Tag: Help Net Security

Less than two weeks after having plugged a security hole that allows account takeover without user interaction, GitLab Inc. has patched a critical vulnerability (CVE-2024-0402) in GitLab CE/EE again and is urging users to update their installations immediately. GitLab Inc.…

Read more →

HaystackID announced the expansion of its Protect Analytics AI Suite of AI enabled services designed to enhance the efficiency and effectiveness of identifying, analyzing, and reporting on sensitive information within large, unstructured datasets. The enhanced suite featuring Protect Analytics AI…

Read more →

Qualys announced that it is expanding its partnership with Orange Cyberdefense. This expansion signifies that Qualys’ capabilities such as Vulnerability Management, Detection and Response (VMDR) will be included in Orange Cyberdefense’s managed Vulnerability Intelligence Service. The expanded collaboration will give…

Read more →

Faction is an open-source solution that enables pentesting report generation and assessment collaboration. Josh Summitt, the creator of Faction, has always disliked the process of writing reports, preferring to focus on uncovering bugs. A key frustration for him was the…

Read more →

A new user is signing up for a SaaS application. On the one hand, UX teams want that user to get into the app as quickly as possible. On the other hand, security teams want the user to strongly validate…

Read more →

In this Help Net Security video, Yochai Corem, CEO of Cyberint, explores the ransomware environment’s development, effects, and emerging patterns throughout the previous year. 2023 marked a historic high for ransomware groups, with a 55.5% increase in attacks, reaching 4,368…

Read more →

Despite stringent regulations and calls for ‘security by design’, organizations are still failing to equip teams with the knowledge to secure code, according to Security Journey. In fact, only 20% of respondents were confident in their ability to detect a…

Read more →

To manage an environment of increasing risks and limited resources, healthcare internal audit and compliance departments must align their risk assessments and audit work plans to areas most vital to achieving the strategic goals and business objectives of their organizations,…

Read more →

Dynatrace announced it signed a definitive agreement to acquire Runecast, a provider of AI-powered security and compliance solutions. Adding Runecast to the Dynatrace platform will extend Dynatrace contextual security protection and analytics with Runecast security posture management. This will enable…

Read more →

Juniper Networks announced an AI-Native Networking Platform, purpose-built to leverage AI to assure the best end-to-end operator and end-user experiences. Trained on seven years of insights and data science development, Juniper’s AI-Native Networking Platform was designed from the ground up…

Read more →

Several proof-of-concept (PoC) exploits for a recently patched critical vulnerability (CVE-2024-23897) in Jenkins has been made public and there’s evidence of exploitation in the wild. About CVE-2024-23897 Jenkins is a widely used Java-based open-source automation server that helps developers build,…

Read more →

Networks serve as the backbone of modern communication and business operations, facilitating seamless data exchange and connectivity. However, the increasing complexity of networks also brings forth heightened security challenges. Robust network security measures are essential to safeguard against cyber threats,…

Read more →

2024 is shaping up to be a record-breaking year for data breaches, according to Experian. Despite 2023 being labeled as a ‘successful’ year for malicious actors, the upcoming months may bring forth developments that could further disrupt the cybersecurity landscape.…

Read more →

In the last year, the world’s critical infrastructure – the medical, power, communications, waste, manufacturing, and transportation equipment that connects people and machines – has been under near-constant attack, according to Forescout. Despite the formidable challenges posed by the ongoing…

Read more →

In this Help Net Security interview, Alon Gal, CTO at Hudson Rock, discusses integrating cybercrime intelligence into existing security infrastructures. Our discussion will cover a range of essential aspects, from the importance of continuous adaptation in cybersecurity strategies to practical…

Read more →

With organizations increasingly relying on third-party vendors, upping the third-party risk management (TPRM) game has become imperative to prevent the fallout of third-party compromises. Third-party risks SecurityScorecard recently found that 98% of organizations are connected with at least one third-party…

Read more →

There’s a good reason why ransomware gangs started exfiltrating victims’ data instead of just encrypting it: those organizations pay more. University of Twente researcher Tom Meurs and his colleagues wanted to know which factors influence victims to pay the ransom…

Read more →

88% of organizations still use passwords as their primary method of authentication, according to Specops Software. The report found that 31.1 million breached passwords had over 16 characters, showing longer passwords aren’t safe from being cracked. 40,000 admin portal accounts…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from 1Kosmos, Atakama, Onfido, Regula, Searchlight Cyber, Seceon, and Veriti. Onfido Compliance Suite simplifies local and global identity verification Onfido’s Compliance Suite introduces Qualified Electronic Signature…

Read more →

In this Help Net Security interview, Amber Schroader, CEO at Paraben Corporation, discusses the challenges posed by the complexity of modern computer systems and networks on digital evidence collection. Schroader talks about the impact of exponential data growth on forensic…

Read more →