Category: Help Net Security

Expel has released Expel Vulnerability Prioritization, a new solution that highlights which vulnerabilities pose the greatest risk, so organizations can take immediate, informed action. The solution empowers security teams to understand their most urgent risk areas within their detection and…

Read more →

Patented.ai has released its introductory tool, LLM Shield that allows companies to safeguard their most sensitive data – proprietary source code, private customer information, unreleased financial data, legal documents, board reports and more – from large language models (LLM), such…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Balancing cybersecurity with business priorities: Advice for Boards In this Help Net Security interview, Alicja Cade, Director, Financial Services, Office of the CISO, Google Cloud,…

Read more →

The last decade of digital transformation has turned most organizations today into true digital businesses. But the effectiveness and economics of cloud operating models have become top concerns. How to best secure, optimize, and automate hybrid cloud environments in the…

Read more →

Onapsis has unveiled a series of new product updates for the Onapsis Platform. Enriched with the threat intelligence, the Onapsis Platform further simplifies business application security for CISOs and CIOs alike with a new Security Advisor, new updates to its…

Read more →

Next DLP has unveiled the addition of ChatGPT policy templates to the company’s Reveal platform, which uncovers risk, educates employees and fulfills security, compliance, and regulatory needs. The launch of these new policy templates is in response to the dramatic…

Read more →

Virsec has unveiled a suite of capabilities that automates the path to zero trust workload protection to increase the speed of protection, stopping attacks—including zero-days—in milliseconds. Its distinctive feature-set strikes the right balance between granular control, ease of onboarding, and…

Read more →

Fraudsters are taking advantage of the widening fraud knowledge gap, outlining the urgent need for banks to educate and protect their customers with technology, according to Feedzai. The report reveals that while 56% of respondents have been a victim of…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Armorblox, Cofense, D3 Security, Sotero, Venafi, Veracode, Versa Networks, and Zyxel Networks. Zyxel SCR 50AXE boosts network security for small businesses and remote workers The…

Read more →

There was a time, not too long ago, when most IT leaders believed shadow IT was a negligible element in their companies. They felt their IT organizations were so in control of what applications were purchased and who was granted…

Read more →

Bugcrowd has released new capabilities in its Penetration Testing as a Service (PTaaS) offering that enables buyers to purchase, set up, and manage pen tests directly online without a need for lengthy sales calls and scoping sessions. PTaaS is one…

Read more →

Cofense has released Cofense Protect+, a fully integrated and automated email security solution specifically designed to protect mid-size organizations from ever-evolving cyber threats. Today’s mid-market organizations are faced with growing attack surfaces and email threats that are increasing in complexity.…

Read more →

Armorblox has released its newest product, Graymail and Recon Attack Protection, developed to decrease the time security teams spend managing graymail and mitigate the security risks from malicious recon attacks. This is in addition to the announcement of new capabilities…

Read more →

Sotero has launched Sotero Ransomware Protection, giving organizations the ability to proactively protect unstructured data from attack by utilizing behavior-based detection. Most currently available ransomware solutions use a signature-based approach that detects only currently known ransomware strains – a method…

Read more →

47% of employees report feeling stressed in their everyday life, but nearly 70% believe their employer would support them in a time of need, according to Mercer Marsh Benefits. The report surveyed over 17,500 employees in 16 markets across the…

Read more →

Talon Cyber Security has integrated the Talon Enterprise Browser with Microsoft Azure OpenAI Service to provide enterprise-grade ChatGPT access to customers. “The productivity gains that ChatGPT enables for organizations are too game changing for us to not make an enterprise-level…

Read more →

Dashlane has unveiled an integration of AWS Nitro Enclaves into its security architecture, starting with the launch of Dashlane Confidential SSO in public beta. Leveraging AWS Nitro Enclaves to create isolated computing environments to further protect and securely process highly…

