Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Cyber attacks on critical infrastructure show advanced tactics and new capabilities In this Help Net Security interview, Marty Edwards, Deputy CTO OT/IoT at Tenable, discusses…
Trellix announced the Trellix Zero Trust Strategy (ZTS) Solution, available immediately worldwide. Trellix ZTS is leveraging Trellix’s AI-powered XDR Platform to provide native monitoring, protection, and threat detection. The solution enables organizations to establish security hygiene and strengthen cyber resilience…
55% of organizations plan to adopt GenAI solutions within this year, signaling a substantial surge in GenAI integration, according to a Cloud Security Alliance and Google Cloud survey. The survey received 2,486 responses from IT and security professionals. The report…
Browser fingerprinting is one of many tactics phishing site authors use to evade security checks and lengthen the lifespan of malicious campaigns. While browser fingerprinting has been used by legitimate organizations to uniquely identify web browsers for nearly 15 years,…
Disruptive technologies like AI are heightening the longstanding tension between organizational security and employee productivity, according to 1Password. Employees are under increasing pressure to perform; to boost efficiency they’re embracing generative AI, hybrid and remote work, and unapproved applications and…
Here’s a look at the most interesting products from the past week, featuring releases from Fastly, LogRhythm, Owl Cyber Defense Solutions, and TrueMedia.org. Owl Talon 3 provides hardware-enforced, one-way data transfers Owl Cyber Defense Solutions launched next generation of their…
As businesses evolve, they often experience changes in roles, partnerships, and staff turnover. This dynamic can result in improper access to data and resources. Such mismanagement leads to superfluous expenses from excessive software licensing fees and heightens the risk of…
Texas-based Omni Hotels & Resorts has been responding to a cyberattack that started last Friday, which resulted in the unavailability of many of its IT systems. According to people staying at some of the 50 properties the company operates across…
The US Department of Commerce’s National Institute of Standards and Technology (NIST) has awarded cooperative agreements totaling nearly $3.6 million aimed at building the workforce needed to safeguard enterprises from cybersecurity risks. The grants of roughly $200,000 each will go…
Ivanti has released patches for new DoS vulnerabilities affecting Ivanti Connect Secure (SSL VPN solution) and Ivanti Policy Secure (NAC solution), some of which could also lead to execution of arbitrary code or information disclosure. Also, three months since attackers…
Avast released a new product tier to the Avast One suite: Avast One Silver. The new offering takes a modular approach to cyber security, allowing people to tailor their coverage based upon their needs, personal preferences, or risk profiles. The…
AI is quickly transforming how individuals create their own apps, copilots, and automations. This is enabling organizations to improve output and increase efficiency—all without adding to the burden of IT and the help desk. But while this transformation makes software…
Mantis is an open-source command-line framework that automates asset discovery, reconnaissance, and scanning. You input a top-level domain, and it identifies associated assets, such as subdomains and certificates. Mantis features The framework conducts reconnaissance on active assets and completes its…
There is an urgent need to secure tactical, operational, and strategic critical assets from the edge to the core. In this Help Net Security video, Geoffrey Mattson, CEO of Xage Security, discusses the steps enterprises and critical infrastructure must take…
In this Help Net Security interview, Eric Demers, CEO of Madaket Health, discusses prevalent cyber threats targeting healthcare organizations. He highlights challenges in protecting patient data due to infrastructure limitations and the role of employee awareness in preventing insider threats.…
67% of consumers across the globe are concerned about the security and privacy of AI, according to Bitdefender survey. AI uses personal data to feed its machine learning algorithms, and the rising amount has raised serious concerns about data storage,…
Microsoft still doesn’t known how Storm-0558 attackers managed to steal the Microsoft Services Account cryptographic key they used to forge authentication tokens needed to access email accounts belonging to US government officials. “The stolen 2016 MSA key in combination with…
Picus Security announced Picus Numi AI. As the latest innovation of the Picus Security Validation Platform, this generative AI security analyst empowers any member of a security team to access critical, up-to-date information about their security posture to make purposeful…
Bitwarden strengthened Bitwarden Passwordless.dev with the release of a magic links API. This offering empowers developers to incorporate passwordless authentication into their applications, providing a more secure and user-friendly experience for users. The magic links API enables developers to send…
The recent conspicuous faltering of the National Vulnerability Database (NVD) is “based on a variety of factors, including an increase in software and, therefore, vulnerabilities, as well as a change in interagency support,” says the U.S. National Institute of Standards…