Category: Help Net Security

Today’s pervasive cyberattacks are forcing the majority of companies to pay ransoms and break their ‘do not pay’ policies, with data recovery deficiencies compounding the problem, according to Cohesity. In fact, most companies have paid a ransom in the last…

Read more →

Varonis introduced Varonis Managed Data Detection and Response (MDDR), a managed service dedicated to stopping threats at the data level. Unlike traditional MDR services that are endpoint- and network-centric, MDDR focuses on threats to data. The offering combines Varonis’ award-winning…

Read more →

A deepfake video conference call paired with social engineering tricks has led to the theft of over US$25 million from a multinational firm, the South China Morning Post has reported. The scheme and the deepfake video conference call The attack…

Read more →

Metomic launched Metomic for ChatGPT, a technology that gives IT and security leaders full visibility into what sensitive data is being uploaded to OpenAI’s ChatGPT platform. The easy-to-use browser plugin enables businesses to take full advantage of the generative AI…

Read more →

OPSWAT announced new advancements to its MetaDefender Kiosk product line. In response to the escalating challenges faced by organizations in managing and handling threats originating from peripheral media such as USBs and bring-your-own-devices (BYOD), OPSWAT continues its commitment to innovation.…

Read more →

AnyDesk Software GmbH, the German company behind the widely used (and misused) remote desktop application of the same name, has confirmed they’ve been hacked and their production systems have been compromised. The statement was published on Friday evening and lacks…

Read more →

Latio Application Security Tester is an open-source tool that enables the usage of OpenAI to scan code from the CLI for security and health issues. Features and future plans James Berthoty, the creator of Latio Application Security Tester, told Help…

Read more →

Privacy is much more than a regulatory compliance matter. Findings from a new Cisco study highlight the growing Privacy concerns with GenAI, trust challenges facing organizations over their use of AI, and the attractive returns from privacy investment. “Organizations see…

Read more →

Escape’s security research team scanned 189.5 million URLs and found more than 18,000 exposed API secrets. 41% of exposed secrets were highly critical, i.e. could lead to financial risks for the organizations. Exposed API secrets The exposed secrets include hundreds…

Read more →

Cybersecurity strategies are essential components of modern organizations, designed to protect digital assets, sensitive information, and overall business continuity from potential cyber threats. As technology advances, the complexity and frequency of cyber attacks continue to grow, making it imperative for…

Read more →

Over the next few years, the number of organizations navigating to the cloud to advance their business goals is expected to grow exponentially. According to Gartner, more than 70% of enterprises will use cloud platforms to accelerate their business initiatives…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Prioritizing cybercrime intelligence for effective decision-making in cybersecurity In this Help Net Security interview, Alon Gal, CTO at Hudson Rock, discusses integrating cybercrime intelligence into…

Read more →

Verimatrix collaboration with AWS to further bolster scalability, availability and ease of use for its Streamkeeper Multi-DRM cloud-based OTT content security platform. Streamkeeper Multi-DRM, a multi-tenant platform deployed on the AWS cloud, is compatible with AWS SPEKE to work seamlessly…

Read more →

DDoS attack trends for the second half of 2023 reveal alarming developments in their scale and sophistication, according to Gcore. The maximum attack power rose from 800 Gbps (1H 2023) to 1.6 Tbps. UDP floods continue to dominate, constituting 62%…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from BackBox, ProcessUnity, SentinelOne, and Vade. ProcessUnity unveils all-in-one platform for third-party risk management With a single, configurable platform, ProcessUnity helps organizations manage the increasing complexity…

Read more →

In this Help Net Security interview, Roland Palmer, VP Global Operations Center at Sumo Logic, discusses key challenges and innovations of the NIS2 Directive, aiming to standardize cybersecurity practices across sectors. NIS2 mandates minimal cybersecurity requirements for member companies, encompassing…

Read more →

The European Commission adopted the implementing regulation concerning the EU cybersecurity certification scheme on Common Criteria (EUCC). The outcome aligns with the candidate cybersecurity certification scheme on EUCC that ENISA drafted in response to a request issued by the European…

Read more →

There is a misconception that only software and technology companies leverage crowdsourced security. However, data contradicts this belief. Companies across various sectors are increasingly adopting crowdsourced security, as reported by Bugcrowd. The government industry sector saw the fastest growth for…

Read more →

69% of identity-based incidents involved malicious logins from suspicious infrastructure, which are hosting providers or proxies that aren’t expected for a user or organization, according to Expel. Identity-based incidents accounted for 64% of all incidents investigated by the Expel SOC,…

Read more →

The FritzFrog cryptomining botnet has new potential for growth: a recently analyzed variant of the bot is exploiting the Log4Shell (CVE-2021-44228) and PwnKit (CVE-2021-4034) vulnerabilities for lateral movement and privilege escalation. The FritzFrog botnet The FritzFrog botnet, initially identified in…

Read more →