Tag: Help Net Security

Kaspersky researchers have unearthed an extensive and long-running malware delivery campaign that exploited users’ propensity for downloading code from GitHub and using it without first verifying whether it’s malicious. “Over the course of the GitVenom campaign, the threat actors behind…

Read more →

Pentera has unveiled Cyber Pulse, a new mechanism to update the Pentera platform with the latest vulnerabilities and attack techniques from the Pentera research team. Cyber Pulse delivers a continuous stream of new cyber exposure validation capabilities, enabling organizations to…

Read more →

Seal Security launched Seal OS, a solution designed to automatically fix vulnerabilities in both Linux operating systems and application code. Seal OS delivers long-term support for a wide range of Linux distributions, encompassing Red Hat Enterprise Linux, CentOS, Oracle Linux,…

Read more →

Red Hat announced Red Hat OpenShift 4.18, the latest version of the hybrid cloud application platform powered by Kubernetes. Red Hat OpenShift 4.18 introduces new features and capabilities designed to streamline operations and security across IT environments and deliver greater…

Read more →

DalFox is an open-source tool for automating the detection of XSS vulnerabilities. With powerful testing capabilities and a wide range of features, it makes scanning, analyzing parameters, and verifying vulnerabilities faster and easier. “The uniqueness of Dalfox lies in its…

Read more →

For many CISOs, compliance can feel like a necessary evil and a false sense of security. While frameworks like ISO 27001, SOC 2, and PCI DSS offer structured guidelines, they don’t automatically equate to strong cybersecurity. The challenge? Many organizations…

Read more →

In this Help Net Security video, Nataraj Nagaratnam, an IBM Fellow and CTO for Cloud Security, discusses enterprises’ steps to lay a secure foundation for agentic AI deployments. Recent research from IBM and Morning Consult shows that 99% of developers…

Read more →

DISA Global Solutions, a Texas-based company that provides employment screening services (including drug and alcohol testing and background checks) for over 55,000 organizations, has suffered a cyber incident that led to a data breach, which resulted in the potential compromise…

Read more →

Have you ever heard anyone earnestly ask in a business, “Who owns legal?” or “Who sets the financial strategy?” Probably not – it should be obvious, right? Yet, when it comes to cybersecurity, the question of ownership still seems to…

Read more →

Silver Fox, a China-based threat actor that may or may not be backed by the Chinese government, has been delivering the ValleyRAT backdoor to unsuspecting users by disguising the malware as legitimate healthcare app (the Philips DICOM viewer), a Windows…

Read more →

Halcyon announced Halcyon Ransomware Detection and Recovery (RDR), a no-cost integrated service that is now included with every deployment of the Halcyon Anti-Ransomware Platform. Most 24/7 threat monitoring and response services are not included with software platform purchases and are…

Read more →

Netskope announced enhancements to its Netskope One Enterprise Browser. By delivering Enterprise Browser fully integrated with the Netskope One platform’s Security Service Edge (SSE) capabilities, Netskope enables organizations to increase productivity and streamline the security of how unmanaged devices and…

Read more →

Hyperscalers have perpetuated the narrative that open-source solutions cannot compete at scale. This perception has influenced funding priorities, shaped policy discussions, and reinforced organizational reliance on Big Tech. With the launch of Hub 10, Nextcloud demonstrates that open source is…

Read more →

By providing full context around both the application and the development environment, Legit’s ASPM platform empowers CISOs and their team to find, fix, and prevent the application vulnerabilities driving the greatest business risk. The release of Legit context follows on…

Read more →

OwnID announced an addition to its platform: AI-native identity support for AI Agents. With browser-using AI Agents – such as ChatGPT Operator and other autonomous digital assistants becoming an integral part of customer interactions, businesses require a secure, scalable way…

Read more →

In this Help Net Security interview, Marina Segal, CEO at Tamnoon, discusses the most significant obstacles when implementing managed cloud security in hybrid and multi-cloud environments. She shares insights on long onboarding times, legacy security gaps, vendor lock-in, and overlooked…

Read more →

Application Security Engineer Binance | UAE | Remote – View job details As a Application Security Engineer, you will enhance and maintain the security postures of Binance’s affiliates specializing in DeFi and Web3. Serve as the first responder for security…

Read more →

CISOs are constantly navigating the challenge of protecting their organizations while ensuring business agility and innovation. For example, as companies move workloads to the cloud to support remote teams, security teams must secure data without slowing down productivity. Finding the…

Read more →

BigID announced BigID Next, a cloud-native, AI-powered Data Security Platform (DSP) designed to help enterprises discover, manage, and protect their data at scale. With a modular, AI-assisted architecture, BigID Next empowers organizations to take control of their most valuable asset—data—while…

Read more →

A proof-of-concept (PoC) exploit for four critical Ivanti Endpoint Manager vulnerabilities has been released by Horizon3.ai researchers. The vulnerabilities – CVE-2024-10811, CVE-2024-13161, CVE-2024-13160 and CVE-2024-13159 – may be exploited by remote, unauthenticated attackers to leverage Ivanti EPM machine account credentials…

Read more →