Category: Help Net Security

ESET researchers have discovered NSPX30, a sophisticated implant used by a new China-aligned APT group, which they dubbed Blackwood. Blackwood has carried out cyberespionage operations against individuals and companies from China, Japan, and the United Kingdom. It leverages adversary-in-the-middle techniques…

Read more →

All types of cyber threat actor are already using artificial intelligence (AI) to varying degrees, UK National Cyber Security Centre’s analysts say, and predict that AI “will almost certainly increase the volume and heighten the impact of cyberattacks over the…

Read more →

Business executives are worried about accidental internal staff error (71%) almost as much as they are worried about external threats (75%). But which of the two is a bigger threat to a company? External vs insider threats External threats can…

Read more →

In this Help Net Security interview, Nate Warfield, Director of Threat Research and Intelligence at Eclypsium, outlines the crucial tasks for CISOs in protecting supply chains and achieving comprehensive visibility. Warfield also discusses the vital collaboration between security and development…

Read more →

Automated Emulation is an open-source Terraform template designed to create a customizable, automated breach and attack simulation lab. The solution automatically constructs the following resources hosted on AWS: One Linux server deploying Caldera, Prelude Operator Headless, and VECTR One Windows…

Read more →

Global attack attempts more than doubled in 2023, increasing 104%, according to Armis. Blind spots and critical vulnerabilities are worsening, with 45% of critical CVEs remaining unpatched. Utilities (over 200% increase) and manufacturing (165% increase) were the most at risk…

Read more →

AI and ML deserve the hype they get, but the focus can’t always be on the glitz. As these advances to deliver real benefits, there’s a slew of more mundane actions that have to be taken—and in 2024, this is…

Read more →

Stack Identity has unveiled the expansion of the Identity Access Risk Management Platform with identity threat detection and response (ITDR) to tackle shadow access and shadow identities. Identity-centric attacks have exploded as the primary vector among cyberattacks, showcasing extreme gaps…

Read more →

Venafi introduced its new Stop Unauthorized Code Solution, designed to help security teams proactively prevent unauthorized code across any operating environment. By leveraging the combined power of Venafi’s CodeSign Protect product, trusted team of security experts and expansive technology ecosystem,…

Read more →

Proof-of-concept (PoC) exploit code for a critical vulnerability (CVE-2024-0204) in Fortra’s GoAnywhere MFT solution has been made public, sparking fears that attackers may soon take advantage of it. Fortra’s GoAnywhere MFT is a web-based managed file transfer solution widely used…

Read more →

Enzoic announced a partnership with ThreatQuotient, an innovative security operations platform provider. Through the agreement, the latter is integrating Enzoic’s Dark Web monitoring capabilities to scan for exposure and help customers act at the first sign of compromise. The ThreatQ…

Read more →

Proof-of-concept (PoC) exploit code for a critical vulnerability (CVE-2024-0204) in Fortra’s GoAnywhere MFT solution has been made public, sparking fears that attackers may soon take advantage of it. Fortra’s GoAnywhere MFT is a web-based managed file transfer solution widely used…

Read more →

VIVOTEK introduces its cloud-based security service VORTEX, emphasizing a smarter and easier approach. Now featuring the latest addition – VORTEX Connect, this new feature is integrated into VIVOTEK’s latest generation Network Video Recorders (NVRs), allowing users to seamlessly connect to…

Read more →

Securiti and Lacework announced a strategic partnership that allows customers to be smarter than ever when protecting cloud data. This collaboration unites Lacework, a Cloud Native Application Protection Platform (CNAPP), and Securiti’s Data Command Center with built-in Data Security Posture…

Read more →

Stellar Cyber announced a new partnership with Proofpoint, a cybersecurity and compliance company. Through this alliance, Proofpoint and Stellar Cyber customers benefit from an out-of-the-box integration enabling swift email investigations and real-time response actions to email-driven attacks. Proofpoint Targeted Attack…

Read more →

Whether we’d like to admit it to ourselves or not, all humans harbor subconscious biases that powerfully influence our behavior. One of these is the omission bias, which has interesting ramifications in the world of cyber security, specifically vulnerability management.…

