Tag: Help Net Security

Living Security announced Unify Power Insights, which combines intelligence across multiple identity management and security tools to pinpoint visibility into which members of the workforce are most vulnerable to phishing, account compromise, malware, data loss, and more. Living Security Unify…

Read more →

Vicarius announced a $30 million Series B led by cybersecurity investment firm Bright Pixel (formerly Sonae IM). AllegisCyber Capital, AlleyCorp, and Strait all participated in the financing. The company’s total funding, including investments from previous investors such as JVP, is…

Read more →

Kaspersky’s researchers have developed a lightweight method to detect indicators of infection from sophisticated iOS spyware such as NSO Group’s Pegasus, QuaDream’s Reign, and Intellexa’s Predator through analyzing a log file created on iOS devices. Analyzing the Shutdown.log The company’s…

Read more →

Industrial Defender announced a strategic technology partnership with Dragos. The collaboration between these leaders in OT cybersecurity integrates their respective platform capabilities, representing a major move towards combining their leading strengths to enhance outcomes for OT operators. The partnership is…

Read more →

In the new stable release of the Chrome browser, Google has fixed three security vulnerabilities affecting the V8 engine, including one zero-day (CVE-2024-0519) with an existing exploit. About CVE-2024-0519 V8 is an open-source JavaScript and WebAssembly engine developed by the…

Read more →

Navigating layoffs is complex and difficult for many reasons. Not only do human resources and direct managers bear the onus of responsibility when conducting exit conversations, but security teams should also make the necessary preparations for monitoring anomalies in employee…

Read more →

In this Help Net Security interview, Chris Mixter, Vice President, Analyst at Gartner, discusses the dynamic world of CISOs and how their roles have evolved significantly over the years. He outlines the critical skills for CISOs in 2024, addresses the…

Read more →

Employees play a significant role in safeguarding organizational assets. With a constantly evolving threat landscape, cybersecurity awareness training is an essential component in creating a good security culture. Why cybersecurity awareness training? 81% of organizations were hit by malware, phishing,…

Read more →

In this Help Net Security video, Peter Manev, Chief Strategy Officer at Stamus Networks, discusses a pervasive problem plaguing security analysts called “alert fatigue,” – which occurs when security teams become desensitized to an overwhelming volume of alerts, causing them…

Read more →

Increasing data requests overwhelm IT teams, but security concerns hinder their ability to provide employees with access to timely data, according to CData Software. The majority of Ops professionals feel that they are prohibited from accessing the data they need…

Read more →

Atlassian has patched a critical vulnerability (CVE-2023-22527) in Confluence Data Center and Confluence Server that could lead to remote code execution. The good news is that the flaw was fixed in early December 2023 with the release of versions 8.5.4…

Read more →

Fortinet announced a comprehensive secure networking solution integrated with Wi-Fi 7. Fortinet’s first Wi-Fi 7 access point, FortiAP 441K, delivers increased speed and capacity, and the new FortiSwitch T1024 is purpose-built with 10 Gigabit Ethernet (GE) access and 90W Power…

Read more →

Skopenow launched Grid, its new 360-degree situational awareness solution. Grid equips security, intelligence, and investigative teams worldwide with enhanced proactive threat intelligence capabilities, enabling real-time detection of risks to people, assets, and operations. In a global landscape marked by uncertainty,…

Read more →

Over 1,700 Ivanti Connect Secure VPN devices worldwide have been compromised by attackers exploiting two zero-days with no patches currently available. “Additional threat actors beyond UTA0178 appear to now have access to the exploit and are actively trying to exploit…

Read more →

Accenture and SandboxAQ are partnering to deliver AI and quantum computing solutions to help organizations identify and remediate cybersecurity vulnerabilities. According to recent Accenture research, executives’ top concern for 2024 is the ability to adapt to advancements in technology and…

Read more →

As cyber threats grow more sophisticated, understanding and implementing robust cybersecurity frameworks is crucial for organizations of all sizes. This article lists the most essential cybersecurity frameworks developed to guide businesses and governments in safeguarding their digital assets. From the…

Read more →

OAuth attacks are on the rise. In December, the Microsoft Threat Intelligence team observed threat actors misusing OAuth apps to take over a cloud server and mine cryptocurrency, establish persistence following business email compromise and launch spam activity using the…

Read more →

Tsurugi Linux is a heavily customized open-source distribution focused on supporting DFIR investigations. The project focuses mainly on live forensics analysis, post-mortem analysis, and digital evidence acquisition. Users can also perform malware analysis, OSINT and computer vision activities. “We’ve crafted…

Read more →

Misinformation and disinformation are biggest short-term risks, while extreme weather and critical change to Earth systems are greatest long-term concern, according to the Global Risks 2024 Report from the World Economic Forum. Against a backdrop of systemic shifts in global…

Read more →

A vulnerability (CVE-2023-36025) that Microsoft fixed in November 2023 continues to be exploited by malware peddlers: this time around, the delivered threat is a variant of the Phemedrone Stealer. About the malware Phemedrone Stealer is a piece of malware written…

Read more →