Category: Help Net Security

Betacom introduced Betacom AirGap Protection, a network architecture aimed at enhancing cybersecurity for its flagship offering, Betacom 5G as a Service (5GaaS). The new cyber defense enhancements provide multi-layered security to reduce the risk, complexity and cost of adding industrial…

Read more →

Bitdefender has agreed to acquire Horangi Cyber Security to address the growing demand for advanced, streamlined management of cybersecurity, compliance, and governance of multi-cloud environments. As organizations continue to accelerate cloud adoption, they struggle to manage the thousands of configuration…

Read more →

Lockbit 3.0 is currently the most active ransomware group, NCC Group says in its most recent Threat Pulse report, but new ransomware groups like 8Base and Akira are rising in prominence. Collectively, the various ransomware groups revealed 436 victim organizations…

Read more →

Cynerio has unveiled the further integration of generative AI into its existing offerings. “It is clear that the healthcare industry will continue to face increasing cyber attacks,” said Leon Lerman, CEO of Cynerio. “With 89% of hospitals experiencing cyber attacks…

Read more →

Bishop Fox has expanded its social engineering testing services, which are an integral part of the company’s Red Team portfolio. In contrast to narrow and rudimentary security awareness solutions, Bishop Fox’s services emulate complex, multistage and multilayer adversarial attack behavior,…

Read more →

Fortanix has released Fortanix Confidential Data Search, a solution that supports highly scalable searches in encrypted databases with sensitive data, without compromising data security or privacy regulations. Current solutions that enable secure searches of encrypted data are predominantly based on…

Read more →

Socure acquired Berbix, a San Francisco-based startup that developed a high-accuracy document verification solution with a patent-pending forensics engine able to detect spoofed IDs – including AI-generated fakes – that are visually indistinguishable to the human eye. The approximately $70…

Read more →

Thales announced a new partnership with Google Cloud to develop new data security capabilities powered by generative AI that will improve companies’ ability to discover, classify and protect their most sensitive data. The partnership is part of Thales’ generative AI…

Read more →

AWS announced AWS AppFabric, a no-code service that enhances companies’ existing investment in software as a service (SaaS) applications with improved security, management, and productivity. With just a few clicks in the AWS Management Console, information technology (IT) and security…

Read more →

In today’s data-driven world, organizations that can harness the power of big data and derive actionable insights are positioned to succeed. However, the sheer number of big data companies vying for attention has made it crucial for entrepreneurs to differentiate…

Read more →

Our healthcare systems are at risk of infiltration by threat actors, potentially disrupting services, compromising sensitive data, and even jeopardizing patient outcomes. Among the people addressing these challenges is Dennis Fridrich, VP of Cybersecurity at TRIMEDX, who not only understands…

Read more →

The current economic conditions are leading companies of all sizes to reassess their operations and business strategies to remain competitive and profitable, according to Kaseya. Business growth key driver for it budgets Budgets and resources may be shrinking, but workloads…

Read more →

Cequence Security announced new updates to the Unified API Protection (UAP) platform that strengthen customers’ ability to discover, manage risk and protect APIs. With the latest capabilities, organizations can rapidly deploy API Security Testing with built-in generative AI automation, protect…

Read more →

Delinea announced the latest release of Privilege Manager, its solution for providing privilege elevation controls for users and applications on workstations. The latest enhancements significantly improve ease of use for customers by preconfiguring five of the most common privilege elevation…

Read more →

Index Engines announced CyberSense 8.3, which features several user experience updates highlighted by additional metrics after a ransomware attack is detected, a new setup wizard and system configuration interface. CyberSense scans backup data and snapshots to validate their integrity and…

Read more →

BeeKeeperAI has closed $12.1 million in Series A financing. The round was led by Sante Ventures, with participation from the Icahn School of Medicine at Mount Sinai, AIX Ventures, Continuum Health Ventures, TA Group Holdings, and UCSF. The new funding…

