Tag: Help Net Security

LendingTree subsidiary QuoteWizard and automotive parts provider Advance Auto Parts have been revealed as victims of attackers who are trying to sell data stolen from Snowflake-hosted cloud databases. Snowflake says that their investigation is still ongoing, but continues to stand…

Read more →

Entrust launched Citizen Identity Orchestration solution. Governments now can streamline the delivery of public services through secure digital identities, embedding trust in every citizen interaction. The innovative and modular solution from Entrust launches as governments worldwide experience increasing demands for…

Read more →

Radare is an open-source UNIX-like reverse engineering framework and command-line toolset. It can be scripted, modified, and used for batch analysis. “I started the project in 2006 when I was working as a forensic analyst, and I wrote a simple…

Read more →

With its capability to analyze, predict, and automate, AI stands to reshape many corners of business, most notably cybersecurity. In the field of vulnerability management specifically, AI is poised to have a profound impact, enhancing two key areas: Providing quicker…

Read more →

75% of security professionals had to change their cybersecurity strategy in the last year due to the rise in AI-powered cyber threats, with 73% expressing a greater focus on prevention capabilities, according to Deep Instinct. Additionally, 97% of respondents are…

Read more →

CISOs who elevate response and recovery to equal status with prevention are generating more value than those who adhere to outdated zero tolerance for failure mindsets, according to Gartner. “Each new cybersecurity disruption exposes the fact that CISOs manage more…

Read more →

In this Help Net Security video round-up, security experts discuss various aspects of identity verification and security, including generative AI’s impact, the state of identity fraud prevention, and the potential impact of identity challenges on the security sector. Complete videos…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: High-risk Atlassian Confluence RCE fixed, PoC available (CVE-2024-21683) If you’re self-hosting an Atlassian Confluence Server or Data Center installation, you should upgrade to the latest…

Read more →

The insistent public complaints and proof-of-concept tools have have borne fruit: Microsoft has realized that the security of its recently previewed Windows Recall feature leaves much to be desired, and has announced important changes. About Windows Recall A few weeks…

Read more →

SolarWinds has fixed a high-severity vulnerability (CVE-2024-28995) affecting its Serv-U managed file transfer (MFT) server solution, which could be exploited by unauthenticated attackers to access sensitive files on the host machine. About CVE-2024-28995 Serv-U MFT Server is a widely used…

Read more →

May 2024 Patch Tuesday was unusual because we had security updates from Adobe, Apple, Google, Mozilla, and Microsoft on the same day. While individually from each vendor, the updates weren’t that large, managing them together was more challenging. On the…

Read more →

Ransomware remains an ongoing threat for organizations and is the largest single cause of IT outages and downtime as 41% of data is compromised during a cyberattack, according to Veeam. “Ransomware is endemic, impacting 3 out of 4 organizations in…

Read more →

CISA’s late April AI and infrastructure guidelines address 16 sectors along with their cybersecurity needs and operations concerning the growth of AI as a tool to build both federal and vendor cybersecurity infrastructure in the federal marketplace. In this Help…

Read more →

26% of organizations don’t provide IT security training to end-users, according to Hornetsecurity. The Hornetsecurity survey, which compiled feedback from industry professionals worldwide, also reveals that 8% of organizations offer adaptive training that evolves based on the results of regular…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Appdome, SailPoint, Tines, Trend Micro, Verimatrix, and Zyxel Networks. Zyxel Networks USG LITE 60AX improves network security Zyxel Networks launched USG LITE 60AX–an AX6000 WiFi…

Read more →

Darktrace launched its new service offering, Darktrace Managed Detection & Response (MDR). The service combines detection and response capabilities spanning across the enterprise, with the expertise of its global analyst team. This combination augments internal security teams with AI-powered threat…

Read more →

Zyxel has released patches for three critical vulnerabilities (CVE-2024-29972, CVE-2024-29973, and CVE-2024-29974) affecting two network-attached storage (NAS) devices that have recently reached end-of-vulnerability-support. About the vulnerabilities The three vulnerabilities are: A command injection vulnerability in the CGI program that could…

Read more →

Tenable announced that it has formed a strategic alliance with Deloitte. Deloitte has added the Tenable One Exposure Management Platform, Tenable Cloud Security and Tenable OT Security to its portfolio of available cyber solutions for Internet of Things (IoT) and…

Read more →

HYPR secures $30 million in funding from Silver Lake Waterman to drive accelerated advancements in technologies to combat the rising threat of generative AI-driven credential-based attacks. This investment validates the expanded adoption of HYPR’s passwordless authentication solutions and support for…

Read more →

Your business, attack surface, and threat landscape are not static—they are constantly changing. New vulnerabilities are disclosed hourly, new exploits for old vulnerabilities are publicly released, and threat actors update their techniques continuously. Knowing where and how to prioritize your…

Read more →