Category: Help Net Security

Kyndryl has expanded strategic partnership with SAP focused on developing new solutions to help customers solve their most complex digital business transformation challenges. Under their expanded collaboration, the companies have leveraged SAP Business Transformation Center and vast ERP systems know-how,…

Read more →

Teradata and FICO announced they plan to bring to market integrated advanced analytic solutions for real-time payments fraud, insurance claims, and supply chain optimization. Bringing data, analytics and insights together in one environment streamlines the development of solutions for use…

Read more →

New Relic has announced an integration with AWS Systems Manager Distributor to provide a native experience to automatically deploy the New Relic monitoring infrastructure agent via the AWS Command Line Interface (CLI) and any AWS infrastructure-as-code (IaC) tooling to streamline…

Read more →

BeeKeeperAI has released EscrowAI, a zero trust collaboration platform. EscrowAI leverages Azure confidential computing to resolve the challenges of data sovereignty, privacy, and security. In healthcare, EscrowAI enables HIPAA-compliant research on full PHI without exposing the patient data, thereby reducing…

Read more →

Aqua Security integrates with the ServiceNow to enable joint customers to identify vulnerabilities in running containers with the broadest coverage across operating systems and programming languages, and with the highest accuracy. Security and application teams can automate vulnerability triage, identify…

Read more →

Nine vulnerabilities – 4 of them critical – have been found in a variety of Cisco Small Business Series Switches. PoC exploit code is available (but not public), and there is no indication that they are being exploited in the…

Read more →

A steady increase in cyberattacks and evolving threat landscape are resulting in more organizations turning their attention to building long-term cyber resilience; however, many of these programs are falling short and fail to prove teams’ real-world cyber capabilities, according Immersive…

Read more →

In this Help Net Security video interview, Or Weis, Co-Founder and CEO of Permit.io, discusses an innovative approach to managing permissions and access control within applications. We will explore policy as code and how it addresses organizations’ challenges in managing…

Read more →

In this Help Net Security interview, we meet a prominent industry leader. Brian Behlendorf, CTO at the Open Source Security Foundation (OpenSSF), shares insights on the influence of his experiences with the White House CTO office, World Economic Forum, and…

Read more →

The Identity Theft Resource Center (ITRC) has documented incidents of identity theft reported during 2022 and the first quarter of 2023, highlighting the use of strategies by criminals to convince people to willingly share protected information. The number of reported…

Read more →

Acronis has announced the general availability of Acronis Advanced Security + Endpoint Detection & Response (EDR) for Acronis Cyber Protect Cloud. With new capabilities such as AI-based attack analysis, Acronis EDR reduces complexity and simplifies workflows for a more streamlined…

Read more →

Enzoic launched an identity monitoring offering, enabling organizations to continuously track and ensure their users’- whether its customers or employees– personally identifiable information (PII) has not been exposed. This reduces the risk of identity theft and the data being used…

Read more →

Satori has released Posture Management, a new capability within Satori’s platform that monitors the authorization of users to data across all of a company’s data stores. In addition, Satori announced the availability of Data Store Discovery, which scans and monitors…

Read more →

Boomi has released Boomi AI – a conversational user experience that harnesses generative AI to connect and integrate applications, data, processes, people, and things across organizations – creating business outcomes faster than ever before. “The introduction of Boomi AI marks…

Read more →

Next DLP (“Next”) has unveiled a new integration between Splunk and the company’s Reveal platform. The new technology partnership bolsters visibility, protection, and leverages customer’s investment in existing security solutions to improve incident response effectiveness. “Data is constantly in-use and…

Read more →

Barracuda Networks announced a new platform called Barracuda SecureEdge, a SASE solution that helps make hybrid and remote work easier to secure. Barracuda SecureEdge integrates Barracuda’s Secure SD-WAN, Firewall-as-a-Service, Zero Trust Network Access, and Secure Web Gateway capabilities. Using a…

Read more →

Cleo has entered into a global partnership with Cognizant to power the Cognizant Cloud Integration Brokerage (CCIB) for the enterprise market. This new B2B platform-as-a-service solution, which comprises elements from Cleo’s offering, the Cleo Integration Cloud, will be named “CCIB,…