Read more →

Intruder has joined the Google Cloud Partner Advantage program as a technology partner, giving organisations the ability to easily monitor their cloud systems for potential security breaches and vulnerabilities. As part of the collaboration, customers are able to connect Intruder…

Read more →

Orange Cyberdefense has been selected to carry out cyber crisis management exercises by the GIP SESAN (Groupement Régional d’Appui au Développement de l’eSanté d’Île-de-France) and by CAIH (Centrale d’Achat de l’Informatique Hospitalière) to support healthcare players in the region. These…

Read more →

Too many people have access to company data they don’t need. Also, too many companies focus on authentication (verifying identity) as a security measure and overlook the importance of authorization (verifying right to access). While it’s important to give employees…

Read more →

Almost all IT and security leaders (96%) globally are concerned their organization will be unable to maintain business continuity following a cyberattack, according to Rubrik. Data security is becoming increasingly complex Data security is becoming increasingly complex and the datasets…

Read more →

A recent Code42 report reveals a rapidly growing number of inside risk incidents and a concerning lack of training and technology, further exacerbated by increasing workforce turnover and cloud adoption. In this Help Net Security video, Joe Payne, President at…

Read more →

Venafi has introduced Venafi Firefly, the lightweight machine identity issuer that supports highly distributed, cloud native environments. Part of the Venafi Control Plane for Machine Identities, Firefly enables security teams to easily and securely meet developer-driven machine identity management requirements…

Read more →

NICE Actimize has launched its Suspicious Activity Monitoring (SAM-10) solution. Built to detect more suspicious activity while reducing false positives, NICE Actimize’s SAM-10 introduces enhancements to its anti-money laundering solution, incorporating multiple layers of defense which strengthen the others and…

Read more →

Picus Security has announced the expansion of its continuous threat exposure management (CTEM) solution to help CISOs better answer the question: “what is our cyber risk?”. The company’s new capabilities – Picus Cyber Asset Attack Surface Management (CAASM) and Picus…

Read more →

Worldwide IT and business services revenue is expected to grow (in constant currency) from $1.13 trillion in 2022 to $1.2 trillion in 2023, or 5.7% year-over-year growth, according to IDC. In nominal dollar-denominated revenue based on today’s exchange rate, the…

Read more →

Organizations experienced a significant increase in ransomware – from an average of four attacks over five years in 2021 versus four attacks over the course of one year in 2022, according to ExtraHop. Of those who fell victim, 83% admitted…

Read more →

Tentacle has announced Tentacle AI Control Mapping; a machine learning and natural language processing-fueled feature expected to transform an organization’s ability to centralize and leverage critical cyber security information. AI Control Mapping is the first of a series of machine…

Read more →

VMware has unveiled VMware Cross-Cloud managed services, a set of prescriptive offers with enhanced partner and customer benefits that will enable skilled partners to expand their managed services practices. Cross-Cloud managed services will make building managed services faster for partners…

Read more →

Daon has unveiled TrustX, its next-generation cloud-based platform for identity proofing and authentication to support the creation and deployment of user journeys across their entire digital identity lifecycle. Daon TrustX is optimized by artificial intelligence (AI) and machine learning (ML)…

Read more →

Oracle is introducing new capabilities across Oracle Fusion Cloud Applications Suite that help customers accelerate supply chain planning, increase operational efficiency, and improve financial accuracy. The updates include new planning, usage based pricing, and rebate management capabilities within Oracle Fusion…

Read more →

Digi International has released its latest value-added service — Digi WAN Bonding — to deliver true Gigabit speeds for enhanced network performance. This solution, which is fully integrated into the Digi technology stack, also improves Internet reliability and increases bandwidth…

Read more →

LogRhythm and Zscaler work together to help organizations around the globe increase network insight and address a variety of cloud access security challenges faced by the modern SOC. LogRhythm SIEM and the Zscaler Zero Trust Exchange platform provide visibility and…

Read more →

Looking at configuration data, 56% of decommissioned routers disposed of and sold on the secondary market contained sensitive corporate data, according to ESET. Of the networks that had complete configuration data available: 22% contained customer data 33% exposed data allowing…

