Category: Help Net Security

Qualys is expanding Qualys CyberSecurity Asset Management (CSAM) to identify unmanaged and untrusted devices in real-time. Leveraging the Qualys Cloud Agent to continuously monitor the network, this passive discovery method complements scans, agents, and API-based discovery to build a comprehensive…

Read more →

Graylog released a free version of Graylog API Security. This API discovery and monitoring tool makes API security accessible to enterprises of all sizes at a time when API-related attacks are on the rise. Uniquely, Graylog API Security enables organizations…

Read more →

The FBI has disrupted the KV botnet, used by People’s Republic of China (PRC) state-sponsored hackers (aka “Volt Typhoon”) to target US-based critical infrastructure organizations. A botnet for probing critical infrastructure organizations The threat actors used the KV botnet malware…

Read more →

Secureworks launched AI-powered Threat Score to silence alert noise and reduce security analyst workload by over 50%. With ransomware dwell times falling, security analysts are under more pressure than ever to make the right decisions about which alerts they investigate.…

Read more →

Dynatrace announced it has extended its analytics and automation platform to provide holistic observability and security for LLMs and generative AI-powered applications. This enhancement to the Dynatrace platform enables organizations worldwide to embrace generative AI confidently and cost-effectively as part…

Read more →

In a significant stride towards enhancing network security, BackBox introduces Zero Trust Network Operations (ZTNO). This offering is a best practice framework with six actionable pillars to automate cybersecurity considerations at the network layer for NetOps teams. To simplify ZTNO…

Read more →

A financially motivated threat actor tracked as UNC4990 is using booby-trapped USB storage devices and malicious payloads hosted on popular websites such as Ars Technica, Vimeo, GitHub and GitLab to surreptitiously deliver malware. Another interesting detail about UNC4990 it’s mostly…

Read more →

Protect AI announced it has acquired Laiyer AI. With the acquisition, Protect AI will be offering a commercial version of Laiyer AI’s open source LLM Guard with expanded features, capabilities, and integrations within the Protect AI platform. LLM Guard is…

Read more →

82% of cybersecurity professionals have been working on implementing zero trust last year, and 16% should be on it by the end of this year. The challenges of zero trust implementation You’ve probably heard it before: zero trust is not…

Read more →

In this Help Net interview, Isaac Evans, CEO at Semgrep, discusses the balance between speed and thoroughness in CI/CD pipeline security scanning. Stressing the need to avoid slowing down the process, he recommends a nuanced approach, utilizing custom rules to…

Read more →

CVEMap is an open-source command-line interface (CLI) tool that allows you to explore Common Vulnerabilities and Exposures (CVEs). It’s designed to offer a streamlined and user-friendly interface for navigating vulnerability databases. Although CVEs are crucial for pinpointing and discussing security…

Read more →

96% of US companies were targeted with at least one fraud attempt in the past year, according to Trustpair. 83% of US companies saw an increase in cyber fraud attempts on their organization in the past year. Fraudsters primarily used…

Read more →

As organizations handle increasing amounts of data daily, AI offers advanced capabilities that would be harder to achieve with traditional methods. In this Help Net Security video, Tyler Young, CISO at BigID, explores AI’s challenges, triumphs, and future in cybersecurity.…

Read more →

Here’s a look at the most interesting products from the past month, featuring releases from: 1Kosmos, Atakama, Critical Start, Dasera, ID R&D, Living Security, Onfido, Regula, Searchlight Cyber, Seceon, Skopenow, Skyhigh Security, SpecterOps, Veriti, and Wing Security. SpecterOps adds new…

Read more →

Vade announced that it has pioneered a new method that improves the confidence of its spear-phishing detection engine. The enhancement, designed to combat advanced threats including those produced by generative AI, leverages threat samples created by artificial technology and human…

Read more →

A zero-day vulnerability that, when triggered, could crash the Windows Event Log service on all supported (and some legacy) versions of Windows could spell trouble for enterprise defenders. Discovered by a security researcher named Florian and reported to Microsoft, the…

Read more →

With more of the vehicle buying journey shifting online and vehicle prices remaining at elevated levels, fraudsters are targeting the automotive industry at an increasing rate. To address the rising threat, Experian launched Fraud Protect, a web-based application that helps…

Read more →

Kentik launched Kentik AI to give any engineer, operator, architect, or developer the ability to troubleshoot complex networks. The company is simultaneously launching a modern and AI-assisted Network Monitoring System (Kentik NMS) to enable teams to observe, manage, and optimize…

Read more →

VikingCloud announced THOR AI (Threat Hunting and Orchestrated Response), a generative AI-powered cybersecurity chatbot. The new complimentary cyber defense tool is designed to assist companies of all sizes find more vulnerabilities faster – before they become disruptive threats to their…

Read more →

Jetico released an update of BCWipe Total WipeOut. Addressing concerns of meeting the NIST hard drive wipe requirements, the new version of the software allows users to erase hard drive data and follow the guidelines in a single click. The…

Read more →