monday, but they are “not aware at this time of any malicious attempts to use these…

Read more →

The Federal Communications Commission (FCC) fined the nation’s largest wireless carriers for illegally sharing access to customers’ location information without consent and without taking reasonable measures to protect that information against unauthorized disclosure. Wireless carriers shared access to customers’ location…

Read more →

Cybersixgill, the global cyber threat intelligence data provider, broke new ground by introducing its Third-Party Intelligence module. The new module delivers vendor-specific cybersecurity and threat intelligence to organizations’ security teams, enabling them to continuously monitor and detect risks to their…

Read more →

ESET launched two new Managed Detection and Response (MDR) subscription tiers: ESET PROTECT MDR for small and medium businesses (SMBs) and ESET PROTECT MDR Ultimate for enterprises. These offerings are built on the foundation of ESET PROTECT Elite and ESET…

Read more →

ThreatX has extended its Runtime API and Application Protection (RAAP) offering to provide always-active API security from development to runtime, spanning vulnerability detection at Dev phase to protection at SecOps phase of the software lifecycle. By combining runtime detection and…

Read more →

CyberQP announced QGuard Pro, a solution with enhanced capabilities designed to exponentially increase technician efficiency, and a new API for Deployment are now generally available. QGuard Pro comes with Passwordless MFA for Technicians, which augments the provider’s Just-in-Time Account Creation…

Read more →

Tracecat is an open-source automation platform for security teams. The developers believe security automation should be accessible to everyone, especially understaffed small- to mid-sized teams. Core features, user interfaces, and day-to-day workflows are based on existing best practices from best-in-class…

Read more →

In this Help Net Security interview, Mike Lemberger, Visa’s SVP, Chief Risk Officer, North America, discusses the severe financial losses resulting from triangulation fraud, estimating monthly losses to range from $660 million to $1 billion among merchants. He also highlights…

Read more →

While every organization across every vertical is at risk of advanced email attacks, certain industries periodically become the go-to target for threat actors. In this Help Net Security video, Mick Leach, Field CISO at Abnormal Security, discusses why the automotive…

Read more →

Security industry leaders believe that AI and automation technologies are critical to addressing the complexities of modern security operations, according to Anomali. AI expected to boost threat detection In fact, security analysts maintain that up to 57% of their daily…

Read more →

Any password under seven characters can be cracked within a matter of hours, according to Hive Systems. The time it takes to crack passwords increases Due to the widespread use of stronger password hashing algorithms to protect data, the time…

Read more →

Organizations worldwide need talented, experienced, and knowledgeable cybersecurity teams who understand the advantages and risks of emerging technologies. Aspiring leaders in the cybersecurity field need more than just job experience. They need a diverse and robust set of skills that…

Read more →

The Product Security and Telecommunications Infrastructure (PSTI) Act has come into effect today, requiring manufacturers of consumer-grade IoT products sold in the UK to stop using guessable default passwords and have a vulnerability disclosure policy. “Most smart devices are manufactured…

Read more →

Silobreaker announced the addition of automatic collection, AI-enhanced analysis, and alerting on 8-K cybersecurity incident filings made to the US Securities and Exchange Commission (SEC). This enhancement to the Silobreaker platform empowers organizations to stay informed about critical cybersecurity incidents…

Read more →

Researchers have found two novel types of attacks that target the conditional branch predictor found in high-end Intel processors, which could be exploited to compromise billions of processors currently in use. The multi-university and industry research team led by computer…

Read more →

Credential stuffing attacks have exploded this April, Okta warns, and advises its customers to use available tools to block access requests originating from residential proxies before authentication takes place. Abuse of proxy networks “In credential stuffing attacks, adversaries attempt to…

Read more →

The Department of Homeland Security announced the establishment of the Artificial Intelligence Safety and Security Board (the Board). The Board will advise the Secretary, the critical infrastructure community, other private sector stakeholders, and the broader public on the safe and…

Read more →

Prompt Fuzzer is an open-source tool that evaluates the security of your GenAI application’s system prompt against dynamic LLM-based threats. Prompt Fuzzer features Simulation of over a dozen types of GenAI attacks The tool contextualizes itself automatically based on the…

Read more →