Read more →

In this Help Net Security interview, Randy Marchany, CISO at Virginia Tech, discusses the challenges and strategies associated with implementing CIS Controls in organizations of varying sizes. Marchany explores the importance of securing top-level management support, breaking down data silos,…

Read more →

Security BSides Security BSides offers attendees an opportunity to engage and present their ideas actively. Characterized by its intensity, these events are filled with discussions, demonstrations, and interactive participation. BSides are happening all over the USA. To find an event…

Read more →

In this Help Net Security video, Frank Shultz, CEO of Infinite Blue, discusses how more frequent and severe disruptions and our increasingly interconnected world collide to create a new threat for resilience leaders to manage: polycrises. These multiple concurrent or…

Read more →

92% of organizations will increase 2024 data protection spend, to achieve cyber resilience amidst continued threats of ransomware and cyberattacks, according to Veeam Software. Respondents shared that cyberattacks remain the top cause of outages and that while organizations are putting…

Read more →

While a valuable tool in the cybersecurity toolkit, MFA is not immune to weaknesses. Read the “MFA Misconceptions” whitepaper to understand its limitations and how integrating it with other robust security measures is crucial for building a resilient defense mechanism.…

Read more →

ReversingLabs identified close to 11,200 unique malicious packages across three major open-source software platforms in 2023: npm, PyPI, and RubyGems. These findings mark an astounding 1,300% increase in malicious packages from 2020 and an increase of 28% over 2022 when…

Read more →

Tufin announced Dashboard Essentials, a new extension to the Tufin Orchestration Suite that improves analytics for monitoring security, compliance, and operational efficiency. The extension gives customers access to specialized analytics tools that help track the progress of their security implementation…

Read more →

Seceon announces aiSIEM-CGuard enabling partners and customers with comprehensive protection, detection, automatic remediation for cloud-powered resources. With an automated signup process and margin-friendly pricing, MSP/MSSPs can now add protection for cloud workloads like Microsoft 365 email, OneDrive, and endpoints and…

Read more →

Cato Networks announced the expansion of the Cato SASE Cloud platform into threat detection and incident response with Cato XDR, a SASE-based, extended detection and response (XDR) solution. Available immediately, Cato XDR utilizes the functional and operational capabilities of the…

Read more →

Zscaler has introduced Zscaler Zero Trust SASE, single-vendor SASE solution built utilizing Zscaler Zero Trust AI to help organizations reduce cost and complexity while implementing zero trust security across users, devices, and workloads. Additionally, Zscaler announced general availability for its…

Read more →

Besides fixing an actively exploited zero-day vulnerability, the latest update for the iOS 17 branch offers a new feature to help you protect your accounts and sensitive information in case your iPhone gets stolen. Stolen Device Protection If enabled, the…

Read more →

Veriti launched its AI powered contextual cybersearch solution, Veriti Odin. Leveraging advanced AI architecture, Odin is designed to optimize and elevate the way businesses approach cybersecurity, creating certainty that solutions are deployed correctly, and configured accurately, and protecting against threats…

Read more →

Silobreaker has integrated with DarkOwl for credential monitoring. The DarkOwl Credential Monitoring solution continuously checks for exposed credentials in darknet and darknet-adjacent sites, providing Silobreaker customers with detailed alerting and analytics within a single platform. Credential exposure can lead to…

Read more →

Atakama unveild the Atakama Browser Security Platform for MSPs. Developed in collaboration with 30-plus MSP design partners, over the past year, Atakama has broken new ground with a revolutionary browser security solution. The unveiling signals an opportunity for MSPs to…

Read more →

Onfido launched its Compliance Suite, an all-in-one identity verification solution that empowers fast-growth businesses to expand seamlessly into new markets and meet local regulatory needs for customer onboarding. Onfido’s Compliance Suite introduces Qualified Electronic Signature (QES) and One-time Password (OTP)…

Read more →

Apple has fixed an actively exploited zero-day vulnerability (CVE-2024-23222) that affects Macs, iPhones, iPads and AppleTVs. About CVE-2024-23222 CVE-2024-23222 is a type confusion issue that affects WebKit – Apple’s browser engine used in the Safari web browser and all iOS…

