Tag: Help Net Security

Elastic, the company behind Elasticsearch and the Elastic Stack, announced it will showcase its integrated threat prevention, collection, detection, and response solution at the RSA Conference 2020. Elastic released its integrated security offering, Elastic Security 7.6.0, which builds on the…

Read more →

Checkmarx, the global leader in software security solutions for DevOps, announced at the RSA Conference 2020 new enhancements to its market-leading Software Security Platform to empower more seamless implementation and automation of application security testing (AST) in modern development and…

Read more →

Infoblox, the leader in Secure Cloud-Managed Network Services, announced Enterprise best practices on DNS over TLS (also known as DoT) and DNS over HTTPS (DoH). These DoT/DoH guidelines are based on Infoblox’s longtime commitment to providing customers with DDI services…

Read more →

Less than a month after the patching of a critical RCE flaw in OpenSMTPD, OpenBSD’s mail server, comes another call to upgrade to the latest version, as two additional security holes have been plugged. Discovered by Qualys researchers, one is…

Read more →

Researchers from Ben-Gurion University of the Negev’s (BGU) Cyber Security Research Center have found that they can trick the autopilot on an autonomous car to erroneously apply its brakes in response to “phantom” images projected on a road or billboard.…

Read more →

Mobile device use continues to grow, while an increasingly mobile and remote workforce depends heavily on laptops. To secure those devices, organizations need to implement client-side security controls. One of the more pressing risks linked to the use of mobile…

Read more →

The EU Agency for Cybersecurity (ENISA) published a cybersecurity procurement guide for hospitals. The hospital is a vast ecosystem comprised of an entire network of devices, equipment and systems that often require connection to external systems, making monitoring and control…

Read more →

Cybersecurity teams continue to struggle with hiring and retention, and very little improvement has been achieved in these areas since last year, according to ISACA. Understaffed and lacking diversity ISACA’s 2020 State of Cybersecurity survey report, unveiled at RSA Conference…

Read more →

Cloud-based collaboration technologies and workforce turnover have become major drivers of data exfiltration as insider threat programs fail to keep pace with today’s digital workplace, a Code42 survey reveals. Nearly 5,000 knowledge workers at companies with more than 1,000 employees…

Read more →

Less than half of organizations have a privileged access management strategy in place for digital transformation technologies, like RPA, according to a CyberArk report. The report provides practical recommendations from information security executives based on their first-hand experiences. They share…

Read more →

Eliminate guesswork and get in-depth insights and practical recommendations for navigating the ever-changing cybercrime landscape. This data-laden, incident-rich report delivers insider information on the players, their motivations, tactics and targets so you can make informed security strategy decisions. Key insights…

Read more →

Cisco, the leader in enterprise security, unveiled at RSA Conference 2020 a radical simplification of the way customers experience Cisco Security’s portfolio and addresses complexity — one of the top pain points for CISOs. Building on a decade of significant…

Read more →

CrowdStrike, a leader in cloud-delivered endpoint protection, announced CrowdStrike Endpoint Recovery Services at RSA Conference 2020. The new offering combines the power of the CrowdStrike Falcon platform, threat intelligence, and real-time response to accelerate business recovery from cyber intrusions. For…

Read more →

Sumo Logic, the leader in continuous intelligence, announced the availability of its new Cloud SIEM Enterprise offering, which includes a rich set of capabilities to ease the burden on security operations center (SOC) personnel. The new capabilities help identify and…

Read more →

FireEye, the intelligence-led security company, announced new cloud security innovations at RSA Conference 2020, including expanded capabilities within the FireEye Helix platform, as well as FireEye Messaging Security – a new offering that protects collaboration tools such as Microsoft Teams…

Read more →

F5 introduced at RSA Conference 2020 its customer-focused approach to Application Protection, bolstered by new offerings and the company’s recent acquisition of Shape Security. Informed by customer use cases, prominent industry attack practices, and threat intelligence from F5 Labs, F5’s…