Read more →

CalypsoAI has raised $23 million in a Series A-1 financing. Paladin Capital Group led the round, with participation from existing investors including Lockheed Martin Ventures, new investors Hakluyt Capital and Expeditions Fund, and strategic angels, including Auren Hoffman and Anne…

Read more →

LexisNexis Risk Solutions has launched an end-to-end customer lifecycle management platform to help businesses effortlessly integrate multiple information sources to make better risk decisions and provide smoother customer journeys. LexisNexis RiskNarrative leverages automation and decisioning technology to provide a sophisticated,…

Read more →

BigID announced an expanded partnership with Databricks to provide data security, privacy, and governance solutions to customers. This joint effort aims to automate data discovery and classification, alleviate the workload of data professionals, and streamline governance processes. BigID’s integration with…

Read more →

Worldwide, 6558 arrests follow the dismantling of EncroChat, a tool favored by organized crime groups (OCGs). 197 of those arrested were high-value targets. This result is detailed in the first review of EncroChat, presented today by the French and Dutch…

Read more →

In this Help Net Security video, Fawaz Rasheed, Field CISO at VMware, discusses how cyber insurance remains the high tide that rises ships. For organizations choosing to purchase cyber insurance, the requirements set forth towards them are beneficial in advancing…

Read more →

Learn how NetSPI’s always-on solution allows companies to improve visibility, inventory, and understanding of known and unknown assets and exposures on their global attack surface and distill signal from noise. After all, the discovery of assets and vulnerabilities is table…

Read more →

European organizations experienced a greater volume and frequency of BEC attacks over the last year, as compared to organizations in the United States, according to Abnormal Security. BEC attacks volume and frequency The data is based on an analysis of…

Read more →

Although numerous respondents acknowledged employing risky practices and behaviors within their cloud environments, they strongly believe in the effectiveness of their security tools and processes to safeguard their organizations against meticulously planned attacks, according to Permiso. That high confidence level…

Read more →

Snowflake announced an expanded partnership with Microsoft, enabling new product integrations across AI, low code/no code application development, data governance, and more. The two companies will also implement new programs to enhance joint go-to-market strategies and improve field collaboration, bringing…

Read more →

Immuta has announced key enhancements to its Data Security Platform for Databricks that enable data teams to leverage Immuta’s full platform capabilities, unlocking value from data, reducing costs, and speeding up innovation while maintaining strong data security posture. These updates…

Read more →

While mobile users are increasingly falling victims of cybercriminals, organizations are raising their spending in mobile endpoint detection and response solutions (Mobile EDR). To tackle these new cybersecurity threats, they are turning to their Managed Security Service Providers (MSSPs) to…

Read more →

49% of organizations around the world had to deal with fake or modified physical identity documents in 2022, as Regula’s survey revealed. With this fraud always on the rise, Regula is reinforcing its solution for document verification with extra features,…

Read more →

New Relic has launched New Relic APM 360, that goes beyond incident troubleshooting insights for select experts to daily performance, security & development insights for all engineers. APM 360 correlates all essential telemetry data across the application stack and development…

Read more →

Databricks has entered into a definitive agreement to acquire MosaicML, a generative AI platform. Together, Databricks and MosaicML will make generative AI accessible for every organization, enabling them to build, own and secure generative AI models with their own data.…

Read more →

The compromise of PBI Research and The Berwyn Group’s MOVEit installation has resulted in the theft of data belonging to several pension systems and insurance companies – and millions of their users. PBI + Berwyn Group – a population management…

Read more →

In this Help Net Security interview, Brett Harris, Cybersecurity Officer for the Americas at Siemens Healthineers, discusses the long-term impacts of cyberattacks on healthcare institutions and what healthcare providers can do to protect patients’ personal data and medical devices. Can…

Read more →

Attackers typically find exposed “secrets” – pieces of sensitive information that allow access to an enterprise cloud environment — in as little as two minutes and, in many cases, begin exploiting them almost instantly, highlighting the urgent need for comprehensive…

Read more →

Cryptography In this course, you’ll learn how to protect information to ensure its integrity, confidentiality, authenticity, and non-repudiation. You will develop a basic understanding of cryptographic concepts and how to apply them, implement secure protocols, key management concepts, critical administration…

