Category: Help Net Security

Hammerspace acquires Rozo Systems to expand the performance and hyperscale capacity capabilities of its unstructured Data Orchestration System. Data-driven organizations have rapidly become more decentralized, with files being created, analyzed, and moved across locations constantly. The speed of capturing the…

Read more →

OneTrust announces new innovations across the Trust Intelligence Platform to help organizations responsibly use data and drive trust intelligence at scale. As companies tackle the challenges of data sprawl, OneTrust’s enhancements provide companies with the discovery, automation, and intelligence to…

Read more →

AI Spera announced a data-sharing partnership agreement between its flagship search engine, Criminal IP, and DNS0.EU. This strategic collaboration makes perfect sense, as both entities share a common objective of providing the utmost protection against internet threats by blocking malicious…

Read more →

Manufacturing businesses, healthcare organizations, and tech companies in English-speaking countries are the most targeted by phishers leveraging a relatively new phishing-as-a-service (PaaS) tool called Greatness, created to phish Microsoft 365 users. According to Cisco researcher, this tool has been utilized…

Read more →

The need to protect sensitive information from unauthorized access and theft has never been greater, and cybersecurity and IAM technologies are evolving to meet this challenge while providing users with more convenience. There are three key trends to watch in…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Aqua Security, Feedzai, Nebulon, OpenVPN, Trua, and Zscaler. Aqua Security strengthens software supply chain security with pipeline integrity scanning Powered by eBPF technology, Aqua’s pipeline…

Read more →

Most CISOs have returned to the elevated concerns they experienced early in the pandemic, according to Proofpoint. Elevated concerns among CISOs Globally, 68% of surveyed CISOs feel at risk of a material cyber attack, compared to 48% the year before,…

Read more →

Digital fraud has significant financial and psychological repercussions on victims, according to Telesign. Businesses may find a new reason to fear digital fraud as the negative impacts of digital fraud on companies’ brand perception and the bottom line. Trust in…

Read more →

Bitdefender has unveiled App Anomaly Detection, the real-time, behavior-based protection layer available now in Bitdefender Mobile Security for Android, that continuously detects anomalous and malicious behavior in Android applications as it emerges. The number of malicious and compromised Android applications…

Read more →

Check Point has expanded its Check Point Harmony Endpoint protections solution by incorporating vulnerability and automated patch management capabilities. This enhancement addresses the mounting number of cyberattacks that exploit unpatched system vulnerabilities for unauthorized access. To deliver this advanced feature,…

Read more →

Point Predictive launched its newest solution, BorrowerCheck 3.0. Available via API or web browser, BorrowerCheck 3.0 addresses the problem of fraud and identity theft in a more comprehensive way than existing identity solutions to help stop the billions in fraud…

Read more →

Qrypt has formed a partnership with Carahsoft. Under the agreement, Carahsoft will serve as Qrypt’s Master Government Aggregator, making the company’s quantum-secure encryption technology available to the Federal Government through Carahsoft’s reseller partners’, Information Technology Enterprise Solutions – Software 2…

Read more →

In today’s world of fake news and AI-generated content, it is increasingly difficult to know if documents and files are trustworthy. But now anyone can easily verify the provenance of any file by simply dragging and dropping that file onto…

Read more →

Financial fraud has increased substantially as the trend towards mobile banking and digitization accelerates. In 2022 alone, the Federal Trade Commission received over 1.1 million reports of identity theft and over 440,000 reports of credit card fraud. To help banks…

Read more →

SAP and Google Cloud announced an extensive expansion of their partnership, introducing a comprehensive open data offering designed to simplify data landscapes and unleash the power of business data. The offering enables customers to build an end-to-end data cloud that…

Read more →

Cynalytica has launched the OTNetGuard 4G/5G sensor that offers a capability for cellular backhaul for communications monitoring of ICS/SCADA and OT environments, providing a secure out-of-band monitoring capability for critical infrastructure operators. As the threat landscape for industrial control systems…