Read more →

ServiceNow has announced new generative AI capabilities for the Now Platform to help deliver workflow automation. The new solutions—ServiceNow Generative AI Controller and Now Assist for Search—expand ServiceNow’s AI functionality with built-in capabilities that apply the power of generative AI…

Read more →

Neurotechnology announced the expansion of the MegaMatcher product line with the release of the MegaMatcher Identity Management System (IDMS). The new end-user-focused system is capable of handling a variety of different tasks from identity registry formation to comprehensive administration for…

Read more →

Ammune.ai (Formerly L7 Defense), has integrated its API security solution ammune, with the Intel NetSec Accelerator Reference Design, providing node-based protection for Kubernetes clusters from API attacks. The deployment architecture incorporates the integration of ammune RT-units with the Intel NetSec…

Read more →

Inseego has launched the next-generation 5G indoor router FX3100, with UScellular. The new upgraded FX3100, which includes the Qualcomm Snapdragon X62 5G Modem-RF System, adds new capabilities to the current generation FX2000. The new FX3100 solution brings fast broadband internet…

Read more →

With BlindBox, you can use Large Language Models without any intermediary or model owner seeing the data sent to the models. This type of solution is critical today, as the newfound ease-of-use of generative AI (GPT4, MidJourney, GitHub Copilot…) is…

Read more →

A vulnerability (CVE-2023-32784) in the open-source password manager KeePass can be exploited to retrieve the master password from the software’s memory, says the researcher who unearthed the flaw. The bad news is that the vulnerability is still unfixed and that…

Read more →

Zscaler announced that Syam Nair has been appointed as the company’s Chief Technology Officer and EVP of Research and Development. In this role, Nair will be responsible for driving the research and development engines to expand Zscaler’s Zero Trust Exchange…

Read more →

Amartus has partnered with ServiceNow to offer Enterprises and Service Providers a combined solution for rapid implementation of MEF LSO (Life-cycle Service Orchestration) industry standard processes and APIs to automate trading & operation of services that underpin todays Enterprise Network…

Read more →

Veza has unveiled that the Veza Authorization Platform is now available on the Snowflake Data Cloud. With this integration, joint customers can now manage access permissions and secure their sensitive data at scale. By leveraging the Snowflake Data Cloud, Veza…

Read more →

Entro announced $6 million in seed funding led by StageOne Ventures and Hyperwise Ventures. Founded by CEO Itzik Alvas and CTO Adam Cheriki to address secret-based breaches, Entro continuously monitors and protects secrets and programmatic access to cloud services and…

Read more →

Eagle Eye Networks and Brivo announced one of the largest investments to date in cloud physical security. SECOM, one of the largest security integration companies in the world, according to Forbes Global 2000, has made a primary equity investment of…

Read more →

A Chinese state-sponsored APT group implanted malicious firmware into TP-Link routers as part of attack campaigns aimed at European foreign affairs entities, say Check Point researchers. Custom malicious firmware for TP-Link routers The malicious firmware was exclusively created for TP-Link…

Read more →

A week after Twitter announced it will be removing idle accounts after 30 days of inaction, Google has updated its account inactivity policy. Updates to the Google account inactivity policy Google says that the updated policy is effective immediately, but…

Read more →

Sophos researchers uncovered multiple apps masquerading as legitimate, ChatGPT-based chatbots to overcharge users. These apps have popped up in the Google Play and Apple App Store. Because the free versions have near-zero functionality and constant ads, they coerce unsuspecting users…

Read more →

A new risk emerges in the digital era, where open-source software has become a fundamental pillar in developing innovative applications. The threat? Malicious open-source components. In this Help Net Security video, Henrik Plate, Lead Security Researcher at Endor Labs, discusses…

Read more →

In 2021, the Biden Administration published the Executive Order on Improving the Nation’s Cybersecurity (EO 14028), setting off an agency-wide security initiative with the ultimate objective of standardizing security requirements across the Department of Defense (DoD) and the Federal Civilian…