Read more →

McAfee, the device-to-cloud cybersecurity company, announced substantial headway with its partner program. Eight new partnerships and seven new certified integrations to McAfee Security Innovation Alliance (SIA) and McAfee CASB Connect Program give organizations a competitive advantage to secure people, devices…

Read more →

Anitian, a leading cloud security and compliance automation provider, announced Documentation Automation, an enhancement to its Cloud Security Platform that automates documentation for the most stringent compliance standards. This enhancement further delivers on Anitian’s promise to deliver unrivaled time-to-compliance and…

Read more →

Today, at RSA Conference 2020 in San Francisco, CyberArk released the industry’s first privilege-based deception capabilities designed to defend against credential theft on workstations and servers. Local administrator rights are often left on endpoints, making them attractive targets for attackers…

Read more →

The Open Cybersecurity Alliance (OCA) today announced the availability of OpenDXL Ontology, the first open source language for connecting cybersecurity tools through a common messaging framework. With open source code freely available to the security community, OpenDXL Ontology enables any…

Read more →

With digital transformation investments expected to reach a staggering $7.4 trillion before 2023, organizations realize that they must disrupt their markets or risk being disrupted themselves. However, with digital transformation comes a multitude of cybersecurity-related challenges to overcome, and it’s…

Read more →

Exploiting a vulnerability in the mobile communication standard LTE, researchers at Ruhr-Universität Bochum can impersonate mobile phone users. Consequently, they can book fee-based services in their name that are paid for via the mobile phone bill – for example, a…

Read more →

IT security practitioners are aware of good habits when it comes to strong authentication and password management, yet often fail to implement them due to poor usability or inconvenience, according to Yubico and Ponemon Institute. The conclusion is that IT…

Read more →

Organizations are detecting and containing attacks faster as the global median dwell time, defined as the duration between the start of a cyber intrusion and it being identified, was 56 days. This is 28% lower than the 78-day median observed…

Read more →

IoT is barreling toward the enterprise, but organizations remain highly vulnerable to IoT-based attacks, according to Extreme Networks. The report, which surveyed 540 IT professionals across industries in North America, Europe, and Asia Pacific, found that 84% of organizations have…

Read more →

A staggering 97% of IT leaders say insider breach risk is a significant concern, according to a survey by Egress. 78% think employees have put data at risk accidentally in the past 12 months and 75% think employees have put…

Read more →

The Ultimate Security Pros’ Checklist provides you with a concise and actionable way to keep track of all your operational, management and reporting tasks. This checklist fully maps the core duties of common security positions – CISO/CIO, Director of Security,…

Read more →

Our increasingly connected world brings enormous potential for social and economic growth. However, without sophisticated security solutions that address the diverse threats posed to connected devices and systems, this potential is at risk of getting squandered. To tackle this challenge,…

Read more →

SS8 Networks, a leader in Lawful Intercept and Monitoring Center platforms, is proud to announce the completion of the first Lawful Intelligence platform built on Amazon Web Services (AWS) for Operators and Law Enforcement Agencies globally. As wireless, broadband, fixed…

Read more →

Gurucul, a leader in unified security and risk analytics technology for on-premises and the cloud, introduced automated intelligent threat hunting that uses artificial intelligence (AI) and machine learning (ML) to detect behaviors associated with cyber attacks and data breaches, while…

Read more →

Ciena added several new products and capabilities to its 5G Network Solutions aimed at reducing network complexity and fueling operators’ migration from 4G to 5G – from radios to data centers and everything in between. Ciena’s unique and open approach…

Read more →

At RSA Conference 2020, Wallarm released an expanded set of parsers, detection of API-specific vulnerabilities and API schema analysis for gRPC and GraphQL. With Wallarm context-specific protection is delivered both for externally-facing APIs and for service-to-service internal APIs for a…

Read more →

BlueVoyant, a global analytics-driven cybersecurity firm, announced the availability of its Managed Detection and Response (MDR) Service for Microsoft Defender Advanced Threat Protection (D-ATP), a unified next-generation anti-virus (NGAV) and endpoint detection and response (EDR) platform. “The addition of Microsoft…