Read more →

Thales announced the launch of its PQC Starter Kit in collaboration with Quantinuum. This offering helps enterprises prepare for Post-Quantum Cryptography (PQC). The kit provides a trusted environment for businesses to test quantum-hardened PQC-ready encryption keys and understand the implications…

Read more →

Someone is selling scraped data of millions of users of Trello, a popular a web-based list-making application and project management platform, on a dark web hacker forum. The database dump “contains emails, usernames, full names and other account info,” the…

Read more →

No company is immune to cyberattacks, but when the inevitable happens, too many companies still try to maintain a wall of silence. In fact, over half of security professionals admit their organizations maintain a culture of security through obscurity, with…

Read more →

In this Help Net Security video, Adam Marrè, CISO at Arctic Wolf, explains how state and local governments must focus on cybersecurity as the 2024 election approaches in the United States. State and local IT and cybersecurity teams usually have…

Read more →

In this Help Net Security interview, Jean-Philippe Aumasson, CSO at Taurus, emphasizes the often-overlooked complexities of key generation, storage, and distribution, underlining the necessity for a high level of security maturity in handling digital assets. Looking ahead, Aumasson predicts that…

Read more →

Cyber incidents such as ransomware attacks, data breaches, and IT disruptions are the biggest worry for companies globally in 2024, according to Allianz. The closely interlinked peril of business interruption ranks second. Natural catastrophes (up from #6 to #3 year-on-year),…

Read more →

Email security risks remain high with 94% of organizations experiencing incidents in the past 12 months, according to Egress. Inbound email incidents primarily took the form of malicious URLs, attacks sent from a compromised account, and malware or ransomware attachments.…

Read more →

Netskope announced the next addition to its family of single-vendor SASE offerings, focused on midmarket organizations and the Managed Service Providers (MSP) that serve them. The ongoing expansion of Netskope’s SASE portfolio enables Netskope and its partners to deliver a…

Read more →

A recently patched vulnerability in Microsoft Outlook (CVE-2023-35636) that can be used by attackers to steal users’ NTLM v2 hashes can be exploited by adding two headers to an email carrying a specially crafted file, security researcher Dolev Taler has…

Read more →

Cognyte announced the release of a significant update to its LUMINAR external threat intelligence solution to incorporate GenAI capabilities, including a new AI-driven dashboard. LUMINAR is already integrated with Cognyte’s investigative analytics software and other leading solutions, and this release…

Read more →

F5 announced the appointment of Samir Sherif as SVP and CISO. In this role, Sherif will lead F5’s enterprise cybersecurity strategy and security culture, evolve F5’s security capabilities and resilience, oversee cybersecurity standards and programs for F5’s products and services,…

Read more →

In an era where cybercrime poses a pervasive threat to individuals, corporations, and governments worldwide, Resecurity and Cybercrime Atlas have forged a partnership aimed at disrupting the global cybercriminal ecosystem. The Cybercrime Atlas is hosted by the World Economic Forum’s…

Read more →

Finnish IT software and service company Tietoevry has suffered a ransomware attack that affected several customers of one of its datacenters in Sweden. The attack The ransomware attack took place during the night of January 19-20. “The attack was limited…

Read more →

Computer science researchers have developed a new way to identify security weaknesses that leave people vulnerable to account takeover attacks, where an attacker gains unauthorized access to online accounts. Most mobiles are now home to a complex ecosystem of interconnected…

Read more →

The SEC has instituted a set of guidelines “requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy, and governance.” These new guidelines went into effect…

Read more →

With the integration of sophisticated technologies like over-the-air updates and increased data connectivity, cars are no longer just modes of transportation but also hubs of personal and operational data. This shift brings forth unique cybersecurity challenges, ranging from hacking and…

Read more →

There has been a sharp increase in cyber inequity globally, with 90% of executives warning that urgent action is needed to address it, according to the World Economic Forum. While increased geopolitical tensions and economic instability continue to concern industry…

