Category: Help Net Security

Claroty has unveiled an expansion of its capabilities in collaboration with Rockwell Automation by adding the SaaS-powered industrial cybersecurity platform Claroty xDome to Rockwell Automation’s global services portfolio. Additionally, Rockwell Automation customers now have access to Claroty’s complete suite of…

Read more →

Ransomware-wielding attackers are trying to break into servers running outdated versions of Apache ActiveMQ by exploiting a recently fixed vulnerability (CVE-2023-46604). “Beginning Friday, October 27, Rapid7 Managed Detection and Response (MDR) identified suspected exploitation of Apache ActiveMQ CVE-2023-46604 in two…

Read more →

SAIC announced new offerings for Tenjin and additional features for Koverse. “The new offerings and features for SAIC’s Data Science Suite ensure the right people have access to the right data at the right time to gain actionable insights for…

Read more →

Action1 announced its latest release. Global enterprises navigating complex environments can now ensure rapid adoption of Action1’s platform within their organization for reduced Mean-Time-To-Remediate (MTTR) while eliminating gaps in their remediation processes. Key features: Automation and cost savings. Enterprises can…

Read more →

The two BIG-IP vulnerabilities (CVE-2023-46747, CVE-2023-46748) F5 Networks has recently released hotfixes for are being exploited by attackers in the wild, the company has confirmed. “It is important to note that not all exploited systems may show the same indicators,…

Read more →

MITRE has released MITRE ATT&CK v14, the newest iteration of its popular investigation framework / knowledge base of tactics and techniques employed by cyber attackers. MITRE ATT&CK v14 ATT&CK’s goal is to catalog and categorize behaviors of cyber adversaries in…

Read more →

Modern security tools continue to improve in their ability to defend organizations’ networks and endpoints against cybercriminals. But the bad actors still occasionally find a way in. Security teams must be able to stop threats and restore normal operations as…

Read more →

The global cybersecurity workforce has reached 5.5 million people, an 8.7% increase from 2022, representing 440,000 new jobs, according to ISC2. While this is the highest workforce ever recorded, the report shows that demand is still outpacing the supply. The…

Read more →

In this Help Net Security interview, Kai Roer, CEO at Praxis Security Labs, explores the theoretical underpinnings, practical implications, and the crucial role of human behavior in cybersecurity. Roer explains why a comprehensive understanding of human complexity is paramount in…

Read more →

The persistent neglect of patching legacy systems is plaguing critical infrastructure and industries. The consequences of such neglect can be damaging to organizations, ranging from costly security vulnerabilities to compliance risk and operational inefficiencies. Thus, the question remains: why is…

Read more →

Top executives — the employee group most targeted by threat actors — are frequently provided unfettered access to valuable data sources and networked assets, according to Ivanti. Executives access unauthorized work data While 96% of leaders say they are at…

Read more →

The browser has become the main workspace in modern organizations. It’s where employees create and interact with data, and how they access organizational and external SaaS and web apps. That’s why the browser is extensively targeted by adversaries. They seek…

Read more →

Ransomware incidents rising again as criminals use data exfiltration and supply chain attacks to maximize their leverage, according to Allianz. Allianz Commercial analysis of large cyber losses shows the number of cases in which data is exfiltrated is soaring, as…

Read more →

Ransomware attacks continue at a record-breaking pace, with Q3 2023 global ransomware attack frequency up 11% over Q2 and 95% year-over-year (YoY), according to Corvus Insurance. In its Q2 2023 Global Ransomware Report, Corvus noted a significant resurgence in global…

Read more →

An overwhelming 98% of all the businesses surveyed use Java in their software applications or infrastructure, and 57% of those organizations indicate that Java is the backbone of most of their applications, according to Azul. When including Java-based frameworks, libraries…

Read more →

While many organizations run their core business applications on the mainframe, IT leaders lack confidence in the effectiveness of their mainframe security compliance, signaling a need for more robust security practices, according to Rocket Software. For decades, mainframe systems have…

Read more →

Here’s a look at the most interesting products from the past month, featuring releases from: Appdome, Arcitecta, AuditBoard, BackBox, Cloaked, ComplyCube, Darktrace, Data Theorem, Flexxon, Fortanix, Fortinet, Jumio, LogicMonitor, Malwarebytes, ManageEngine, Nutanix, Prevalent, Progress, SailPoint, Thales, Vanta, Veriff, and Wazuh.…

Read more →

The Deputy Chairman of Ukraine’s technical security and intelligence service will give the keynote address at this year’s IRISSCERT cybersecurity conference, IRISSCON, in Dublin’s Aviva Stadium on Thursday, 16 November. Victor Zhora, Deputy Chairman of the State Service of Special…

Read more →

LogRhythm announced its partnership with D3 Security. This partnership brings together LogRhythm Axon SIEM and D3 Smart SOAR’s incident enrichment and response capabilities, providing security teams with a powerful, integrated solution to streamline their security operations. As cybersecurity threats continue…

Read more →

DigiSure has launched TrustScreen Negative File, adding another layer of protection against fraud and unwelcome activity on sharing platforms. DigiSure empowers companies to embed digital insurance offerings, control their losses and margin, and keep their customers safe with data-driven solutions…

Read more →