Read more →

The Center for Internet Security (CIS) recently celebrated 20 years of bringing confidence to the connected world with consensus-based security guidance. The first CIS Benchmark was released in 2000. Today, there are more than 100 CIS Benchmarks configuration guidelines across…

Read more →

Infostealer malware, which consist of code that infects devices without the user’s knowledge and steals data, remains widely available to buy through underground forums and marketplaces, with the volume of logs, or collections of stolen data, available for sale increasing…

Read more →

Aqua Security has launched Real-Time CSPM, a next-gen cloud security posture management (CSPM) solution, which provides a complete view of multi-cloud security risk, pinpoints threats that evade agentless detection, and reduces noise so security practitioners can identify, prioritize, and remediate…

Read more →

Circle Security has unveiled a joint integration with the ForgeRock Identity Platform. The pre-built on-premises integrated node will help businesses stay ahead of evolving threats and achieve their security goals by integrating identity authentication and privacy protection capabilities into customer…

Read more →

Scality announced its newest release of Scality ARTESCA, its secure S3 object storage software for data deployments starting at a few terabytes. Over a dozen innovations in ARTESCA 2.0 strengthen cyber resiliency through a hardened, reduced attack surface that minimizes…

Read more →

Leostream has unveiled federated identity management with Zero-Trust Network Access (ZTNA) for secure remote computing. Built to protect and connect users across virtual desktop infrastructure (VDI), desktops-as-a-service (DaaS), and end-user computing (EUC) applications in Amazon Web Services (AWS) environments, the…

Read more →

Criminals have never had more avenues through which to defraud people. This has been fueled by the proliferation of technology ranging from instant messaging to new forms of remittance, like P2P and real-time payments. That’s why ComplyAdvantage launched Fraud Detection,…

Read more →

Veriff has partnered with MassPay to provide enhanced identity verification (IDV) services and know your customer (KYC) offerings through its Global Payment Orchestration Platform. With this partnership, Veriff expedites the IDV process for MassPay and its growing customer base, while…

Read more →

Nozomi Networks has introduced Vantage IQ, the AI-based analysis and response engine designed to address security gaps and resource limitations in mission critical operational infrastructure. Available as an add-on to Vantage, Nozomi Networks’ SaaS-based security management platform, Vantage IQ uses…

Read more →

Island announced Self-Protection for the Enterprise Browser, delivering a fundamentally new approach and level of security to enterprise work. Island has introduced the ideal solution for organizations with extremely sensitive data and applications, to ensure safe operation even on devices…

Read more →

Fraudsters are trying out a new approach to convince companies to pay bogus invoices: instead of hijacking existing email threads, they are creating convincing ones themselves. A clever payment request fraud The fraud attempt begins with an email containing a…

Read more →

IBM has acquired Polar Security, an innovator in technology that helps companies discover, continuously monitor and secure cloud and SaaS application data – and addresses the growing shadow data problem. This news marks IBM’s 5th acquisition in 2023. Since Arvind…

Read more →

CellTrust is teaming up with Proofpoint to help organizations manage mobile communication information risk and improve investigative readiness. As the number of mobile communication channels (text, chat, voice, app to app) grows, highly regulated organizations are relying on technology to…

Read more →

Confluent has unveiled new Confluent Cloud capabilities that give customers confidence that their data is trustworthy and can be easily processed and securely shared. With Data Quality Rules, an expansion of the Stream Governance suite, organizations can resolve data quality…

Read more →

SolarWinds announces it’s adding transformative artificial intelligence (AI) and machine learning (ML) capabilities to its IT service management (ITSM) solutions. The new AI features include a virtual agent to help users solve everyday IT problems and guided incident resolution to…

Read more →

French electronics manufacturer Lacroix closed three factories as a result of a cyberattack they “intercepted” over the weekend, the company has announced on Monday. Lacroix designs and produces electronic equipment for the automotive, home automation, aerospace, industrial and health sectors,…

Read more →

As part of Google’s commitment to building a strong cybersecurity workforce, the Google Cybersecurity Certificate offers an affordable and accessible pathway to a career in cybersecurity. In this Help Net Security interview, Phil Venables, CISO at Google Cloud, sheds light…