Read more →

CloudFoxable is a capture-the-flag (CTF) style learning platform you can deploy to your playground AWS account. It primarily targets current penetration testers seeking to learn exploitation of cloud-native attack paths, and cloud security experts aiming to practice offensive security techniques…

Read more →

Bad bots are automated programs designed with malicious intent to perform various activities on the internet, often causing harm to individuals, organizations, and online ecosystems. What makes them particularly dangerous is their ability to mimic the actions of legitimate users…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Key elements for a successful cyber risk management strategy In this Help Net Security interview, Yoav Nathaniel, CEO at Silk Security, discusses the evolution of…

Read more →

A previously patched critical vulnerability (CVE-2023-35082) affecting Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core is being actively exploited, the Cybersecurity and Infrastructure Security Agency (CISA) has confirmed by adding the vulnerability to its Known Exploited Vulnerabilities Catalog (KEV). It…

Read more →

From AI to ZTA (zero-trust architecture), the technology responsible for protecting your company’s data has evolved immensely. Despite the advances, cybercriminals repeatedly find new and creative ways to gain access to sensitive information. This can result in devastating consequences, making…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Living Security, Skopenow, Skyhigh Security, and Wing Security. Skyhigh Security’s AI-driven DLP Assistant prevents critical data loss Skyhigh Security’s AI-driven DLP Assistant, which supports queries…

Read more →

To achieve the full potential of AI, organizations must reinvent work, reshape the workforce and prepare workers, according to Accenture. A new report from Accenture reveals an urgent need for business leaders to look beyond how generative AI affects specific…

Read more →

The number of foreign document verification cases in all parts of the world has grown by an average of 21% since the summer of 2021, according to Regula. It’s even higher in the US and UAE: these countries are experiencing…

Read more →

Vercara is introducing UltraSecure bundles designed to meet the online security needs of mid-size companies. These flexible packages offer enterprise-grade, custom solutions that protect critical applications, secure online properties and increase web performance. While mid-size companies and SMBs have the…

Read more →

VulnCheck launched IP Intelligence, a new feature set designed to provide real-time tracking of attacker infrastructure and vulnerable IP’s on the internet. VulnCheck IP Intelligence compiles data from popular Internet-Connected Device (ICD) datasets and cross-references it against VulnCheck exploit and…

Read more →

N-able continues to advance its security suite with the launch of N-able Managed Detection and Response (MDR). This latest addition to the N-able security suite combines a powerful security operations platform with expert services, giving MSPs a broad range of…

Read more →

Users exposing poorly secured PostgreSQL and MySQL servers online are in danger of getting their databases wiped by a ransomware bot, Border0 researchers are warning. The attackers asks for a small sum to return / not publish the data, but…

Read more →

Oleria has raised $33.1 million in a Series A funding round. This latest investment, which brings the company’s total funding to over $40 million, is led by Evolution Equity Partners with participation from Salesforce Ventures, Tapestry VC, and Zscaler. This…

Read more →

ESET launched ESET MDR, an innovative solution aimed at addressing the evolving cybersecurity challenges faced by SMBs. This launch marks a significant stride in expanding ESET’s security services portfolio with another MDR solution. In a rapidly changing threat landscape, organizations…

Read more →

Swimlane announced its new Turbine innovations, Canvas and Hero AI. This transformative combination empowers security teams to build automation in seconds with limitless integration possibilities, leading to dramatic time and resource savings. SecOps teams are drowning in a sea of…

Read more →

Sourcepoint has launched a sensitive data opt-in feature for its consent management platform (CMP) to help customers prepare for US privacy changes on the horizon. As of March 31, 2024, the Washington “My Health, My Data” Act will require opt-in…

Read more →

A critical vulnerability (CVE-2023-34063) affecting VMware Aria Automation and VMware Cloud Foundation can be exploited by attackers to gain access to remote organizations and workflows, VMware has warned. The company is not aware of any “in the wild” exploitation of…

Read more →

The future of data privacy is the end of compromise. With the world producing data at astounding rates, we need ways to put data to the best use while protecting against breaches and ensuring privacy, data protection and access control.…