Read more →

As cyberattacks increase in frequency and sophistication, small and medium-sized businesses (SMBs) become more vulnerable to cyber threats. Unlike larger enterprises, SMBs often lack the financial and technical resources to secure their networks and data against malicious actors effectively. With…

Read more →

Healthcare, manufacturing, and utilities are suffering long-term financial impact of major cyber attacks, according to ThreatConnect. “With the National Cyber Strategy coming out of the White House focusing on decreasing cyber risk from critical infrastructure and the new SEC Cyber…

Read more →

Destructive ransomware attacks impact enterprises, governments, airlines, hospitals, hotels, and individuals, causing widespread system downtime, economic loss, and reputational damage. In this Help Net Security video, AnnMarie Nayiga, Lead MDR Analyst at Malwarebytes, talks about the dangers of ransomware reinfection.…

Read more →

Mention IT security, and most people immediately think of software-based protections against software-based threats: ransomware, viruses, and other forms of malware. But recognition of the importance of hardware security—upon which all software security is built—is (thankfully) also growing. Established hardware…

Read more →

Versa Networks launched Versa Zero Trust Everywhere, delivering zero trust security for both remote and on-premises users, with optimized user-to-application performance. Hybrid cloud and hybrid work have changed where and how users work, challenging organizations to find ways to secure…

Read more →

With cybersecurity teams struggling to manage the remediation process and monitor for vulnerabilities, organizations are at a higher risk for security breaches, according to Cobalt. As enterprises prioritize efficiencies, security leaders increasingly turn to third-party vendors to alleviate the pressures…

Read more →

Veracode launches Veracode Fix, a new AI-powered product that suggests remediations for security flaws found in code and open-source dependencies. Shifting the paradigm from merely ‘find’ to ‘find and fix’ “For far too long, organizations have had to choose between…

Read more →

Phylum has added Open Policy Agent (OPA) and continuous reporting to its policy engine. Customers now have more flexibility when creating and enforcing custom policies, and can show compliance with key software supply chain frameworks, regulations and guidelines. “We built…

Read more →

Armis enhanced its Cybersecurity Asset Attack Surface Management (CAASM) Solution giving security teams’ abilities to overcome asset visibility and exposure challenges. Security teams will be able to improve their overall security position by ensuring security controls, security posture, and asset…

Read more →

LastPass has unveiled LastPass University, a training platform featuring live and on-demand coursework to help business administrators, their end users and partners deepen their LastPass product knowledge and password management skills. LastPass University training modules range from basic to comprehensive,…

Read more →

Edgio has released Advanced Bot Management solution that proactively mitigates a wide range of evolving malicious bots while providing observability into good bots. Leveraging massive amounts of data continuously drawn from the platform’s extensive global deployment, Advanced Bot Manager applies…

Read more →

Styra has appointed Mark Pundsack as CEO, effective immediately. Pundsack brings more than thirty years of experience to the role with deep expertise in the software development industry, where he has spent much of his career leading product development teams…

Read more →

DigiCert has unveiled its new unified partner program, designed to provide partners with a comprehensive portfolio that delivers digital trust for the real world. The new program includes more sales motions for all partner types; training, support and tools that…

Read more →

Allurity has closed the acquisition of two new cybersecurity companies, CloudComputing and Securix. The former brings a complete and robust offering in identity, zero trust and information security. The latter adds substantial reinforcement in the areas of identity security, observability…

Read more →

Swimlane announced a strategic partnership with AWS, bringing the power of security automation to AWS environments via a cost-effective solution. The company today also announced Swimlane Turbine is now a cloud-native platform, helping customers automate responses to security data, which…

Read more →

Korea Trade-Investment Promotion Agency (KOTRA) will host 10 Korean cybersecurity companies as Korea Pavilion with Korea Information Security Industry Association (KISIA) at RSA Conference 2023. KOTRA and KISIA will feature companies from across a range of fields including network security,…

