Tag: Help Net Security

Radiant Logic unveiled RadiantOne AI, its data lake powered Artificial Intelligence engine, and AIDA, its Generative AI Data Assistant. RadiantOne AI is designed to complement your existing tech stack and governance products by correlating data across multiple sources and providing…

Read more →

Two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Ivanti Connect Secure VPN devices are under active exploitation by unknown attackers, Volexity researchers have discovered. Patches for these flaws are currently unavailable, but the risk of exploitation can be mitigated by importing mitigation.release.20240107.1.xml…

Read more →

Cisco has fixed a critical vulnerability (CVE-2024-20272) in Cisco Unity Connection that could allow an unauthenticated attacker to upload arbitrary files and gain root privilege on the affected system. Cisco Unity Connection is a unified messaging and voicemail solution for…

Read more →

VicOne announced a partnership with BlackBerry to strengthen the cybersecurity posture of the automotive ecosystem. By leveraging ML processing at the edge and cloud-controlled access to vehicle data, the partnership will enable car manufacturers and software developers to investigate and…

Read more →

Vanta announced that it has appointed Jadee Hanson as its CISO, overseeing Security, Enterprise Engineering, Privacy and Governance, Risk and Compliance (GRC), reporting directly to Vanta’s CEO Christina Cacioppo. Hanson is the latest executive to join Vanta’s leadership team over…

Read more →

Organizations constantly work to ensure optimal threat detection and prevention across their systems. One question gets asked repeatedly: “Can we detect the threats we’re supposed to be able to detect?” Red team assessment, penetration testing, and even purple team assessments…

Read more →

In this Help Net Security, Alexander Hagenah, Head of Cyber Controls at SIX, discusses the critical steps in creating effective offensive security operations and their impact on organizational security strategies. What are the critical steps in creating effective offensive security…

Read more →

In this Help Net Security video, Bindu Sundaresan, Director at AT&T Cybersecurity, discusses the ongoing changes we’ll see from the CISO role as digital transformation efforts continue. It is now a position that leads cross-functional teams to match the speed…

Read more →

APIs, a technology that underpins today’s most used sites and apps, are being leveraged by businesses more than ever—ultimately opening the door to more online threats than seen before, according to Cloudflare. APIs power the digital world—our phones, smartwatches, banking…

Read more →

Dasera has expanded its capabilities, securing sensitive data across multiple applications. With the inclusion of Microsoft 365, Dasera provides organizations with enhanced visibility into their data across OneDrive, SharePoint, and Teams, ensuring robust protection and governance. The integration with Microsoft…

Read more →

Hackers are brute-forcing exposed MS SQL database servers to deliver Mimic ransomware, Securonix researchers are warning. About Mimic ransomware Mimic ransomware was first spotted in the wild in June 2022 and analyzed by Trend Micro researchers in January 2023. It…

Read more →

Someone has hijacked the X (formerly Twitter) account of the US Securities and Exchange Commission (SEC), and posted an announcement saying the agency has decided to allow the listing of Bitcoin ETFs (exchange-traded funds) on registered national security exchanges. The…

Read more →

Bluefin launched a new ShieldConex capability providing token and/or EMV/P2PE based processing services to any payment processor, as well as protecting Personally Identifiable Information and Protected Health Information (PII/PHI) endpoints. For enterprise merchants looking for a universal solution, the endpoint-agnostic…

Read more →

anecdotes announced that it has closed $25 million in a Series B round of funding, elevating the total capital raised to $55 million. Notably, Vertex and DTCP have joined as new investors, underscoring their belief in anecdotes’ unique enterprise offering…

Read more →

Fly Catcher is an open-source device that can detect aircraft spoofing by monitoring for malicious ADS-B signals in the 1090MHz frequency. Angelina Tsuboi, the developer of Fly Catcher, is an enthusiastic pilot, cybersecurity researcher, and tinkerer. She was driven to…

Read more →

As large language models (LLMs) become more prevalent, a comprehensive understanding of the LLM threat landscape remains elusive. But this uncertainty doesn’t mean progress should grind to a halt: Exploring AI is essential to staying competitive, meaning CISOs are under…

Read more →

In this Help Net Security video, Nick Carroll, Cyber Incident Response Manager at Raytheon, discusses how while organizations will be challenged to strengthen their defenses faster than cyber threats are evolving, this ‘come from behind’ rush to keep pace with…

Read more →

A team of computer scientists led by the University of Massachusetts Amherst recently announced a new method for automatically generating whole proofs that can be used to prevent software bugs and verify that the underlying code is correct. This new…

Read more →

For January 2024 Patch Tuesday, Microsoft has released fixes for 49 CVE-numbered vulnerabilities, two of which are critical: CVE-2024-20674 and CVE-2024-20700. None of the vulnerabilities fixed this time aroundare under active exploitation or have been previously publicly disclosed. The critical…

Read more →

SpecterOps announced updates to BloodHound Enterprise (BHE) that add new Attack Paths focused on Active Directory Certificate Services (ADCS). These updates make BHE the most advanced tool on the market today for securing ADCS. ADCS is the Public Key Infrastructure…

Read more →