Read more →

Red Hat, the world’s leading provider of open source solutions, announced the general availability of Red Hat OpenStack Platform 16, the latest version of its highly scalable and agile Infrastructure-as-a-Service (IaaS) solution. More than 1,000 enhancements and new features will…

Read more →

CyberMDX, a leading provider of medical cyber security solution, delivering asset visibility and threat prevention for medical devices and clinical assets, announced that it has completed integration certification for the Microsoft Azure Security Center for IoT. Integrating CyberMDX visibility and…

Read more →

SyncDog, the leading Independent Software Vendor (ISV) for next generation mobile security and data loss prevention, announced their partnership with SecureAge, a proven leader in enterprise encryption solutions and AI powered anti-malware technology. The partnership will integrate two of SecureAge’s…

Read more →

Ping Identity, a pioneer in Intelligent Identity solutions, announced it has named Patrick Harding as the company’s Chief Product Architect. Harding returns to Ping Identity after two years of advisory and consulting work in the blockchain and identity space, including…

Read more →

CrowdStrike, a leader in cloud-delivered endpoint protection, announced the appointment of Michael Sentonas as the company’s new chief technology officer effective immediately. Sentonas, who most recently served as the vice president of technology strategy at CrowdStrike, is replacing Dmitri Alperovitch,…

Read more →

Here’s an overview of some of last week’s most interesting news and articles: Sessions, events and seminars to check out at RSA Conference 2020 RSA Conference 2020 takes place next week in San Francisco. Here’s a brief overview of what…

Read more →

Cisco has released a new batch of security fixes for a number of its products, including its Smart Software Manager On-Prem solution and its Email Security and Content Security Management Appliances. Only one of the fixed vulnerabilities is deemed to…

Read more →

Here we are: at the beginning of a new year and the start of another decade. In many ways, technology is exceeding what we expected by 2020, and in other ways, well, it is lacking. Back to the Future made…

Read more →

44% of malicious threats are cloud enabled, meaning that cybercriminals see the cloud as an effective method for subverting detection, according to Netskope. “We are seeing increasingly complex threat techniques being used across cloud applications, spanning from cloud phishing and…

Read more →

The RSA Conference Early Stage Expo is an innovation space dedicated to promoting emerging talent in the industry. Here are some of the most exciting companies exhibiting innovative products and solutions, which you can see in person in the San…

Read more →

A sharp increase (57%) in high-risk vulnerabilities drove the threat index score up 8% from December 2019 to January 2020, according to the Imperva Cyber Threat Index. Following the release of Oracle’s Critical Patch Update – which included 19 MySQL…

Read more →

Worldwide spending on information and communications technology (ICT) is forecast to reach $4.3 trillion in 2020, an increase of 3.6% over 2019, according to IDC. Commercial and public sector spending on information technology (hardware, software and IT services), telecommunications services,…

Read more →

Idaptive, the leading provider of Identity and Access Management solutions, announced a major update to its Next-Gen Access (NGA) platform that adds endpoint security and passwordless capabilities. The update is designed to help organizations with a distributed workforce simplify the…

Read more →

White Ops, the global leader in bot mitigation, announced the release of Application Integrity, a new offering designed to protect enterprises from sophisticated bot-based threats including account takeover, automated account creation, and web scraping. Leveraging the industry leadership the company…

Read more →

Unisys announced that the company is offering $10,000 to participants who can capture data and credentials protected by the Unisys Stealth cybersecurity solution at RSA Conference 2020 in San Francisco. The “Unisys Stealth Capture the Flag” contest will take place…

Read more →

Trustwave unveiled a new portfolio of consulting and managed security services for Palo Alto Networks Prisma Cloud, the industry’s most comprehensive cloud native security platform (CNSP) designed to govern access, protect data and secure applications. Trustwave support for Prisma Cloud…

Read more →

Hewlett Packard Enterprise (HPE) announced advancements in its data protection offerings with Veeam support for HPE Primera storage and enhancements to HPE StoreOnce backup. HPE and Veeam have partnered to protect customer data for the past decade, and this new…