Read more →

Moving critical data and workloads to the cloud has significantly changed information security teams. But most don’t have the resources to be successful in their cloud attack modeling—not to mention the deployment of measurable controls to defend against these evolving…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Unraveling the multifaceted threats facing telecom companies In this Help Net Security interview, Georgia Bafoutsou, Cybersecurity Officer at the European Union Agency for Cybersecurity (ENISA),…

Read more →

Wallarm announced its API Abuse Prevention feature to address one of the most critical API threats: bot-based attacks. Wallarm can now accurately identify and mitigate API bot activity, protecting systems against API abuse, account takeover (ATO), and price scraping. This…

Read more →

Proof-of-concept (PoC) exploit code for the high-severity vulnerability (CVE-2023-20178) in Cisco Secure Client Software for Windows and Cisco AnyConnect Secure Mobility Client Software for Windows has been published. About the vulnerability Cisco Secure Client Software – previously known as Cisco…

Read more →

Privacera announced the private preview of Privacera AI Governance (PAIG). From the continuous scanning and classification of training data to the securing and auditing of AI models, model outputs, and user requests, PAIG empowers organizations to efficiently manage the entire…

Read more →

Tanium released major enhancements to the Tanium Software Bill of Materials (SBOM) that now include Common Vulnerability and Exposures (CVE) information. Software supply chain attacks continue to spike due in part to the increasing reliance of organizations on numerous third-party…

Read more →

Celerium released its latest cybersecurity solution, Compromise Defender. As an integral part of Celerium’s Cyber Defense Network , this innovative solution combines rapid implementation and automation to provide early detection and defense of compromise activity. Research by IBM found that…

Read more →

Security researchers have uncovered a bug that could allow attackers to deliver malware directly into employees’ Microsoft Teams inbox. “Organisations that use Microsoft Teams inherit Microsoft’s default configuration which allows users from outside of their organisation to reach out to…

Read more →

McAfee announced McAfee Business Protection, a new comprehensive security solution for small business owners in collaboration with Dell Technologies. McAfee Business Protection helps Dell small business customers stay ahead of cyber threats and vulnerabilities with security, identity and dark web…

Read more →

Aviatrix announced the appointment of Doug Merritt as CEO and President. He will also join the Aviatrix Board of Directors as Chairman. Merritt will succeed Steve Mullaney, who for the past four years has built Aviatrix into an industry-defining enterprise…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Cymulate, Edgescan, ESET, iStorage, and Netskope. iStorage launches datAshur PRO+C with Type-C USB interface iStorage’s new datAshur PRO+C is a user-friendly USB 3.2 (Gen 1)…

Read more →

Some organizations have bought into the idea that workloads in the cloud are inherently more secure than those on premises. This idea is reinforced by the concept that the cloud service provider (CSP) assumes responsibility for security. However, while a…

Read more →

Only 3.54% of of insurance companies have correctly implemented basic phishing and spoofing protection, according to EasyDMARC. DMARC standard adoption Insurers operate using highly sensitive, private information that they’ve been trusted by clients and customers to protect. They function in…

Read more →

As data transformation progresses, cyber attacks are among the most significant growing threats to the enterprise. As seen in the recent MOVEit situation, enterprises must immediately enact cybersecurity solutions that are right for them. Every enterprise is unique, so a…

Read more →

Exabeam has unveiled that Adam Geller has been appointed as CEO. Michael DeCesare is stepping down as CEO and President, but will continue to serve as a Board advisor. Geller is a well-respected Silicon Valley leader who has built a…

Read more →

The industry’s first-ever directory of virtual CISO (vCISO) service providers has gone live. This list of vCISO providers means that SMBs can tap the expertise of qualified cybersecurity professionals to protect their digital assets and ensure compliance. To help organizations…

Read more →

Apple has released patches for three zero-day vulnerabilities (CVE-2023-32434, CVE-2023-32435, CVE-2023-32439) exploited in the wild. The first two have been reported by Kaspersky researchers Georgy Kucherin, Leonid Bezvershenko and Boris Larin following their discovery of the iOS spyware implant they…