Read more →

NETGEAR launched its latest innovation: the Nighthawk M6 Pro 5G WiFi 6E Hotspot Router (MR6550). With its 5G mmWave and WiFi 6E capabilities, this device delivers ultra-fast internet speeds and enhanced connectivity, powerful enough for remote business sites and portable…

Read more →

Arlo Technologies announced a partnership with Ping Identity, the intelligent identity solution for the enterprise. The new benefit will provide Ping Identity’s approximately 800 US employees with an Arlo Safe subscription to deliver comprehensive on-the-go personal, family and car safety.…

Read more →

Absolute Software has agreed to be acquired by venture capital firm Crosspoint Capital Partners in a deal with an enterprise value of $870 million. Under the terms of the Arrangement Agreement, Absolute shareholders will receive $11.50 per Common Share in…

Read more →

Comcast Business, Fortinet, and Exclusive Networks teamed up to deliver a new distribution sales route and managed SD-WAN services for value-added resellers (VARs) and managed service providers (MSPs). The collaboration expands the Masergy Guardian Portfolio, adding additional sales routes and…

Read more →

Google has announced new tools, features and updates to improve users’ online safety, help them evaluate content found online, and alert them if their Gmail identity appears on the dark web. New tools and options for users A new tool…

Read more →

A ransomware group has tried and failed to extort money from Dragos, the industrial cybersecurity firm has confirmed on Wednesday, and reassured that none of its systems or its Dragos Platform had been breached. What happened? “The criminal group gained…

Read more →

Monitoring assets in ever-changing settings operating in both development and production stages presents challenges. In this Help Net Security video, Daniel Deeney, CEO at Paladin Cloud, discusses how companies face difficulties identifying security threats within cloud environments. As businesses transition…

Read more →

Adversaries were able to encrypt data in 76% of the ransomware attacks that were conducted against surveyed organizations, according to Sophos. The survey also shows that when organizations paid a ransom to get their data decrypted, they ended up additionally…

Read more →

30% of automotive employees don’t check security protocols before trying a new tool, according to Salesforce. This could put their company and customer data at risk. Alarming rise in automotive API attacks Cybersecurity is a growing concern in the automotive…

Read more →

Feedzai announced significant enhancements to its RiskOps Platform, enabling banks to better protect their customers from a wide variety of financial scams. These new Feedzai ScamPrevent capabilities deliver detection, classification, and interception of the widest variety of payment scams and…

Read more →

Aqua Security added pipeline integrity scanning to prevent software supply chain attacks and assure CI/CD pipeline integrity. Powered by eBPF technology, Aqua’s pipeline integrity scanner detects and blocks suspicious behaviour and malware in real time, preventing code tampering and countering…

Read more →

Red Hat has unveiled the general availability of Red Hat Enterprise Linux 9.2 and the forthcoming availability of Red Hat Enterprise Linux 8.8. These new releases further Red Hat’s efforts to simplify and streamline complex Linux platform tasks across the…

Read more →

iProov and Wultra partnership enables Wultra to provide iProov’s biometric solutions suite as part of its portfolio of digital banking solutions. Consumers are increasingly calling on their financial services providers to offer online access to high-risk services including new account…

Read more →

Trua launched a new product called TruaID, which will give consumers a greater sense of security with their private information while providing businesses a more efficient means of screening customers and prospective employees. Simultaneously, Trua announced that it has branched…

Read more →

Dell Technologies advances software-driven innovation across its storage portfolio, driving increased cyber resiliency, energy efficiency and automation to power customers’ multicloud journeys. Dell’s commitment to software development has resulted in more than 2,000 storage portfolio advancements in the past twelve…

Read more →

IBM announced its new IBM Quantum Safe technology: a comprehensive set of tools and capabilities, combined with IBM’s deep security expertise, designed as an end-to-end solution to be made available as organizations, including governmental agencies, prepare their quantum-safe journey towards…

Read more →

Kasada partners with Signifyd to help eCommerce providers deliver on their core business priorities to reduce fraud while improving the user experience. Together Kasada and Signifyd provide an impenetrable barrier against fraud. Kasada’s anti-bot platform stops automated online fraud before…