Read more →

Cyware Labs, provider of advanced cyber fusion solutions, announced the release of version 2.0 of the company’s product suite. Available now, enhancements across the matrix of Cyware’s solutions include end-to-end threat intelligence automation, threat response and management capabilities, as well…

Read more →

ElectionShield utilizes BrandShield’s technology to protect political campaigns and candidates from a growing range of online threats. These include social impersonation; fraudulent fundraising schemes; domain squatting; sale of unauthorized merchandise; fake social media content; phishing, social phishing and fake news.…

Read more →

Infoblox, the market leader in next-level networking and DDI services, and Nutanix announced that Infoblox Core DDI and Cloud Platform appliance products, which are part of the Nutanix Elevate Program, have been certified as Nutanix Ready. Infoblox will support its…

Read more →

ClearDATA, the leader in healthcare public cloud security, compliance and privacy, expanded their ClearDATA Comply Software as a Service (SaaS) compliance management product to include Microsoft’s Azure Cloud Services. With this new addition to the ClearDATA portfolio of products, more…

Read more →

QuintessenceLabs, the leader in quantum-cybersecurity solutions, announced that it secured an investment from In-Q-Tel, the non-profit strategic investor that accelerates the development and delivery of cutting-edge technologies to the national security communities of the U.S. and its allies. This investment…

Read more →

CyberX announced a new API-level integration with Microsoft Azure Security Center for IoT, enabling joint clients to gain a unified view of security across all their managed and unmanaged IoT devices. The combination of CyberX’s agentless security platform and Azure…

Read more →

SentinelOne, the autonomous endpoint protection company, announced it has raised $200 million in Series E funding led by global venture capital and private equity firm Insight Partners, with participation from Tiger Global Management, Qualcomm Ventures LLC, Vista Public Strategies of…

Read more →

Veeam Software, the leader in Backup solutions that deliver Cloud Data Management, announced that Gil Vega has been appointed Chief Information Security Officer (CISO). Vega, whose previous experience includes serving as Managing Director and CISO at CME Group and as…

Read more →

Zero Networks unveiled the Zero Networks Access Orchestrator, the first network security platform that automatically defines, enforces and adapts user- and machine-level network access policies to create a continuous airtight zero trust network model, at scale. The company was named…

Read more →

ProcessUnity, a leading provider of cloud-based applications for risk and compliance management, today announced a new pre-built configuration of its award-winning Vendor Risk Management solution. Best Practices Configuration for ProcessUnity Vendor Risk Management (VRM) is a pre-configured Third-Party Risk Management…

Read more →

Since Edward Snowden’s revelations of sweeping internet surveillance by the NSA, the push to encrypt the web has been unrelenting. Bolstered by Google’s various initiatives (e.g., its prioritizing of websites that use encryption in Google Search results, making Chrome mark…

Read more →

Zero trust is a concept that is gaining an increasingly large and dedicated following, but it may mean different things to different audiences, so let’s start with a definition. I refer to an excellent post by my friend Lee Newcombe…

Read more →

From May 2019 and continuing on until the end of the year, there was a dramatic shift by criminals who started targeting APIs, in an effort to bypass security controls. According to data from Akamai, up to 75% of all…

Read more →

Nearly 33.4 billion records were exposed in breaches due to cloud misconfigurations in 2018 and 2019, amounting to nearly $5 trillion in costs to enterprises globally, according to DivvyCloud research. Companies failing to adopt a holistic approach to security Year…

Read more →

In 2019, healthcare data breaches collectively affected over 27 million individuals, according to Bitglass. Categories of breaches Hacking or IT incidents: Breaches related to malicious hackers and improper IT security Unauthorized access or disclosure: All unauthorized access and sharing of…

Read more →

In 2019, at least 10 hospitals turned away patients due to a compromised ability to deliver care following cyber attacks. Less dramatically, in 2019 the industry suffered a record 40-plus million breached medical records. That’s close to 3X as many…

Read more →

HP announced its commitment to driving more stringent industry standards for printer security. As part of this effort, HP has joined the Buyers Lab (BLI) Security Validation Testing program for MFPs and printers. HP unveiled it was the first OEM…

