Category: Help Net Security

In this Help Net Security interview, Omkhar Arasaratnam, General Manager at the Open Source Security Foundation (OpenSSF), discusses the evolution of memory-safe programming languages and their emergence in response to the limitations of languages like C and C++. Memory safety…

Read more →

In this Help Net Security video, Mike Britton, CISO at Abnormal Security, discusses how energy and infrastructure organizations face an increased risk of business email compromise and vendor email compromise attacks. According to Abnormal Security data, from February 2023 to…

Read more →

CloudGrappler is an open-source tool designed to assist security teams in identifying threat actors within their AWS and Azure environments. The tool, built on the foundation of Cado Security’s cloudgrep project, offers enhanced detection capabilities based on the tactics, techniques,…

Read more →

97% of technology leaders find traditional AIOps models are unable to tackle the data overload, according to Dynatrace. Organizations are drowning in data The research reveals that organizations are continuing to embrace multi-cloud environments and cloud-native architectures to enable rapid…

Read more →

Insider threats encompass both intentional and unintentional actions. Some insiders may maliciously exploit their access for personal gain, espionage, or sabotage, while others may inadvertently compromise security protocols due to negligence, lack of awareness, or coercion. Consequently, the challenge for…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: What organizations need to know about the Digital Operational Resilience Act (DORA) In this Help Net Security interview, Kris Lovejoy, Global Security and Resilience Leader…

Read more →

Cisco has fixed two high-severity vulnerabilities affecting its Cisco Secure Client enterprise VPN and endpoint security solution, one of which (CVE-2024-20337) could be exploited by unauthenticated, remote attackers to grab users’ valid SAML authentication token. “The attacker could then use…

Read more →

Identiv launched bitse.io 3.0, the latest iteration of its global IoT connecting cloud platform. The updated platform offers advanced features designed to transform applications in supply chain management, brand protection, and customer engagement. bitse.io simplifies the deployment of innovative IoT…

Read more →

We’re almost at our third Patch Tuesday and wrapping up the first quarter 2024. Time flies by! Microsoft is starting to push users to update their operating systems as their active version is approaching end-of-support. The February 2024 Patch Tuesday…

Read more →

Security leaders recognize that the pattern of buying new tech and the frantic state of find-fix vulnerability management is not working, according to Cymulate. Security leaders take proactive approach to cybersecurity Rather than waiting for the next big cyberattack and…

Read more →

“At the most basic level, AI has given malicious attackers superpowers,” Mackenzie Jackson, developer and security advocate at GitGuardian, told the audience last week at Bsides Zagreb. These superpowers are most evident in the growing impact of fishing, smishing and…

Read more →

In this Help Net Security video, Kory Daniels, CISO at Trustwave, shines a light on the impact the current threat environment can have for both universities and students. Key findings from a recent Trustwave report include: – 1.8 million devices…

Read more →

In this Help Net Security interview, Sanjay Macwan, CIO and CISO at Vonage, addresses emerging threats to cloud communications and the role of AI and automation in cybersecurity. What emerging threats to cloud communications are you most concerned about, and…

Read more →

MITRE now offers an open-source version of its Aviation Risk Identification and Assessment (ARIA) software suite, OpenARIA. This initiative is dedicated to enhancing aviation safety and efficiency through the active involvement of the aviation community. ARIA suite The first prototype…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Check Point, Delinea, Pentera, and Sentra. Delinea Privilege Control for Servers enforces least privilege principles on critical systems In Privilege Control for Servers, session recording…

Read more →

Bitdefender unveiled GravityZone CSPM+, a Cloud Security Posture Management (CSPM) solution for monitoring and managing configurations of cloud infrastructures including AWS, Google Cloud Platform, Microsoft Azure and others. In addition, GravityZone CSPM+ incorporates threat detection and response along with Cloud…

Read more →

Defense Unicorns has raised a $35 million Series A funding round led by Sapphire Ventures and Ansa Capital. Founded by early leaders of the Department of Defense’s software factories – a grassroots Air Force initiative turned mandate to accelerate secure,…

Read more →

FileCloud announced several new product advancements to help customers meet enterprise data protection requirements. “FileCloud makes it simple for enterprise organizations to meet their content governance, privacy and compliance requirements, specifically when there are complex objectives in hybrid environments,” said…

Read more →

VMware has fixed four vulnerabilities (CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255) in ESXi, Workstation, Fusion and Cloud Foundation, some of which could allow attackers to escape the sandbox and execute code on the host machine. About the vulnerabilities VMware ESXi is a…

Read more →

Skybox Security announced Skybox 13.2, introducing enhancements to its Vulnerability and Threat Management solution. These updates mark a significant milestone in vulnerability prioritization and attack surface management, empowering organizations with clarity and control over their cybersecurity posture. Traditional vulnerability scanners…

Read more →