Read more →

Infosecurity Europe is taking place at ExCeL London from 20-22 June 2023 and Help Net Security is on site. The first gallery is available here, and the second gallery is here. Here’s a closer look at the conference featuring: Swimlane,…

Read more →

ChatGPT can be used to generate phishing sites, but could it also be used to reliably detect them? Security researchers have tried to answer that question. Can ChatGPT detect phishing sites based on URLs? Kaspersky researchers tested 5,265 (2322 phishing…

Read more →

Technologies like Kubernetes and K3S are synonymous with the success of cloud native computing and the power of open source. It is no accident they have steamrolled the competition. As enterprises look to secure cloud-native environments, open source is the…

Read more →

In today’s interconnected world, telecom companies serve as gateways, connecting individuals, businesses, and governments. However, this role also makes them prime targets for cyberattacks. From DDoS attacks to sophisticated spyware infiltration, telecom providers face a wide range of threats that…

Read more →

Not only are macroeconomic headwinds causing more significant stress for security and DevOps teams, but the increasing number of threats against shrinking teams is causing an uneven playing field. In this Help Net Security video, Ev Kontsevoy, CEO at Teleport,…

Read more →

Security teams are stretched, with not enough people, skills or budget to cope with all their priorities, according to Panaseer. Average cybersecurity budgets increase in 2023 The survey of over 400 cybersecurity decision makers and practitioners across the US and…

Read more →

Exabeam has announced the general availability of Outcomes Navigator, an advanced visualization feature within the New-Scale SIEM product portfolio. Outcomes Navigator helps cybersecurity leaders overcome one of their most significant challenges –– having a clear understanding and way to visualize…

Read more →

Cloudflare has partnered with Databricks to enable organizations to safely, simply, and affordably share and collaborate on live data. With Cloudflare and Databricks, joint customers can eliminate the complexity and dynamic costs that stand in the way of the full…

Read more →

Habu has joined the Amazon Web Services (AWS) Partner Network (APN) and has launched a new solution to integrate its Data Clean Room offering with AWS Clean Rooms, and enable customers and their partners to analyze their collective data sets…

Read more →

Island announced an enterprise-grade set of Data Loss Prevention (DLP) capabilities for all popular interactive AI-type applications including ChatGPT, Bard and others, within its Enterprise Browser. These features are available in multiple deployment modes to accommodate various interaction types; integrated…

Read more →

The importance of software bills of materials (SBOMs) has grown substantially in recent years as organizations recognize the need for greater transparency in the software supply chain. This focus on SBOMs is a response to increasing cybersecurity threats and legislative…

Read more →

Compromised credentials were found within the logs of info-stealing malware traded on illicit dark web marketplaces over the past year, according to Group-IB. The number of available logs containing compromised ChatGPT accounts reached a peak of 26,802 in May 2023.…

Read more →

Infosecurity Europe 2023 is taking place at ExCeL London from 20-22 June 2023 and Help Net Security is on site. The first gallery is available here. Here’s a closer look at the conference featuring: Island, ThreatAware, Adaptiva, Infoblox, Noetic Cyber,…

Read more →

Infosecurity Europe 2023 is taking place in London this week, and this video provides a closer look at this year’s event. The post Infosecurity Europe 2023 video walkthrough appeared first on Help Net Security. This article has been indexed from…

Read more →

CVE-2023-20887, a pre-authentication command injection vulnerability in VMware Aria Operations for Networks (formerly vRealize Network Insight), has been spotted being exploited in the wild. There are no workarounds to mitigate the risk of exploitation – enterprise admins are advised to…

Read more →

IT teams have made security efforts and progress in zero-trust implementation strategies to establish a new sense of normalcy following the network upheaval caused by the start of the global pandemic. They have also addressed the need to secure remote…