Read more →

BluBracket, the leader in securing code for the enterprise, introduced its product suite, representing the industry’s first comprehensive security solution for code in the enterprise. As a testament to its early technical lead in an important new category, BluBracket has…

Read more →

With its new Western Digital iNAND MC EU521, an embedded Universal Flash Storage (UFS) device, Western Digital equips mobile developers to enhance the 5G smartphone user experience. An early supporter of JEDEC’s implementation of Write Booster under the UFS 3.1…

Read more →

Fortinet, a global leader in broad, integrated and automated cybersecurity solutions, unveiled the FortiGate 1800F Next-Generation Firewall (NGFW) powered by NP7, the company’s seventh generation network processor, to enable today’s largest enterprises to achieve true internal segmentation as well as…

Read more →

Entrust Datacard, a leading provider of trusted identity and secure issuance technology solutions, announced the nShield Issuance Hardware Security Module (HSM), designed exclusively to help create an integrated ecosystem for security, simplicity and serviceability for the company’s payment card systems…

Read more →

Zyxel Communications, a leading provider of secure broadband networking, Internet access and connected home products, announced its family of solutions for service providers based upon IEEE 802.11ax (WiFi 6), the latest Wi-Fi specifications standard. The new WiFi 6 solutions will…

Read more →

JetPatch, a next-generation vulnerability remediation cloud platform, released JetPatch 4.0, which adds machine learning and intelligent workflow automation capabilities to ensure that an organization’s systems are appropriately patched. This latest release minimizes the time it takes to remediate a vulnerability…

Read more →

Snowflake, the cloud data platform, announced general availability on Google Cloud, bringing together Snowflake’s cloud-native data platform with Google Cloud’s capabilities in AI, ML and analytics. Snowflake is now available in the us-central1 (Iowa) and europe-west4 (Netherlands) regions with additional…

Read more →

SolarWinds, a leading provider of powerful and affordable IT management software, announced updates to its SaaS-based infrastructure and application performance monitoring (APM) solution, AppOptics, making application troubleshooting simpler, faster, and more accurate. With new service- and trace-level root cause analysis…

Read more →

Mobile security leader Trustonic announces that it has joined the Car Connectivity Consortium (CCC) to contribute to the development of technical specifications for secure connected car technologies. The CCC is a cross-industry organization advancing global technologies for smartphone-to-car connectivity solutions.…

Read more →

NetSecOPEN, the first industry organization focused on the creation of open, transparent network security performance testing standards, announced that Cisco, Fortinet, Palo Alto Networks and SonicWall are the first three security vendors to achieve certified performance results through open, standardized…

Read more →

Summit 7 Systems, a leading national provider of Cybersecurity Compliance Solutions for the Defense Industrial Base (DIB), announced an expansion of their Cybersecurity Practice Area with the addition of new software and services to prepare Defense and Aerospace Contractors for…

Read more →

CoSoSys, a leading provider of Data Loss Prevention (DLP) solutions for security and compliance, announced that it had secured a strategic investment from Turn/River Capital, a technology-focused growth and private equity fund. The investment will be used to accelerate product…

Read more →

Trend Micro, a global leader in cybersecurity solutions, announced earnings results for the fourth quarter as well as its annual results of fiscal year 2019, ending December 31, 2019. In Q4 2019, Trend Micro delivered the strongest quarter in the…

Read more →

Arctic Wolf, a leading security operations center (SOC)-as-a-service company, announced the addition of Dan Larson as Senior Vice-President of Marketing. In this new role, Larson will lead all aspects of Arctic Wolf’s marketing strategy including product marketing, demand generation, and…

Read more →

In an effort to further position itself for rapid marketplace growth, ThreatConnect, provider of the industry’s only intelligence-driven security operations platform, announces the hiring of four new senior management team members: Miles R. Tappin, Vice President, EMEA; Steve Mariani, VP,…

Read more →

Over 20,000 web servers (and who knows how many websites) have been compromised via trojanized WordPress themes to deliver malware through malicious ads, Prevailion researchers have discovered. The compromised servers are located across the globe and more than a fifth…