Read more →

Prove Identity announced a new partnership with Visa to empower brands to increase secure loyalty account enrollment by eliminating manual account registration and pre-filling application forms with verified information. Visa clients will now have access to Prove’s Prove Pre-Fill identity…

Read more →

Among the vulnerabilities fixed by Microsoft on May 2023 Patch Tuesday is CVE-2023-29324, a bug in the Windows MSHTML platform that Microsoft rates as “important.” Akamai’s research team and Ben Barnea, the researcher who’s credited with finding the flaw, disagree…

Read more →

Nutanix has unveiled Nutanix Central, a cloud-delivered solution that provides a single console for visibility, monitoring, and management across public cloud, on-premises, hosted or edge infrastructure. This will extend the universal cloud operating model of the Nutanix Cloud Platform to…

Read more →

Revelstoke announced partnership with Check Point to enhance edge network security, endpoint and XDR with low-code, high-speed automation, and to empower SOC teams to work more accurately and efficiently. Cybersecurity professionals seek to overcome challenges due to talent shortages, increasing…

Read more →

Codenotary and Snyk alliance agreement provides enhanced security and trust for the modern development organization seeking to assure that only known and trusted artifacts are used in software builds. Vulnerability scanners are widely used by organizations of all sizes and…

Read more →

LogRhythm and Mimecast’s integration will help organizations around the globe protect against modern cyberattacks. Organizations need the ability to correlate data from their disparate security products and services to distinguish the real threats from false alarms. LogRhythm SIEM integrates Mimecast’s…

Read more →

The US Justice Department announced the completion of court-authorized operation MEDUSA, to disrupt a global peer-to-peer network of computers compromised by sophisticated malware, called “Snake” (aka “Uroburos”), that the US Government attributes to a unit within Center 16 of the…

Read more →

Nutanix announced new capabilities in the Nutanix Cloud Platform to enable customers to integrate data management of containerized and virtualized applications on-premises, on public cloud, and at the edge. This includes comprehensive data services for Kubernetes applications as well as…

Read more →

GitHub is making push protection – a security feature designed to automatically prevent the leaking of secrets to repositories – free for owners of all public repositories. Previously, the feature was available only for private repositories with a GitHub Advanced…

Read more →

SquareX, led by serial cybersecurity entrepreneur Vivek Ramachandran, is developing a browser-based cybersecurity product to keep consumers safe online. The company announced that it has raised $6 million in a seed round led by Sequoia Capital Southeast Asia. It will…

Read more →

SquareX, led by serial cybersecurity entrepreneur Vivek Ramachandran, is developing a browser-based cybersecurity product to keep consumers safe online. The company announced that it has raised USD 6 million in a seed round led by Sequoia Capital Southeast Asia. It…

Read more →

Kubernetes Security Operations Center (KSOC) released the first-ever Kubernetes Bill of Materials (KBOM) standard. Available in an open-source CLI tool, this KBOM enables cloud security teams to understand the scope of third-party tooling in their environment to respond quicker to…

Read more →

The technology sector had the highest number of malware-infected employees, most exposed corporate credentials and the majority of all stolen cookies, according to SpyCloud. Drawing on SpyCloud’s database of 400+ billion recaptured assets from the criminal underground, researchers analyzed 2.27…

Read more →

A large language model (LLM) is an artificial intelligence (AI) algorithm that employs deep learning methodologies, and extensive data sets to comprehend, condense, create, and predict new content. An example of an LLM is ChatGPT, a model developed by OpenAI…

Read more →

Malicious actors are increasingly exploiting legitimate tools to accomplish their goals, which include disabling security measures, lateral movement, and transferring files. Using commonly available tools allows attackers to evade detection. While custom-built tools or malware can be flagged as malicious…

Read more →

Asked about the Board and C-Suite‘s understanding of cybersecurity across the organisation, only 39% of respondents think their company’s leadership has a sound understanding of cybersecurity’s role as a business enabler, according to Delinea. The high cost of ignoring security…