Read more →

Censys has unveiled that NOS chose Censys to monitor its attack surface. Censys’ technology provides NOS with complete visibility into its external-facing infrastructure, simplifies its monitoring process and eliminates irrelevant alerts. As an internet provider for both the B2B and…

Read more →

IRONSCALES announced the Beta launch of Themis Co-pilot for Microsoft Outlook, a GPT-powered chat assistant for self-service threat reporting. Powering Themis Co-pilot is PhishLLM, a language model (LLM) hosted within the IRONSCALES infrastructure, which is the first in the IRONSCALES…

Read more →

eSentire launched eSentire AI Investigator, using generative AI powered cybersecurity to augment eSentire XDR Platform users of all levels with expertise to build their organization’s cyber resilience. eSentire’s platform has captured over 1 million expert-led cybersecurity investigations and response actions,…

Read more →

CYE announced a new capability in its Hyver platform that calculates dynamic risk in real-time. Hyver sets a new standard for the industry that will allow CISOs to take mitigation plans to the next level by optimizing real-time data to…

Read more →

Next DLP announced a new ‘Scoped Investigations’ capability in the Reveal platform that protects privacy by time bounding and restricting access to employee activity to only investigators with an approved and legitimate need to access it. A complementary pseudonymization feature…

Read more →

ExaGrid released software Version 6.3, which started shipping in June 2023. With each software update in Version 6, ExaGrid has been adding additional layers of security to its Tiered Backup Storage, which already guards against external threats by utilizing a…

Read more →

Infosecurity Europe is taking place at ExCeL London from 20-22 June 2023 and Help Net Security is on site. Here’s a closer look at the conference featuring: Island, Crowdstrike, Panorays, ManageEngine, Mazebolt, Cobalt, Intruder, TikTok, and CensorNet. The post Photos:…

Read more →

Orange Business, Orange Cyberdefense and Palo Alto Networks have joined forces to deliver a managed Secure Access Service Edge (SASE) solution that meets enterprise customers’ most demanding networking and security requirements with high performance, simplicity, and Zero Trust Network Access…

Read more →

Cymulate released a new solution for organizations to run an informed continuous threat exposure management (CTEM) program. The CTEM program, which was coined by Gartner is designed to diagnose the severity of exposures, create an action plan for remediation and…

Read more →

Edgescan released its new External Attack Surface Management solution, offering visibility and continuous monitoring to help secure organizations of all sizes. Today’s enterprises require a cloud-savvy security solution that effectively inventories, monitors, manages and protects their corporate assets across their…

Read more →

Black Kite released automated cyber risk quantification (CRQ) modeling for ransomware and business interruption scenarios. The new capabilities, which automates FAIR methodology, extends Black Kite’s data breach CRQ model to now provide visibility into all third-party risk scenarios, adds environmental,…

Read more →

Poorly managed Linux SSH servers are getting compromised by unknown attackers and instructed to engage in DDoS attacks while simultaneously mining cryptocurrency in the background. The Tsunami DDoS bot Tsunami, also known as Kaiten, is a type of DDoS bot…

Read more →

Malwarebytes launched the Malwarebytes Reseller Partner Program. The revamped program is dedicated to helping partners create profitable and consistent business growth through innovative endpoint security solutions and leading channel incentives such as lucrative base and multi-year discounts. “Today’s evolving threat…

Read more →

Netskope has released a comprehensive data protection solution to help enterprises securely manage employee use of ChatGPT and other generative AI applications, such as Google Bard and Jasper. As part of its Intelligent Security Service Edge (SSE) platform, Netskope enables…

Read more →

Silobreaker announced that it will be showcasing its enhanced geopolitical threat intelligence capabilities with RANE (Risk Assistance Network + Exchange) at Infosecurity Europe 2023. The tie-up will see Silobreaker integrate global risk intelligence company RANE’s Enterprise Geopolitical Intelligence into its…

Read more →

Zyxel has released firmware patches for a critical vulnerability (CVE-2023-27992) in some of its consumer network attached storage (NAS) devices. About CVE-2023-27992 CVE-2023-27992 is an OS command injection flaw that could be triggered remotely by an unauthenticated attacker, via a…