Read more →

Meta has unveiled Chat Lock within WhatsApp, a feature that allows users to keep sensitive and intimate conversations safe from prying eyes. WhatsApp Chat Lock (Source: WhatsApp) Enabling Chat Lock By tapping on a one-to-one or group conversation, users can…

Read more →

Corvus Insurance analyzed data from the dark web and ransomware leak sites. Researchers uncovered a 60% increase in ransomware victims in March 2023, marking the highest monthly victim count observed in the past two years. In this Help Net Security…

Read more →

Zero trust adoption is beginning to accelerate as networks get more complex. Gartner predicts that by 2026, 10% of large enterprises will have a comprehensive, mature, and measurable zero-trust program in place (compared to just 1% today). But adoption has…

Read more →

Parablu has unveiled a multi-year agreement with Microsoft that integrates engineering, go-to-market activities, and co-selling of Parablu’s BluVault and the Ransomware Defense Suite Software-as-a-Service (SaaS) offerings. Parablu will leverage Microsoft Cloud infrastructure and services –– Microsoft Azure and Microsoft 365…

Read more →

SAP has unveiled the next step in its long-standing partnership with Microsoft, using the latest in enterprise-ready generative AI innovation to help solve customers’ most fundamental business challenges. The companies will collaborate on integrating SAP SuccessFactors solutions with Microsoft 365…

Read more →

Everbridge and samdesk have expanded its partnership, building on the integration of samdesk’s crisis detection feeds with Everbridge’s CEM suite of products. As a preferred partner, samdesk now integrates directly with Everbridge Visual Command Center (VCC) through a samdesk connector…

Read more →

Cloudflare has extended its SASE platform, Cloudflare One, to generative artificial intelligence (AI) services. Cloudflare One for AI, a suite of zero trust security controls, will enable enterprises to safely and securely use the latest generative AI tools without putting…

Read more →

Three vulnerabilities in Advantech’s EKI series of serial device servers could be exploited to execute arbitrary commands on the OS level. Source: CyberDanube The vulnerabilities Serial device servers are networking devices that “network-enable” serial devices (e.g., printer, climate control system,…

Read more →

We all have witnessed automated advances creep into our modern threat hunting processes – and with good reason. As the rate of cyberattacks steadily increases, automated threat hunting processes are being integrated to help stem the tide by providing quicker…

Read more →

With an ever-evolving landscape of cyber threats, the necessity for innovative, effective, and user-friendly security products has never been more apparent. Current security solutions, however, seem to lag behind, struggling to adequately address the challenges posed by increasingly sophisticated cyber-attacks.…

Read more →

In 2022, 47.4% of all internet traffic came from bots, a 5.1% increase over the previous year, according to Imperva. The proportion of human traffic (52.6%) decreased to its lowest level in eight years. Bad bot traffic For the fourth…

Read more →

For its recent research focusing on web entities (or content served over HTTP), Censys leveraged its internet-wide scan data to understand better the applications and services that have become core to our existence, evaluating the state of security on the…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Dragos blocks ransomware attack, brushes aside extortion attempt A ransomware group has tried and failed to extort money from Dragos, the industrial cybersecurity firm has…

Read more →

Hammerspace acquires Rozo Systems to expand the performance and hyperscale capacity capabilities of its unstructured Data Orchestration System. Data-driven organizations have rapidly become more decentralized, with files being created, analyzed, and moved across locations constantly. The speed of capturing the…

Read more →

OneTrust announces new innovations across the Trust Intelligence Platform to help organizations responsibly use data and drive trust intelligence at scale. As companies tackle the challenges of data sprawl, OneTrust’s enhancements provide companies with the discovery, automation, and intelligence to…

Read more →

AI Spera announced a data-sharing partnership agreement between its flagship search engine, Criminal IP, and DNS0.EU. This strategic collaboration makes perfect sense, as both entities share a common objective of providing the utmost protection against internet threats by blocking malicious…

Read more →

Manufacturing businesses, healthcare organizations, and tech companies in English-speaking countries are the most targeted by phishers leveraging a relatively new phishing-as-a-service (PaaS) tool called Greatness, created to phish Microsoft 365 users. According to Cisco researcher, this tool has been utilized…