Read more →

Skytrack is an open-source command-line tool for plane spotting and aircraft OSINT reconnaissance. The tool utilizes multiple data sources to collect information on aircraft, can produce a PDF report for a specific aircraft, and offers conversion between ICAO and Tail…

Read more →

In this Help Net Security interview, Tim Morris, Chief Security Advisor at Tanium, discusses ransomware negotiation, how it typically unfolds, and how organizations should have a playbook that clearly outlines what to do, when to do it, who is notified,…

Read more →

More than 10% of enterprise employees access at least one generative AI application every month, compared to just 2% a year ago, according to Netskope. In 2023, ChatGPT was the most popular generative AI application, accounting for 7% of enterprise…

Read more →

The widespread adoption of artificial intelligence (AI), particularly generative AI (GenAI), has revolutionized organizational landscapes and transformed both the cyber threat landscape and cybersecurity. AI as a powerful cybersecurity tool As organizations handle increasing amounts of data daily, AI offers…

Read more →

Skyhigh Security announced an AI-driven DLP Assistant as an advanced DLP capability within its Security Service Edge (SSE) portfolio. The AI-based Assistant can help simplify many complex tasks in DLP with the ability to generate complex regular expressions. This enables…

Read more →

Wing Security unveils an automatic advanced approach to counter the evolving risks of Intellectual Property (IP) and data leakage into GenAI applications. Amidst the growing adoption of GenAI, and the many SaaS applications powered by GenAI, Wing brings awareness and…

Read more →

Living Security announced Unify Power Insights, which combines intelligence across multiple identity management and security tools to pinpoint visibility into which members of the workforce are most vulnerable to phishing, account compromise, malware, data loss, and more. Living Security Unify…

Read more →

Vicarius announced a $30 million Series B led by cybersecurity investment firm Bright Pixel (formerly Sonae IM). AllegisCyber Capital, AlleyCorp, and Strait all participated in the financing. The company’s total funding, including investments from previous investors such as JVP, is…

Read more →

Kaspersky’s researchers have developed a lightweight method to detect indicators of infection from sophisticated iOS spyware such as NSO Group’s Pegasus, QuaDream’s Reign, and Intellexa’s Predator through analyzing a log file created on iOS devices. Analyzing the Shutdown.log The company’s…

Read more →

Industrial Defender announced a strategic technology partnership with Dragos. The collaboration between these leaders in OT cybersecurity integrates their respective platform capabilities, representing a major move towards combining their leading strengths to enhance outcomes for OT operators. The partnership is…

Read more →

In the new stable release of the Chrome browser, Google has fixed three security vulnerabilities affecting the V8 engine, including one zero-day (CVE-2024-0519) with an existing exploit. About CVE-2024-0519 V8 is an open-source JavaScript and WebAssembly engine developed by the…

Read more →

Navigating layoffs is complex and difficult for many reasons. Not only do human resources and direct managers bear the onus of responsibility when conducting exit conversations, but security teams should also make the necessary preparations for monitoring anomalies in employee…

Read more →

In this Help Net Security interview, Chris Mixter, Vice President, Analyst at Gartner, discusses the dynamic world of CISOs and how their roles have evolved significantly over the years. He outlines the critical skills for CISOs in 2024, addresses the…

Read more →

Employees play a significant role in safeguarding organizational assets. With a constantly evolving threat landscape, cybersecurity awareness training is an essential component in creating a good security culture. Why cybersecurity awareness training? 81% of organizations were hit by malware, phishing,…

Read more →

In this Help Net Security video, Peter Manev, Chief Strategy Officer at Stamus Networks, discusses a pervasive problem plaguing security analysts called “alert fatigue,” – which occurs when security teams become desensitized to an overwhelming volume of alerts, causing them…

Read more →

Increasing data requests overwhelm IT teams, but security concerns hinder their ability to provide employees with access to timely data, according to CData Software. The majority of Ops professionals feel that they are prohibited from accessing the data they need…

Read more →

Atlassian has patched a critical vulnerability (CVE-2023-22527) in Confluence Data Center and Confluence Server that could lead to remote code execution. The good news is that the flaw was fixed in early December 2023 with the release of versions 8.5.4…

