Tag: Help Net Security

In this Help Net Security interview, Allison Ritter, Head of Cyber Experiential Exercising at Cyberbit, shares her insights on the key differences between in-person and virtual cyber crisis simulations and what makes each approach effective. Ritter highlights the need for…

Read more →

Containers are the fastest growing – and weakest cybersecurity link – in software supply chains, according to NetRise. Companies are struggling to get container security right. Issues from misconfigured clouds, containers, and networks to uncertainty over who owns container security…

Read more →

The Department of the Treasury is sanctioning Chinese cybersecurity company Sichuan Silence, and one of its employees, Guan Tianfeng, for their roles in the April 2020 compromise of tens of thousands of firewalls worldwide. Many of the victims were U.S.…

Read more →

On December 2024 Patch Tuesday, Microsoft resolved 71 vulnerabilities in a variety of its products, including a zero-day (CVE-2024-49138) that’s been exploited by attackers in the wild to execute code with higher privileges. CVE-2024-49138 exploited by attackers CVE-2024-49138 stems from…

Read more →

Stamus Networks announced Clear NDR, an open and transparent NDR system that empowers cyber defenders to uncover and stop serious threats and unauthorized activity before they cause harm to the organization. It can be deployed as a standalone NDR solution…

Read more →

Horizon3.ai launched NodeZero Insights, a platform designed for security leaders, CIOs, CISOs and practitioners. This new solution delivers real-time dashboards to measure, track and strengthen an organization’s security posture over time. NodeZero Insights provides the clarity and proof that security…

Read more →

Versa announced Versa Endpoint DLP, an integrated endpoint data loss prevention (DLP) capability delivered by the Versa SASE Client as part of the VersaONE Universal SASE Platform. The endpoint DLP feature provides the widest range of data exfiltration prevention capabilities…

Read more →

Attackers are exploiting a vulnerability (CVE-2024-50623) in file transfer software by Cleo – LexiCo, VLTransfer, and Harmony – to gain access to organizations’ systems, Huntress researchers warned on Monday. “We’ve discovered at least 10 businesses whose Cleo servers were compromised…

Read more →

GNU Shepherd is a service manager designed to oversee the system’s daemons. It functions both as an “init” system (PID 1) and as a tool for unprivileged users to manage per-user daemons. GNU Shepherd GNU Shepherd supports various daemon startup…

Read more →

SecureAuth is releasing biometric continuous identity assurance (BCIA). This ability is designed to safeguard a company’s sensitive information for the duration of a user’s session — providing additional protection from emerging threats in today’s hybrid and remote work environments. “Not…

Read more →

Low-code/no-code (LCNC) platforms enable application development by citizen developers, often generating “shadow engineering” projects that evade security oversight. While LCNC solutions like Power BI reports and automated workflows foster agility and innovation, they also introduce significant risks, including data leakage.…

Read more →

In this Help Net Security interview, Phani Dasari, CISO at HGS, discusses key aspects of cybersecurity assessments, including effective tools and methodologies, the role of AI and automation, and strategies for aligning assessments with organizational needs. The post Strengthening security…

Read more →

Cloud Security Engineer Sendbird | USA | Hybrid – View job details As a Cloud Security Engineer, you will work with engineering teams to build secure infrastructure at scale, secure multi-account and multi-cloud infrastructure for Sendbird, own CSPM and cloud…

Read more →

Neosync is an open-source, developer-centric solution designed to anonymize PII, generate synthetic data, and synchronize environments for improved testing and debugging. What you can do with Neosync Safely test code with production data: Anonymize sensitive production data to safely use…

Read more →

A security issue that could have allowed attackers to serve malicious firmware images to users has been fixed by OpenWrt Project, the organization that helms the development of the popular Linux distribution for embedded devices. About OpenWrt OpenWrt is a…

Read more →

Microsoft, in collaboration with the Institute of Science and Technology Australia and ETH Zurich, has announced the LLMail-Inject Challenge, a competition to test and improve defenses against prompt injection attacks. The setup and the challenge LLMail is a simulated email…

Read more →

Skyhigh Security announced the expansion of its purpose-built data protection capabilities to secure Microsoft Copilot, the fastest-growing AI solution in the enterprise. This latest milestone underscores Skyhigh Security’s commitment to enabling safe AI adoption, building on a series of strategic…

Read more →

Hornetsecurity unveiled an upgraded version of its 365 Total Backup solution, introducing self-service recovery for end users while also offering full backup and recovery support for Microsoft OneNote. This new functionality is also available with 365 Total Protection Plans 3…

Read more →

RSA announced expanded phishing-resistant, passwordless capabilities. Built to secure financial services organizations, government agencies, healthcare, and other highly-regulated industries from the most frequent and highest-impact attacks, these new RSA capabilities meet the most stringent cybersecurity regulations and are a key…

Read more →

Extreme Networks unveiled Extreme Platform ONE, a technology platform that reduces the complexity for enterprises by seamlessly integrating networking, security and AI solutions. The platform’s AI-powered automation includes conversational, interactive and autonomous AI agents—to assist, advise and accelerate the productivity…

Read more →