Tag: Help Net Security

For nearly four years and perhaps even longer, Forest Blizzard (aka Fancy Bear, aka APT28) has been using a custom tool that exploits a specific vulnerability in Windows Print Spooler service (CVE-2022-38028). Dubbed GooseEgg, the tool is a launcher application…

Read more →

Veritas Technologies announced artificial intelligence (AI)-powered advancements in Veritas 360 Defense. With the self-defending data protection solution, a generative AI-powered operational copilot and new ecosystem partners, organizations can more rapidly recover from ransomware attacks. “Cyber criminals are now using sophisticated…

Read more →

Veeam Software announced the acquisition of Coveware, a provider in cyber-extortion incident response. It brings ransomware recovery and first responder capabilities to further strengthen Veeam’s radical resilience solutions for customers. Coveware by Veeam will continue to operate as it does…

Read more →

Stellar Cyber launched the MITRE ATT&CK Coverage Analyzer, enabling users to visualize the impact of data source changes on their ability to detect threats in their specific environments. With this new tool, free of charge to all existing customers, security…

Read more →

A vulnerability (CVE-2024-4040) in enterprise file transfer solution CrushFTP is being exploited by attackers in a targeted fashion, according to Crowdstrike. The vulnerability allows attackers to escape their virtual file system and download system files (i.e., configuration files), but only…

Read more →

Trellix announced Trellix Email Security for Microsoft Office 365. Combining threat detection, threat intelligence, and security expertise, Trellix offers Microsoft Office 365 customers more cost-effective alternative to Microsoft Defender for Office. The evolving threat landscape and increased sophistication of threat…

Read more →

Align announces the inclusion of a new ransomware prevention feature to enhance its Align Guardian Managed Detection and Response offering powered by Adlumin. This innovative solution is designed to detect and halt ransomware in its tracks, safeguarding files from encryption…

Read more →

We stand at a crossroads for election misinformation: on one side our election apparatus has reached a higher level of security and is better defended from malicious attackers than ever before. On the other side, the rise of artificial intelligence…

Read more →

23% of Americans said they recently came across a political deepfake they later discovered to be fake, according to McAfee. The actual number of people exposed to political and other deepfakes is expected to be much higher given many Americans…

Read more →

Institutions featured on this list often provide undergraduate and graduate degrees, courses, as well as certificate programs tailored to meet the growing demand for cybersecurity professionals in various industries. Some notable colleges and universities renowned for their cybersecurity programs and…

Read more →

Q1 saw substantial shifts in activity from some of the most prolific Ransomware-as-a-Service (RaaS) groups, according to GuidePoint Security. RaaS groups attempt to recruit disaffected or displaced affiliates In addition to revealing a nearly 20% year-over-year increase in the number…

Read more →

Setting up MFA can seem daunting for consumers just beginning to clean up their security postures. In this Help Net Security video, Larry Kinkaid, Manager, Cybersecurity Consulting at BARR Advisory, shares tips for consumers who need simple, accessible ways to…

Read more →

Binary Defense announced several important updates to BDVision, the company’s real-time detection and containment Managed Endpoint Detection & Response (mEDR) solution. These critical updates – which include new deception technology, artificial intelligence-based threat detection, EDR bypass detection, and small business…

Read more →

apexanalytix launched Passkeys, a feature that enables suppliers to securely log into their accounts using biometrics like a fingerprint or face scan, or a screen lock PIN. The latest FBI Internet Crime Report reveals that business email compromise (BEC) led…

Read more →

MITRE has been breached by attackers via two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Ivanti’s Connect Secure VPN devices. The attackers have also managed to move laterally and compromise the company network’s VMware infrastructure, MITRE confirmed late last week. What is…

Read more →

Trend Micro unveiled AI-driven cyber risk management capabilities across its entire flagship platform, Trend Vision One. This seamlessly integrates more than 10 industry technology categories into one offering, empowering security, cloud and IT operations teams to manage risk proactively. The…

Read more →

In this article, we’ll identify some first steps you can take to establish your cloud security strategy. We’ll do so by discussing the cloud security impact of individual, concrete actions featured within the CIS Critical Security Controls (CIS Controls) and…

Read more →

In this Help Net Security interview, Roy Davis, Manager – Vulnerability Management & Bug Bounty at Zoom, discusses the role bug bounty programs play in identifying security vulnerabilities and facilitating collaboration with researchers. He offers advice to organizations, stressing the…

Read more →

In this Help Net Security video, Sonu Shankar, Chief Strategy Officer at Phosphorus, discusses how Blackjack’s Fuxnet malware should be a wakeup call to industrial operators about the vulnerability of sensor networks and the outsized impact these attacks can have…

Read more →

Cloud Console Cartographer is an open-source tool that maps noisy log activity into highly consolidated, succinct events to help security practitioners cut through the noise and understand console behavior in their environment. “Infrastructure as code has replaced a lot of…

Read more →