Read more →

For May 2023 Patch Tuesday, Microsoft has delivered fixes for 38 CVE-numbered vulnerabilities, including a patch for a Windows bug (CVE-2023-29336) and a Secure Boot bypass flaw (CVE-2023-24932) exploited by attackers in the wild. The two exploited bugs (CVE-2023-29336, CVE-2023-24932)…

Read more →

Nebulon announced TripLine, a new threat detection service designed to alert customers when a cryptographic ransomware attack has been detected, as well as the precise location and point-in-time the attack occurred. The company also announced smartDefense, a cybersecurity solution that…

Read more →

SAIC introduced its new encrypted query analytics and data retrieval (EQADR) platform. “Agencies rely on data to help support their missions in a secure environment,” said Andy Henson, VP, Innovation at SAIC. “We are providing our customers with data encryption…

Read more →

Zscaler has expanded Zscaler Digital Experience (ZDX), an integrated solution that provides end-to-end visibility and IT troubleshooting capabilities accessed through the Zscaler security cloud. The modern workforce is geographically dispersed, resulting in difficulties for IT and helpdesk teams that need…

Read more →

CertifID released an identity verification solution to help title agencies and real estate firms combat seller impersonation fraud. The solution augments CertifID’s existing capabilities that evaluate more than 150 markers of fraud, including the verification of wiring instructions and bank…

Read more →

OneLayer released OneLayer Bridge, a security solution for private mobile networks. The use of private cellular networks allows organizations to improve IoT and OT device connectivity. As the adoption of these networks increases, organizations must consider the essential aspect of…

Read more →

Kyndryl introduced a managed Secure Access Service Edge (SASE) solution powered by Fortinet, which aims to help customers enable advanced network security initiatives. The solution combines Fortinet’s cloud-delivered security and secure networking solutions with Kyndryl’s network and security services to…

Read more →

ThreatBlockr and GreyNoise announced a partnership that will enhance the ThreatBlockr platform. By leveraging GreyNoise data, ThreatBlockr customers now have automatic access to this enhanced cyber intelligence and the largest cyber intelligence data set that protects against false positives. “False…

Read more →

DigiCert announced a partnership to provide DigiCert ONE, the platform for digital trust, on Oracle Cloud Infrastructure (OCI). Customers will benefit from DigiCert ONE’s fast time to value combined with OCI’s high-performance and security-first architecture for single and multi-cloud deployments.…

Read more →

Waterfall Security Solutions and Atlantic Data Security announced a partnership to protect data centers, building automation systems and critical infrastructure facilities. With attacks on OT networks becoming more powerful and pervasive, this new partnership provides owners and operators with solutions…

Read more →

SafePaaS announces its Unified Privileged Access Management (UPAM) solution to protect the digital enterprise without the complexity of traditional PAM solutions that fail to meet the evolving needs of today’s dynamic, complex organizations. SafePaaS’ UPAM offering enables in-depth cyber mechanisms…

Read more →

Webb Protocol raised $7 million in a seed funding round co-led by Polychain and Lemniscap, with participation from Zeeprime, CMS Holdings among others. The funding will go towards growing Webb’s staff base, accelerating the development of innovative privacy tools and…

Read more →

Microsoft has enabled number matching for Microsoft Authenticator push notifications to improve user sign-in security. Authenticator MFA number matching in action (Source: Microsoft) “If the user has a different default authentication method, there’s no change to their default sign-in. If…

Read more →

OpenVPN has introduced Device Identity Verification & Enforcement (DIVE) to their cloud-based solution, CloudConnexa (previously known as OpenVPN Cloud). This powerful new feature will take your ZTNA structure to the next level. With the rapid growth of remote and hybrid…

Read more →

With increased data breaches, errors, ransomware and hacks, digital trust can be the difference between retaining reputations and customer loyalty after a major incident and suffering serious, time-consuming, and expensive losses, according to ISACA. From digital trust to business success…

Read more →

DEF CON’s AI Village will host the first public assessment of large language models (LLMs) at the 31st edition of the hacker convention this August, aimed at finding bugs in and uncovering the potential for misuse of AI models. The…