Read more →

A well-tuned data breach playbook can provide security teams with a clear roadmap for working through the breach response process. Foreseeing every possible twist and turn of a breach may be impossible, but through extensive wargaming, teams can simulate diverse…

Read more →

In this Help Net Security video, Michael Peters, Principal Software Engineer at Red Hat, discusses how to implement a zero-trust system that uses workload identity across a service mesh in Kubernetes to provide explicit authorization between services, as well as…

Read more →

Within the largest financial institutions, insurers, and retailers, the rise and adoption of AI, an impending recession, and the return of pre-pandemic fraud techniques are driving record rates of fraud attacks for consumers and enterprises alike, according to Pindrop. Researchers…

Read more →

In today’s rapidly evolving technological landscape, it’s more important than ever for Boards and executives to stay informed about the latest advancements and potential risks in technology and digital capability. In this Help Net Security interview, Alicja Cade, Director, Financial…

Read more →

D3 Security has launched its Smart SOAR platform, which expands beyond traditional SOAR with hyperscalable, risk-based autonomous triage and incident remediation across the entire stack. The new capabilities of Smart SOAR build on D3 Security’s designed and maintained integrations, which…

Read more →

Recent warnings by the FBI and FCC have highlighted the risks associated with using public USB chargers. Hackers have created ways to use public USB ports to introduce malware and monitoring software onto the phones of unsuspecting users. Battery Bird‘s…

Read more →

Zyxel Networks enhanced network security and productivity for small and home office users and remote workers with the launch of SCR 50AXE AXE5400 Tri-band WiFi 6E Secure Cloud-managed Router. The new business-class router delivers security and high-performance WiFi 6E as…

Read more →

Imperva and Fortanix signed a partnership agreement, and have each joined the other’s strategic partner program. This partnership brings together two innovative and trusted cybersecurity companies focused on multicloud data protection. The joint offerings from Imperva and Fortanix will provide…

Read more →

lockr has raised $2.5M in pre-seed funding. Mozilla Ventures, Junction Venture Partners, and Grit Capital Partners participated, along with individuals from the digital publishing and data industries. Founded by Keith Petri, an experienced data management executive with two prior 8-figure…

Read more →

Mobb has raised $5.4M in seed funding led by Angel Investor Ariel Maislos and joined by MizMaa Ventures, Cyber Club London and additional investors from US, EU, and Israel. The company has also launched a free community version that allows…

Read more →

With the economy experiencing instability and decline, organizations rely on their technology experts to maintain their innovative edge and generate business value. Despite being instructed to reduce expenses by 65% of the technology team leaders, 72% still intend to boost…

Read more →

Fraudsters are underestimating the power of AI to detect fake IDs, according to a new report from Ondato. Based on an analysis of millions of ID verifications carried out for its customers in 2022, Ondato found that ID cards were…

Read more →

Across all BEC attacks seen over the past year, 57% relied on language as the main attack vector to get them in front of unsuspecting employees, according to Armorblox. In other trends to watch, vendor compromise and fraud are rising…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Making risk-based decisions in a rapidly changing cyber climate In this Help Net Security interview, Nicole reveals the three key indicators she uses to assess…

Read more →

Snowflake has launched the Manufacturing Data Cloud, which enables companies in automotive, technology, energy, and industrial sectors to unlock the value of their critical siloed industrial data by leveraging Snowflake’s data platform, Snowflake- and partner-delivered solutions, and industry-specific datasets. The…

Read more →

CYFIRMA has raised a Pre-Series B round funding from venture fund OurCrowd and Larsen & Toubro’s L&T Innovation Fund. With this, these firms join CYFIRMA’s existing investors Goldman Sachs, Zodius Capital, and Z3 Partners. With the closing of this round,…

Read more →

Khoros and Cerby new partnership allows brands to launch, manage, and analyze their social media profiles quickly and securely from the Khoros platform. Cerby brings security features such as single sign-on (SSO) directly into social accounts and ad accounts for…

