Tag: Help Net Security

ESET Research has recorded a considerable increase in AceCryptor attacks, with detections tripling between the first and second halves of 2023. In recent months, researchers registered a significant change in how AceCryptor is used, namely that the attackers spreading Rescoms…

Read more →

Nirmata announced new features for its flagship product, Nirmata Policy Manager. With today’s increasing cloud security threats, detecting intrusions is no longer enough – the damage may already be done. That’s why Nirmata has developed Nirmata Policy Manager to proactively…

Read more →

As AI gets baked into enterprise tech stacks, AI applications are becoming prime targets for cyber attacks. In response, many cybersecurity teams are adapting existing cybersecurity practices to mitigate these new threats. One such practice measure is red teaming: the…

Read more →

Even with the best-of-the-best tools and tech stack monitoring vulnerabilities, every security executive and GRC leader should still have some layer of paranoia. If they don’t, that’s a huge issue. In this Help Net Security video, Shrav Mehta, CEO at…

Read more →

Data loss is a problem stemming from the interaction between humans and machines, and ‘careless users’ are much more likely to cause those incidents than compromised or misconfigured systems, according to Proofpoint. While organizations are investing in ​Data Loss Prevention…

Read more →

A total of 29% of web attacks targeted APIs over 12 months (January through December 2023), indicating that APIs are a focus area for cybercriminals, according to Akamai. API integration amplifies risk exposure for enterprises APIs are at the heart…

Read more →

Appdome has unveiled its new Social Engineering Prevention service on the Appdome platform. The new service enables mobile brands to continuously detect, block and intervene the moment social engineering attacks attempt to exploit user trust or manipulate user behavior. The…

Read more →

Kasada released a bot detection API with out-of-the-box integrations for Content Delivery Network (CDN) edge computing platforms. Security teams can use the new integrations to quickly block abuse and online fraud without sacrificing user experience or data privacy. Threat actors…

Read more →

Tufin released of Tufin Orchestration Suite (TOS) version R24-1. The latest additions to Tufin’s solution enhance customers’ ability to manage cloud security controls from a centralized interface, making security policy management more effective. With TOS R24-1, Tufin enables complete visibility…

Read more →

CalypsoAI has launched the CalypsoAI Platform, a SaaS-based security and enablement solution for generative AI applications within the enterprise. With the new model-agnostic SaaS platform, technology, innovation, and security leaders can harness the power of generative AI and large language…

Read more →

Ordr has launched its new OrdrAI CAASM+ (Cyber Asset Attack Surface Management) product, built on top of the OrdrAI Asset Intelligence Platform. For years, Ordr has been solving asset visibility and security challenges in the world’s most demanding environments, including…

Read more →

Synopsys released Synopsys fAST Dynamic, a new dynamic application security testing (DAST) offering on the Synopsys Polaris Software Integrity Platform. fAST Dynamic enables development, security, and DevOps teams to find and fix security vulnerabilities in modern web applications without impeding…

Read more →

eSentire launched its first standalone cybersecurity product, eSentire Threat Intelligence, extending eSentire’s protection and automated blocking capability across firewalls, threat intelligence platforms, email services and endpoint agents. eSentire Threat Intelligence provides mid-market and enterprise organizations with a simple API gateway…

Read more →

Drata has unveiled a new offering, Adaptive Automation. Augmenting the scope of continuous control monitoring and evidence collection, Adaptive Automation empowers GRC professionals to save time and automate even more of their compliance program through customized tests within Drata’s platform,…

Read more →

Traefik Labs has unveiled product updates that address the escalating adoption of Kubernetes and the crucial role of API management in modern digital infrastructure. The updates include a Kubernetes-native API gateway, integration of a Web Application Firewall (WAF), and advanced…

Read more →

Whether the cause is insurmountable technical debt, lack of funds, a third reason or all of them, NIST’s National Vulnerability Database (NVD) is struggling, and it’s affecting vulnerability management efforts. What happened? Anyone who regularly uses the NVD as a…

Read more →

Working with the world’s largest enterprises and global policymakers to address the complexities of optimizing your software supply chain with SBOMs (Software Bill of Materials), Sonatype announced SBOM Manager. This solution provides an integrated approach to managing SBOMs from third-party…

Read more →

Verimatrix released its new Verimatrix Counterspy anti-piracy solution. Counterspy leverages technology first developed by the company’s cybersecurity team back in 2021 to offer an innovative new way to counter the rise in video piracy in an era where streaming apps…

Read more →

SUSE announced enhancements across its cloud native and Edge portfolio to enable customers to securely deploy and manage business-critical workloads anywhere. New capabilities in Rancher Prime 3.0, SUSE’s commercial offering of Rancher and SUSE Edge 3.0 commit to enabling choice…

Read more →

Proof-of-concept (PoC) exploit code for a critical RCE vulnerability (CVE-2024-25153) in Fortra FileCatalyst MFT solution has been published. About CVE-2024-25153 Fortra FileCatalyst is an enterprise managed file transfer (MFT) software solution that includes several components: FileCatalyst Direct, Workflow, and Central.…

Read more →