Read more →

API sprawl is a prevalent issue in modern enterprises, as APIs are being developed and deployed at an unprecedented rate. As highlighted by Postman’s 2022 State of the API Report, “89% of respondents said organizations’ investment of time and resources…

Read more →

In this Help Net Security video, Devon Kerr, Team Lead, Elastic Security Labs, talks about the 2023 Global Threat Report Spring edition. Key takeaways In this report, the Elastic Security team highlights how they’ve noticed a slight increase in Linux…

Read more →

Organizations need to be able to match the ingenuity and resources of cybercriminals to better defend themselves against the increasing number of threats and attacks that could paralyze their business. Unfortunately, some laws restrict genuine security research. As we await…

Read more →

Cloudflare has partnered with Kyndryl to help enterprises modernize and scale their corporate networks with managed WAN-as-a-Service and Cloudflare zero trust. The partnership couples Kyndryl’s expert managed end-to-end networking services with Cloudflare’s robust technology platform to enable enterprises to streamline…

Read more →

Privoro announced a new partnership with Samsung to provide a security capability for mobile devices. The new capability provides a critical shield against the invisible threat posed by modern cyberweapons via high-assurance control over the radios, sensors and other peripherals…

Read more →

Waratek introduced API security to its Java Security Platform, giving customers the ability to scale strategic risk mitigation in the enterprise. This unique combination provides turnkey protection against bytecode and serialization vulnerabilities, classpath manipulation, and sandbox escapes that are unique…

Read more →

The cybercriminals who breached Taiwanese multinational MSI last month have apparently leaked the company’s private code signing keys on their dark web site. The breach MSI (Micro-Star International) is a corporation that develops and sells computers (laptops, desktops, all-in-one PCs,…

Read more →

The Western Digital online store is offline as a result of the “network security incident” it suffered in March 2023. Users have been notified On May 5, 2023, the company emailed its customers to say that an unauthorized party obtained…

Read more →

AI technology is fueling a rise in online voice scams, with just three seconds of audio required to clone a person’s voice, according to McAfee. McAfee surveyed 7,054 people from seven countries and found that a quarter of adults had…

Read more →

The rise of AI-generated identity fraud like deepfakes is alarming, with 37% of organizations experiencing voice fraud and 29% falling victim to deepfake videos, according to a survey by Regula. In this Help Net Security video, Henry Patishman, Executive VP…

Read more →

A key term when discussing encryption these days is end-to-end (E2E) encryption. The idea with E2E encryption is that data is kept confidential between the encryptor and the intended receiver. This might seem an obvious requirement, but not all so-called…

Read more →

Paul Cha is a cyber and product security leader, serving as the VP of Cybersecurity at LG Electronics Vehicle component Solutions. Paul held critical positions at Synopsis, Ford Motor Company, and Samsung before joining LG. He found his way to…

Read more →

Businesses worldwide are eagerly embracing the potential for AI to provide personalized customer experiences, but customers remain cynical, according to Twilio. This year’s report underscores the value of an AI-driven personalization strategy for brands looking to both retain existing customers…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Former Uber CSO avoids prison for concealing data breach Joe Sullivan, the former Uber CSO who has been convicted last year for attempting to cover…

Read more →

CACI announced a strategic partnership to provide the DarkPursuit capability within the Torchlight Catalyst platform. This partnership will provide Torchlight customers, mainly Special Operations Forces (SOF), with safe and secure access to browse the open, deep, and dark web. “We…

Read more →

Mirantis announced the latest update of open source k0s, which adds compatibility with the latest release of Kubernetes 1.27, as well as improvements and bug fixes to k0s. The latest update of Mirantis k0s makes improvements that simplify installation and…

Read more →

AutoCrypt KEY enables OEMs and suppliers to manage all types of cryptographic keys used for the components of connected and electric vehicles. Modern vehicles function through communications, including internal communications between ECUs and application processors, and external connections with nearby…

Read more →

Joe Sullivan, the former Uber CSO who has been convicted last year for attempting to cover up a data breach Uber suffered in 2016 and kept it hidden from the Federal Trade Commission (FTC), has been sentenced to three years…