Read more →

The need to protect sensitive information from unauthorized access and theft has never been greater, and cybersecurity and IAM technologies are evolving to meet this challenge while providing users with more convenience. There are three key trends to watch in…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Aqua Security, Feedzai, Nebulon, OpenVPN, Trua, and Zscaler. Aqua Security strengthens software supply chain security with pipeline integrity scanning Powered by eBPF technology, Aqua’s pipeline…

Read more →

Most CISOs have returned to the elevated concerns they experienced early in the pandemic, according to Proofpoint. Elevated concerns among CISOs Globally, 68% of surveyed CISOs feel at risk of a material cyber attack, compared to 48% the year before,…

Read more →

Digital fraud has significant financial and psychological repercussions on victims, according to Telesign. Businesses may find a new reason to fear digital fraud as the negative impacts of digital fraud on companies’ brand perception and the bottom line. Trust in…

Read more →

Bitdefender has unveiled App Anomaly Detection, the real-time, behavior-based protection layer available now in Bitdefender Mobile Security for Android, that continuously detects anomalous and malicious behavior in Android applications as it emerges. The number of malicious and compromised Android applications…

Read more →

Check Point has expanded its Check Point Harmony Endpoint protections solution by incorporating vulnerability and automated patch management capabilities. This enhancement addresses the mounting number of cyberattacks that exploit unpatched system vulnerabilities for unauthorized access. To deliver this advanced feature,…

Read more →

Point Predictive launched its newest solution, BorrowerCheck 3.0. Available via API or web browser, BorrowerCheck 3.0 addresses the problem of fraud and identity theft in a more comprehensive way than existing identity solutions to help stop the billions in fraud…

Read more →

Qrypt has formed a partnership with Carahsoft. Under the agreement, Carahsoft will serve as Qrypt’s Master Government Aggregator, making the company’s quantum-secure encryption technology available to the Federal Government through Carahsoft’s reseller partners’, Information Technology Enterprise Solutions – Software 2…

Read more →

In today’s world of fake news and AI-generated content, it is increasingly difficult to know if documents and files are trustworthy. But now anyone can easily verify the provenance of any file by simply dragging and dropping that file onto…

Read more →

Financial fraud has increased substantially as the trend towards mobile banking and digitization accelerates. In 2022 alone, the Federal Trade Commission received over 1.1 million reports of identity theft and over 440,000 reports of credit card fraud. To help banks…

Read more →

SAP and Google Cloud announced an extensive expansion of their partnership, introducing a comprehensive open data offering designed to simplify data landscapes and unleash the power of business data. The offering enables customers to build an end-to-end data cloud that…

Read more →

Cynalytica has launched the OTNetGuard 4G/5G sensor that offers a capability for cellular backhaul for communications monitoring of ICS/SCADA and OT environments, providing a secure out-of-band monitoring capability for critical infrastructure operators. As the threat landscape for industrial control systems…

Read more →

NETGEAR launched its latest innovation: the Nighthawk M6 Pro 5G WiFi 6E Hotspot Router (MR6550). With its 5G mmWave and WiFi 6E capabilities, this device delivers ultra-fast internet speeds and enhanced connectivity, powerful enough for remote business sites and portable…

Read more →

Arlo Technologies announced a partnership with Ping Identity, the intelligent identity solution for the enterprise. The new benefit will provide Ping Identity’s approximately 800 US employees with an Arlo Safe subscription to deliver comprehensive on-the-go personal, family and car safety.…

Read more →

Absolute Software has agreed to be acquired by venture capital firm Crosspoint Capital Partners in a deal with an enterprise value of $870 million. Under the terms of the Arrangement Agreement, Absolute shareholders will receive $11.50 per Common Share in…

Read more →

Comcast Business, Fortinet, and Exclusive Networks teamed up to deliver a new distribution sales route and managed SD-WAN services for value-added resellers (VARs) and managed service providers (MSPs). The collaboration expands the Masergy Guardian Portfolio, adding additional sales routes and…