Read more →

Recon is the initial stage in the penetration testing process. It’s a vital phase allowing the tester to understand their target and strategize their moves. Here are ten open-source recon tools that deserve to be in your arsenal. Altdns Altdns…

Read more →

In this Help Net Security interview, Patricia Thaine, CEO at Private AI, reviews the main privacy concerns when using ChatGPT in a business context, as well as the risks that businesses can face if they betray customers’ trust. Thaine also…

Read more →

Verizon’s recently released 2023 Data Breach Investigation Report (DBIR) provides organizations with a comprehensive analysis of the evolving threat landscape and valuable insights into incident types and vulnerabilities. This year, the report includes the mapping of CIS (Center for Internet…

Read more →

Bradon Rogers, Chief Customer Officer at Island, provides an overview of the Island Enterprise Browser. Learn more at Infosecurity Europe 2023 – June 20-22, 2023. The post What if the browser was designed for the enterprise? appeared first on Help…

Read more →

The rapid pace of globalization, digital transformation, and AI advancements have created a renewed demand for digital and human skills among US learners, according to Coursera. “The rise of digital jobs and remote work is creating unprecedented opportunities for local…

Read more →

In this Help Net Security video, Michael Crandell, CEO of Bitwarden, discusses the future of passwords and authentication. Although interest in passwordless technology, which aims to eliminate the need for passwords, is relatively low, 65% of consumers are receptive to…

Read more →

ESET expanded its unified cybersecurity platform, ESET PROTECT, with a new subscription tier for businesses requiring all-in-one prevention, detection and response. Available immediately, ESET PROTECT Elite delivers enterprises, small and midsize businesses (SMBs), and channel partners with enterprise-grade XDR for…

Read more →

iStorage added a new encrypted flash drive to its highly successful datAshur range. The new datAshur PRO+C, with the Type-C interface, is the flash drive pending the new FIPS 140-3 Level 3 validation scheme. This offers robust guarantees as to…

Read more →

IBM announced plans to expand its longstanding partnership with Adobe to help brands successfully accelerate their content supply chains through the implementation of next-generation AI including Adobe Sensei GenAI services and Adobe Firefly (currently in beta), Adobe’s family of creative…

Read more →

The Microsoft 365 and Azure Portal outages users expirienced this month were caused by Layer 7 DDoS attacks, Microsoft has confirmed on Friday. The DDoS attacks against Microsoft 365 and Azure Portal Throughout the first half June 2023 Microsoft confirmed,…

Read more →

Progress Software has asked customers to update their MOVEit Transfer installations again, to fix a third SQL injection vulnerability (CVE-2023-35708) discovered in the web application in less that a month. Previously, the Cl0p cyber extortion gang exploited CVE-2023-34362 to grab…

Read more →

In this Help Net Security video, Nick Mistry, SVP and CISO at Lineaje, offers tips to simplify the process of compliance with U.S. Executive Order 14028. A key part of U.S. Executive Order 14028 is for organizations that work with…

Read more →

When employees, contractors and service providers leave an organization, they take with them knowledge, capabilities, and professional achievements. They should leave behind any proprietary or confidential data belonging to the organization, but Osterman Research found that 69% of organizations polled…

Read more →

Organizations that closely align their cybersecurity programs to business objectives are 18% more likely to achieve target revenue growth and market share and improve customer satisfaction, as well as 26% more likely to lower the cost of cybersecurity breaches/incidents, on…

Read more →

In this Help Net Security round-up, we present parts of previously recorded videos from experts in the field that discuss about how AI technologies will impact the cybersecurity industry in the next few years. AI is a powerful tool in…

Read more →

Decades ago, Tony Turner, CEO of Opswright and author of Software Transparency: Supply Chain Security in an Era of a Software-Driven Society, faced an SQL Slammer worm. Having been one of the 75,000 infected users, he called upon his skills…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Building a culture of security awareness in healthcare begins with leadership In this Help Net Security interview, Ken Briggs, General Counsel at Salucro, discusses how…

Read more →