Read more →

Tentacle announced a SOC 2 partnership with Oread Risk & Advisory to help organizations achieve SOC 2 reporting goals and establish long-term security infrastructure. With Tentacle’s release of the indexed SOC 2 security framework earlier this year, organizations have access…

Read more →

UltraViolet Cyber has unveiled its launch to provide organizations across the globe with a streamlined approach to address the ever-expanding cyber threat. Created through the combination of four pioneering firms — Metmox, Mosaic451, Stage 2 Security, and W@tchTower — UltraViolet Cyber…

Read more →

Daon is expanding its IdentityX to the healthcare industry to enable organizations to safeguard identities for providers, staff, and patients. As the healthcare industry continues to digitize sensitive healthcare online information, cyber attacks increase and new regulations are established, Daon’s…

Read more →

Cobalt Iron has updated its Compass enterprise SaaS backup platform with new data governance capabilities comprising policy-based controls and an approval framework for decommissioning systems and deleting data. The automation and policy-based discipline for system decommissioning and associated data deletion…

Read more →

Votiro has integrated with Sumo Logic to enable reliable and secure cloud-native applications. Users can now send high-fidelity data and insights discovered by Votiro Cloud into the Sumo Logic Cloud SIEM console. Enterprises are relying on collaboration platforms, cloud workloads…

Read more →

Riskified has unveiled its partnership with Deloitte to empower merchants with real-time insight into how their chargebacks, approval rates and fraud costs compare to similar companies in their space. This benchmarking service is helping retailers formulate a scorecard that can…

Read more →

Thales has joined forces with around twenty deep tech, academic and industry partners, as part of the EuroQCI initiative (European Quantum Communication Infrastructure), which aims to deploy a quantum communication infrastructure for EU member states within three years. By 2040,…

Read more →

WhatsApp will be rolling out three new security features in the coming months, to provide users with increased privacy and control over their messages and to help prevent unauthorized account access and takeover. The new features The first feature is…

Read more →

Cybercriminals have been leveraging social engineering techniques to impersonate the popular US-based digital payments network Zelle and steal money from unsuspecting victims, according to Avanan. The fake Zelle email (Source: Avanan) The phishing email The spoofed email is cleverly crafted…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from BigID, Binarly, Cynalytica, GitGuardian, Netskope, Searchlight Cyber, ThreatX, and Wazuh. Cynalytica OTNetGuard provides visibility into critical infrastructure networks Cynalytica has launced its Industrial Control System…

Read more →

How are data teams conquering the complexity of the modern data stack? Unravel Data has asked 350+ data scientists, engineers, analysts, and others who rely upon real-time data insights for decision-making to share their practices. “For the third year in…

Read more →

On average, organizations store 61% of their sensitive data in the cloud, and most have experienced at least one cybersecurity breach (90%), threat (89%) and/or theft of data (80%), with 75% experiencing all three, according to Skyhigh Security. Overall, the…

Read more →

The illicit market for crypto giveaway scams has expanded, offering various services to facilitate fraudulent activity. The proliferation of fake crypto giveaways can be attributed to the increased availability of tools for scammers, even those with limited technical skills. In…

Read more →

Cymulate has expanded its Attack Surface Management (ASM) solution to close gaps between traditional vulnerability management and ASM. Organizations will now have advanced capabilities to easily visualize risky exposures across hybrid environments. The company achieves this by extending its coverage…

Read more →

Cerbos has released Cerbos Cloud, a managed service offering for Cerbos. Cerbos is an open source authorization layer to easily implement roles and permissions in software applications. It separates authorization logic from the core application code, making the authorization layers…

Read more →

Code42 Software has offered a complete set of response controls to allow security teams to respond to all levels of risk, ranging from unacceptable high risk that must be blocked to the most prevalent user mistakes that require correction. Instructor…

