In 2023, 71% of organizations across various industries reported that their business feels the impact of the ongoing cybersecurity skills shortage. Many companies have been forced to scale back their cybersecurity programs as they struggle to find experienced candidates to…
Tag: Help Net Security
WEF Cybercrime Atlas: Researchers are creating new insights to fight cybercrime
In early 2023, the World Economic Forum (WEF) launched Cybercrime Atlas, with the intent to map the cybercriminal ecosystem by facilitating collaboration between private and public organizations. What does this collaboration look like in practice? We’ve asked Sean Doyle, the…
AI risks under the auditor’s lens more than ever
According to a recent Gartner survey, widespread GenAI adoption has resulted in a scramble to provide audit coverage for potential risks arising from the technology’s use. In this Help Net Security video, Thomas Teravainen, a Research Specialist at Gartner, discusses…
GSMA releases Mobile Threat Intelligence Framework
GSM Association’s Fraud and Security Group (FASG) has published the first version of a framework for describing, in a structured way, how adversaries attack and use mobile networks, based on the tactics, techniques and procedures (TTPs) that they use. The…
Cybersecurity jobs available right now: April 10, 2024
Application Security Engineer HCLTech | Mexico | Remote – View job details As an Application Security Engineer, you will work on the security engineering team and collaborate with other IT professionals to ensure that user data is protected. Cybersecurity Incident…
Microsoft patches two actively exploited zero-days (CVE-2024-29988, CVE-2024-26234)
On this April 2024 Patch Tuesday, Microsoft has fixed a record 147 CVE-numbered vulnerabilities, including CVE-2024-29988, a vulnerability that Microsoft hasn’t marked as exploited, but Peter Girnus, senior threat researcher with Trend Micro’s Zero Day Initiative (ZDI), has found being…
Microsoft patches actively exploited security feature bypass vulnerability (CVE-2024-29988)
On this April 2024 Patch Tuesday, Microsoft has fixed a record 147 CVE-numbered vulnerabilities, including CVE-2024-29988, a vulnerability that Microsoft hasn’t marked as exploited, but Peter Girnus, senior threat researcher with Trend Micro’s Zero Day Initiative (ZDI), has found being…
LG smart TVs may be taken over by remote attackers
Bitdefender researchers have uncovered four vulnerabilities in webOS, the operating system running on LG smart TVs, which may offer attackers unrestricted (root) access to the devices. “Although the vulnerable service is intended for LAN access only, Shodan, the search engine…
New Google Workspace feature prevents sensitive security changes if two admins don’t approve them
Google is rolling out multi-party approvals for Google Workspace customers with multiple super admin accounts, the company has announced. What does the feature do? Google Workspace (formerly G Suite) is a cloud-based set of productivity and collaboration tools/services aimed at…
ESET Small Business Security offers protection against online fraud, data theft and human error
ESET introduced ESET Small Business Security, which has been specifically designed to meet the cybersecurity needs of Small Office/Home Office business owners. According to the Small Business Administration, out of the 33.3 million small businesses in the United States, over…
TufinMate accelerates network access troubleshooting
Tufin launched TufinMate, an AI assistant that helps organizations troubleshoot network access issues across hybrid and multi-vendor network environments. TufinMate automates the secure network access enablement process across the organization, allowing a broad array of stakeholders, including those outside of…
Gurucul Data Optimizer provides control over real-time data transformation and routing
Gurucul launched Gurucul Data Optimizer, an intelligent data engine that allows organizations to optimize their data while reducing costs, typically by 40% out of the box and up to 87% with fine-tuning. A universal collector and forwarder, Gurucul Data Optimizer…
Sectigo appoints Jason Scott as CISO
Sectigo announced the newest member of its senior executive team with the appointment of Jason Scott as CISO. Jason will oversee all aspects of cybersecurity at Sectigo including data, infrastructure, network, applications, and products. He joins the company with more…
Rocket DevOps simplifies compliance processes
Rocket Software is addressing the growing demand for integrated security, compliance, and automation in software development with its latest release of Rocket DevOps, formerly known as Aldon. With its data validation tool and seamless support of CI/CD pipelines, Rocket DevOps,…
Akamai Shield NS53 protects on-prem and hybrid DNS infrastructure
Akamai launched Akamai Shield NS53, a product that protects on-premises (on-prem) Domain Name System (DNS) infrastructure from resource exhaustion attacks. These attacks overwhelm servers to the point that they can no longer respond to valid DNS queries. The new offering…
New Latrodectus loader steps in for Qbot
New (down)loader malware called Latrodectus is being leveraged by initial access brokers and it looks like it might have been written by the same developers who created the IcedID loader. Malware delivery campaigns “[Latrodectus] was first observed being distributed by…
Darktrace ActiveAI Security Platform helps organizations shift focus to proactive cyber resilience
Darktrace has introduced the Darktrace ActiveAI Security Platform. The platform includes Darktrace’s existing security products supplemented by a set of new innovations and features, including for email and operational technology (OT). The platform uses AI to transform security operations from…
SINEC Security Guard identifies vulnerable production assets
Production facilities are increasingly the target of cyberattacks. Industrial companies are therefore required to identify and close potential vulnerabilities in their systems. To address the need to identify cybersecurity vulnerabilities on the shop floor as quickly as possible, Siemens has…
Cloudflare partners with Booz Allen Hamilton to guide organizations under attack
Cloudflare announced a collaboration with Booz Allen Hamilton to support enterprises under attack by providing expedited Under Attack as a Service (UAaaS) with 30-Day Rapid Response DDoS Mitigation, including continuous monitoring and protection. Under this new agreement, Booz Allen’s Global…
How exposure management elevates cyber resilience
Attackers are adept at identifying and exploiting the most cost-effective methods of compromise, highlighting the critical need for organizations to implement asset identification and understand their assets’ security posture in relation to the whole estate. Instead of asking, “Are we…