Read more →

Google has announced new tools, features and updates to improve users’ online safety, help them evaluate content found online, and alert them if their Gmail identity appears on the dark web. New tools and options for users A new tool…

Read more →

A ransomware group has tried and failed to extort money from Dragos, the industrial cybersecurity firm has confirmed on Wednesday, and reassured that none of its systems or its Dragos Platform had been breached. What happened? “The criminal group gained…

Read more →

Monitoring assets in ever-changing settings operating in both development and production stages presents challenges. In this Help Net Security video, Daniel Deeney, CEO at Paladin Cloud, discusses how companies face difficulties identifying security threats within cloud environments. As businesses transition…

Read more →

Adversaries were able to encrypt data in 76% of the ransomware attacks that were conducted against surveyed organizations, according to Sophos. The survey also shows that when organizations paid a ransom to get their data decrypted, they ended up additionally…

Read more →

30% of automotive employees don’t check security protocols before trying a new tool, according to Salesforce. This could put their company and customer data at risk. Alarming rise in automotive API attacks Cybersecurity is a growing concern in the automotive…

Read more →

Feedzai announced significant enhancements to its RiskOps Platform, enabling banks to better protect their customers from a wide variety of financial scams. These new Feedzai ScamPrevent capabilities deliver detection, classification, and interception of the widest variety of payment scams and…

Read more →

Aqua Security added pipeline integrity scanning to prevent software supply chain attacks and assure CI/CD pipeline integrity. Powered by eBPF technology, Aqua’s pipeline integrity scanner detects and blocks suspicious behaviour and malware in real time, preventing code tampering and countering…

Read more →

Red Hat has unveiled the general availability of Red Hat Enterprise Linux 9.2 and the forthcoming availability of Red Hat Enterprise Linux 8.8. These new releases further Red Hat’s efforts to simplify and streamline complex Linux platform tasks across the…

Read more →

iProov and Wultra partnership enables Wultra to provide iProov’s biometric solutions suite as part of its portfolio of digital banking solutions. Consumers are increasingly calling on their financial services providers to offer online access to high-risk services including new account…

Read more →

Trua launched a new product called TruaID, which will give consumers a greater sense of security with their private information while providing businesses a more efficient means of screening customers and prospective employees. Simultaneously, Trua announced that it has branched…

Read more →

Dell Technologies advances software-driven innovation across its storage portfolio, driving increased cyber resiliency, energy efficiency and automation to power customers’ multicloud journeys. Dell’s commitment to software development has resulted in more than 2,000 storage portfolio advancements in the past twelve…

Read more →

IBM announced its new IBM Quantum Safe technology: a comprehensive set of tools and capabilities, combined with IBM’s deep security expertise, designed as an end-to-end solution to be made available as organizations, including governmental agencies, prepare their quantum-safe journey towards…

Read more →

Kasada partners with Signifyd to help eCommerce providers deliver on their core business priorities to reduce fraud while improving the user experience. Together Kasada and Signifyd provide an impenetrable barrier against fraud. Kasada’s anti-bot platform stops automated online fraud before…

Read more →

Prove Identity announced a new partnership with Visa to empower brands to increase secure loyalty account enrollment by eliminating manual account registration and pre-filling application forms with verified information. Visa clients will now have access to Prove’s Prove Pre-Fill identity…

Read more →

Among the vulnerabilities fixed by Microsoft on May 2023 Patch Tuesday is CVE-2023-29324, a bug in the Windows MSHTML platform that Microsoft rates as “important.” Akamai’s research team and Ben Barnea, the researcher who’s credited with finding the flaw, disagree…

Read more →

Nutanix has unveiled Nutanix Central, a cloud-delivered solution that provides a single console for visibility, monitoring, and management across public cloud, on-premises, hosted or edge infrastructure. This will extend the universal cloud operating model of the Nutanix Cloud Platform to…

Read more →

Revelstoke announced partnership with Check Point to enhance edge network security, endpoint and XDR with low-code, high-speed automation, and to empower SOC teams to work more accurately and efficiently. Cybersecurity professionals seek to overcome challenges due to talent shortages, increasing…

Read more →