Read more →

Edgecore Networks has partnered with Wedge Networks to offer a next-generation network security solution to its customers. Wedge Networks’ Wedge Cloud Network Defense (WedgeCND), a cloud-managed security service designed to provide comprehensive security protection, is now available as an add-on…

Read more →

Cisco has revealed the existence of a critical vulnerability (CVE-2023-20126) in the web-based management interface of Cisco SPA112 2-Port Phone Adapters. The adapters are widely used to integrate analog phones into VoIP networks without the need for an upgrade. About…

Read more →

OneTrust announces AI-driven document classification to help organizations more accurately and completely identify and classify unstructured data and automatically apply governance and protection policies. “An organization’s data is what fuels innovation and gives them a competitive edge,” said Blake Brannon,…

Read more →

Edgecore Networks has partnered with Wedge Networks to offer a next-generation network security solution to its customers. Wedge Networks’ Wedge Cloud Network Defense (WedgeCND), a cloud-managed security service designed to provide comprehensive security protection, is now available as an add-on…

Read more →

The April Patch Tuesday releases were unusual because we saw a whopping 62 vulnerabilities addressed in the Microsoft Server 2012 KBs. Granted there was a lot of overlap with the CVEs addressed in Windows 10 and 11, but compared to…

Read more →

Satori released Universal Data Permissions Scanner, a free, open-source tool that enables companies to understand which employees have access to what data, reducing the risks associated with overprivileged or unauthorized users and streamlining compliance reporting. Who has access to what…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Dashlane, Immersive Labs, Intruder, Private AI, Vanta, and Veza. Immersive Labs Resilience Score strengthens executive decision making in cyber crises Immersive Labs Resilience Score helps…

Read more →

In the first quarter of 2023 there was a significant increase in cyberattacks exploiting trust in established tech brands Microsoft and Adobe, according to Avast. The Avast report also found a 40% rise in the share of phishing and smishing…

Read more →

Cyber-risk levels have improved from “elevated” to “moderate” for the first time, but insiders represent a persistent threat for global organizations, according to Trend Micro. Jon Clay, VP of threat intelligence at Trend Micro: “For the first time since we’ve…

Read more →

AppOmni announced free Salesforce Community Cloud Scanner to help organizations secure their Salesforce Community websites from data exposure risks and misconfigurations. Salesforce data leaks recently identified by Krebs on Security have resulted in exposure of numerous Salesforce Community Cloud customers’…

Read more →

The City of Dallas, Texas, has suffered a ransomware attack that resulted in disruption of several of its services. What do we know so far? “Wednesday morning, the City’s security monitoring tools notified our Security Operations Center (SOC) that a…

Read more →

Airgap Networks announced that it is bringing the power of AI to its Zero Trust Firewall with ThreatGPT. Built on an advanced AI/ML model designed to protect enterprises from evolving cyber threats, ThreatGPT delivers a new level of insight and…

Read more →

HUB Security entered into an agreement for up to $16 million in gross proceeds from Lind Global Asset Management VI LLC, an investment entity managed by The Lind Partners, a New York based institutional fund manager (together, “Lind”). This investment…

Read more →

Criminal IP, an OSINT-based search engine provided by AI Spera, launched a new WordPress plugin called Anti-Brute Force, Login Fraud Detector, also known as Criminal IP FDS (Fraud Detection System). This latest development promises to revolutionize the digital security landscape…

Read more →

Arthur introduced a powerful addition to its suite of AI monitoring tools: Arthur Shield, a firewall for large language models (LLMs). This patented new technology enables companies to deploy LLM applications like ChatGPT more safely within an organization, helping to…

Read more →

Intruder has launched its continuous attack surface monitoring capabilities. The company’s new premium plan offering takes vulnerability management to the next level with continuous coverage, increasing visibility and transparency of external attack surfaces. On average, 65 new vulnerabilities are discovered…

Read more →

Protecto announced it has been able to boost the performance of its privacy models on NVIDIA GPUs, allowing the discovery of privacy issues up to 10x faster than before. With the help of powerful NVIDIA GPU technology, Protecto has delivered…

Read more →