Read more →

Entrust is supporting organizations’ zero trust journey with new foundational identity, encryption, and key management solutions. “Zero trust approaches are reshaping security in a perimeter-less world. While the conversation often starts with identity and network access, organizations are quickly finding…

Read more →

Qwiet AI has released a suite of targeted AppSec and DevSecOps services that help companies address their security function needs without sacrificing time and budget. “We often hear of the notion of doing more with less. However, in today’s environment…

Read more →

DirectDefense has partnered with Claroty which empowers organizations with visibility, protection, and threat detection to secure their Extended Internet of Things (XIoT), a vast network of cyber-physical systems across industrial, healthcare, and commercial environments. As digital transformation efforts have intensified…

Read more →

SentinelOne has unveiled integrations with key industry players Aruba, Checkpoint, Cisco, Darktrace, Extrahop, Fortinet, Palo Alto Networks and an enhanced collaboration with Vectra AI which expand the company’s firewall and NDR capabilities, and will allow organizations of all sizes to…

Read more →

Google has announced the Google Cloud Assured Open Source Software (Assured OSS) service, which aims to be a trusted source of secure open source packages, and the deps.dev API, which provides access to security metadata for 50+ million open source…

Read more →

To combat the surge of fake LinkedIn accounts in recent years, Microsoft has introduced Entra Verified ID, a new feature that allows users to verify their workplace on the business-focused social media platform. Verified ID automates verification of identity credentials…

Read more →

It used to be that people were the greatest cybersecurity vulnerability, but this is no longer true. The rise of the internet made people more connected than ever. Attackers capitalized on that fact and targeted employees directly to gain access…

Read more →

With over one billion websites worldwide, HTTP/HTTPS application-layer attacks have increased by 487% since 2019, with the most significant surge in the second half of 2022, according to NETSCOUT. The dynamic nature of the DDoS threat landscape Much of the…

Read more →

For the fifth consecutive month, IDC has lowered its 2023 forecast for worldwide IT spending as technology investments continue to show the impact of a weakening economy. 2023 forecast for worldwide IT spending In its monthly forecast for worldwide IT…

Read more →

Access control has become a main concern when it comes to developing secure web applications, and the NSA has a lot to say about it. Especially when it comes to the biggest access management pitfall developers make. In 2021 OWASP…

Read more →

Regula has redesigned Face SDK face liveness detection technology and offers a balance between a simple UX and high reliability by using the zero-trust concept. Every session has its own unique parameters that cannot be reused by fraudsters for tampering,…

Read more →

Binarly has released the Binarly Transparency Platform, delivering transparency for device supply chains enabling device manufacturers and endpoint protection products to analyze both firmware and hardware to identify vulnerabilities, misconfigurations, and malicious code implantation. The Binarly Transparency Platform is designed…

Read more →

Searchlight Cyber has launched Stealth Browser, a virtual machine for cyber professionals to access the dark web and conduct investigations anonymously, without risk to themselves or their organization. Stealth Browser is an enhancement to Searchlight’s Cerberus investigation platform, which is…

Read more →

Fleet has revealed a new programmable MDM, designed to give medium-to-large organizations control of remote workstation security with unsurpassed GitOps and workflow automation. Fleet’s availability as an open-source MDM not only makes it more accessible to organizations working to reduce…

Read more →

CloudCasa by Catalogic launched CloudCasa for Velero, a new offering that combines the simplicity of the service and its advanced cloud awareness with the benefits of Velero. CloudCasa for Velero gives enterprises and service providers the ability to scale their…

Read more →

The Edgio Applications Platform v7 new integrated performance and security features are designed to increase organizational revenues and accelerate developer team velocity through better website performance and multi-layer security. Through the integrated, unified platform, Edgio reduces the need for multiple…

Read more →

Wazuh launched Wazuh 4.4, the latest version of its open source security platform. The latest version adds multiple new features, including IPv6 support for the enrollment process and agent-manager connection, and support for Azure integration within Linux agents. Today’s leading…

Read more →