Category: Help Net Security

Cyolo launched Cyolo PRO (Privileged Remote Operations), a hybrid secure remote access solution for Operational Technology (OT). Developed specifically to enable safe operations of privileged users, Cyolo PRO is an advanced solution set to redefine Secure Remote Access (SRA) by…

Read more →

GitHub push protection – a security feature aimed at preventing secrets such as API keys or tokens getting accidentally leaked online – is being switched on by default for all public repositories. “This means that when a supported secret is…

Read more →

Darktrace and Xage Security announced a new partnership to help businesses prevent cyberattacks and insider threats in critical environments. This collaboration brings together Xage Security’s zero trust protection with Darktrace’s AI-powered anomaly-based threat detection. The integration between Darktrace/OT and Xage…

Read more →

Identiv introduces ScrambleFactor, an addition to its high-security physical access control system (PACS) portfolio. The ScrambleFactor reader reimagines secure entry for the federal market with fingerprint biometrics and a LCD touchscreen keypad, integrating multiple authentication methods to deliver unparalleled security,…

Read more →

Akamai announced significant additions to its flagship Akamai App & API Protector product, including advanced defenses against sophisticated application-layer distributed denial-of-service (DDoS) attacks. The enhanced Layer 7 DDoS protections now precisely detect and mitigate short DDoS attack bursts and use…

Read more →

Zyxel Networks has released its NWA130BE – BE11000 WiFi 7 Triple-Radio NebulaFlex Access Point (AP). With WiFi 7-supported devices ready to go mainstream in 2024, the NWA130BE enables small to medium-sized businesses (SMBs) to benefit from network speed, capacity and…

Read more →

A new phishing campaign is using fake Okta single sign-on (SSO) pages for the Federal Communications Commission (FCC) and for various cryptocurrency platforms to target users and employees, Lookout researchers have discovered. The phishing campaign By pretending to be customer…

Read more →

Malicious software packages are found on public software repositories such as GitHub, PyPI and the npm registry seemingly every day. Attackers use a number of tricks to fool developers or systems into downloading them, or they simply compromise the package…

Read more →

Silobreaker announced an integration with MITRE ATT&CK Matrix for Enterprise, Industrial Control Systems (ICS) and Mobile, to help organizations better understand threats associated with malware, threat actors and industries. This latest enhancement enables organizations using the Silobreaker platform to leverage…

Read more →

Python Risk Identification Tool (PyRIT) is Microsoft’s open-source automation framework that enables security professionals and machine learning engineers to find risks in generative AI systems. PyRIT has been battle-tested by Microsoft’s AI red team. It started as a collection of…

Read more →

NIST released its final guidelines for integrating software supply chain security in DevSecOps CI/CD pipelines (SP 800-204D). In this Help Net Security video, Henrik Plate, Security Researcher at Endor Labs, talks about this report, which provides actionable measures to integrate…

Read more →

More than 95% of responding IT and security professionals believe social engineering attacks have become more sophisticated in the last year, according to LastPass. Recent AI advancements, particularly generative AI, have empowered cybercriminals to coordinate social engineering assaults with unprecedented…

Read more →

For several years, cybersecurity leaders have grappled with talent shortages in crucial cyber roles. In the face of escalating financial requirements and expanding responsibilities, these leaders are under heightened pressure to achieve more with fewer resources, creating roles encompassing multiple…

Read more →

BSidesZagreb is a complimentary, non-profit conference driven by community participation, designed for information security professionals and enthusiasts to gather, exchange ideas, and collaborate. Help Net Security sponsored the 2024 edition that took place on March 1, and here are photos…

Read more →

Despite its importance, patching can be challenging for organizations due to factors such as the sheer volume of patches released by software vendors, compatibility issues with existing systems, and the need to balance security with operational continuity. To ensure effective…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Overcoming the pressures of cybersecurity startup leadership In this Help Net Security interview, Kunal Agarwal, CEO at Dope Security, offers a look into the CEO’s…

Read more →

Collibra introduced Collibra AI Governance, a new product that enables organizations to deliver trusted AI safely and effectively. Built on top of the Collibra Data Intelligence Platform, Collibra AI Governance helps data, AI and legal teams collaborate to ensure compliance…

Read more →

The alliance between ransomware groups and initial access brokers (IABs) is still the powerful engine for cybercriminal industry, as evidenced by the 74% year-on-year increase in the number of companies that had their data uploaded on dedicated leak sites (DLS),…

Read more →

In this Help Net Security interview, Geoffrey Mattson, CEO of Xage Security, discusses the evolution of the Joint Cyber Defense Collaborative (JCDC) since its 2021 inception and tackles its 2024 strategic priorities in response to escalating cyber threats. He elaborates…

Read more →

Eficode research indicates that 96% of developers use AI tools, with most coders bypassing security policies to use them. With no standardized AI tool regulations, researchers advocate for stronger governance frameworks and AI security policies in organizations’ DevOps strategies to…

Read more →