Read more →

An unnamed US gas pipeline operator has falled victim to ransomware, which managed to encrypt data both on its IT (information technology) and operational technology (OT) networks and led to a shutdown of the affected natural gas compression facility, the…

Read more →

Many novice Office 365 (O365) shops do not know where platform-specific security vulnerabilities lie, or even that they exist. The threats that you are unaware exist do not cause pain until they rise up and bite – then the agony…

Read more →

In anticipation of his keynote at HITB Security Conference 2020 in Amsterdam, we talked to Jon Callas, a world-renowned cryptographer, software engineer, UX designer, and entrepreneur. Before joining the ACLU as senior technology fellow, he was at Apple, where he…

Read more →

Risk Based Security’s VulnDB team aggregated 22,316 newly-disclosed vulnerabilities during 2019, finding that 37.26% had available exploit code or a Proof of Concept and that 33.43% of all vulnerabilities in 2019 had a CVSS v2 score of 7.0 and above.…

Read more →

Netscout released the findings of its Threat Intelligence Report for the second half of 2019, which also incorporates insights from its 15th Annual Worldwide Infrastructure Security Report (WISR) survey. The report underscores the proliferation of risks faced by global enterprises…

Read more →

For the 2020 Webroot Threat Report, researchers analyzed samples from more than 37 billion URLs, 842 million domains, 4 billion IP addresses, 31 million active mobile apps, and 36 billion file behavior records. Phishing URLs encountered grew by 640% in…

Read more →

Study for the CISSP exam anytime, anywhere using Official (ISC)² CISSP flash cards. This free interactive self-study tool tests knowledge across all eight CISSP domains and gives you immediate feedback to reinforce learning. The vendor-neutral CISSP stands out as the…

Read more →

LUMU has come out of stealth mode and for the first time will be publicly showcasing its solution at this year’s RSA Conference. LUMU was founded in 2019 by cybersecurity veteran and serial entrepreneur Ricardo Villadiego, who previously founded Easy…

Read more →

SentinelOne unveiled its Singularity Platform, an industry first data lake that fuses together the data, access, control, and integration planes of its endpoint protection (EPP), endpoint detection and response (EDR), IoT security, and cloud workload protection (CWPP) into a centralized…

Read more →

Veeam Software announced the general availability of NEW Veeam Availability Suite 10, ushering in the next generation of data protection capabilities that increase data availability, portability, and extensibility. First introduced in 2008 as Veeam Backup & Replication, Veeam Availability Suite…

Read more →

Kingston Digital announced its IronKey D300 Encrypted USB Flash Drive series has achieved NATO Restricted Level Certification. This indicates that, after a detailed validation process, the Kingston IronKey D300, IronKey D300S and IronKey D300SM have been listed in the NATO…

Read more →

SIRP launched a new security scoring module, S3, a major update to its platform. SIRP Security Score (S3) calculates an organization’s security score based on a number of internal and external factors. This enables organizations to more effectively prioritize risks,…

Read more →

As Head of Research at CyberMDX, Elad Luz gathers and analyzes information on a variety of connected healthcare devices in order to improve the techniques used to protect them and/or report about their security issues to vendors. The research includes…

Read more →

RSA Conference 2020 takes place next week in San Francisco. Here’s a brief overview of what to check out while you’re at the conference. Read more about keynotes here. Monday – February 24, 2020 DevOps: 2020 DevSecOps Days at RSA…

Read more →

Cybersecurity has emerged as the top focus of upstream oil and gas companies’ digital investments, according to a report from Accenture. The report is based on a global survey of 255 industry professionals, including C-suite executives, functional leaders and engineers.…

Read more →

Many organizations are starting to realize the benefits of increased scale and velocity of application deployment in their businesses, according to F5 Networks. This value, however, can bring significant complexity as organizations maintain legacy infrastructure while increasingly relying on multiple…

Read more →

Cynerio announced the addition of the virtual segmentation capability to their platform. Safe and effective healthcare IoT security projects can take over a year to execute due to a lack of visibility into network topology and sensitive device operations. Building…

Read more →