Read more →

Fortinet announced a comprehensive secure networking solution integrated with Wi-Fi 7. Fortinet’s first Wi-Fi 7 access point, FortiAP 441K, delivers increased speed and capacity, and the new FortiSwitch T1024 is purpose-built with 10 Gigabit Ethernet (GE) access and 90W Power…

Read more →

Skopenow launched Grid, its new 360-degree situational awareness solution. Grid equips security, intelligence, and investigative teams worldwide with enhanced proactive threat intelligence capabilities, enabling real-time detection of risks to people, assets, and operations. In a global landscape marked by uncertainty,…

Read more →

Over 1,700 Ivanti Connect Secure VPN devices worldwide have been compromised by attackers exploiting two zero-days with no patches currently available. “Additional threat actors beyond UTA0178 appear to now have access to the exploit and are actively trying to exploit…

Read more →

Accenture and SandboxAQ are partnering to deliver AI and quantum computing solutions to help organizations identify and remediate cybersecurity vulnerabilities. According to recent Accenture research, executives’ top concern for 2024 is the ability to adapt to advancements in technology and…

Read more →

As cyber threats grow more sophisticated, understanding and implementing robust cybersecurity frameworks is crucial for organizations of all sizes. This article lists the most essential cybersecurity frameworks developed to guide businesses and governments in safeguarding their digital assets. From the…

Read more →

OAuth attacks are on the rise. In December, the Microsoft Threat Intelligence team observed threat actors misusing OAuth apps to take over a cloud server and mine cryptocurrency, establish persistence following business email compromise and launch spam activity using the…

Read more →

Tsurugi Linux is a heavily customized open-source distribution focused on supporting DFIR investigations. The project focuses mainly on live forensics analysis, post-mortem analysis, and digital evidence acquisition. Users can also perform malware analysis, OSINT and computer vision activities. “We’ve crafted…

Read more →

Misinformation and disinformation are biggest short-term risks, while extreme weather and critical change to Earth systems are greatest long-term concern, according to the Global Risks 2024 Report from the World Economic Forum. Against a backdrop of systemic shifts in global…

Read more →

A vulnerability (CVE-2023-36025) that Microsoft fixed in November 2023 continues to be exploited by malware peddlers: this time around, the delivered threat is a variant of the Phemedrone Stealer. About the malware Phemedrone Stealer is a piece of malware written…

Read more →

Trellix announced Trellix XDR Platform for Ransomware Detection and Response (RDR), available immediately worldwide. Trellix XDR Platform for RDR provides visibility across an organization’s entire security ecosystem and delivers critical coverage for each stage of a ransomware campaign. The solution…

Read more →

Trellix announced Trellix XDR Platform for Ransomware Detection and Response (RDR), available immediately worldwide. Trellix XDR Platform for RDR provides visibility across an organization’s entire security ecosystem and delivers critical coverage for each stage of a ransomware campaign. The solution…

Read more →

Juniper Networks has fixed a critical pre-authentication remote code execution (RCE) vulnerability (CVE-2024-21591) in Junos OS on SRX firewalls and EX switches. About CVE-2024-21591 CVE-2024-21591 is an out-of-bounds write vulnerability that could allow an unauthenticated, network-based threat actor to carry…

Read more →

For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic (and usually poorly-written) email and fire it out to thousands of recipients in the hope that a few might take the bait. Over…

Read more →

Adalanche provides immediate insights into the permissions of users and groups within an Active Directory. It’s an effective open-source tool for visualizing and investigating potential account, machine, or domain takeovers. Additionally, it helps identify and display any misconfigurations. What unique…

Read more →

In this Help Net Security video, John Morello, CTO of Gutsy, discusses the often-overlooked aspect of cybersecurity – the offboarding process. He outlines the real-world implications and potential impact on an organization’s security posture if off-boarding isn’t handled thoroughly. The…

Read more →

In this Help Net Security interview, Yoav Nathaniel, CEO at Silk Security, discusses the evolution of cyber risk management strategies and practices, uncovering common mistakes and highlighting key components for successful risk resolution. Nathaniel anticipates a growing pressure on organizations…

Read more →