Tag: Help Net Security

With the latest round of security updates, Apple has fixed two zero-day WebKit vulnerabilities (CVE-2023-42916, CVE-2023-42917) that “may have been exploited against versions of iOS before iOS 16.7.1.” About the vulnerabilities (CVE-2023-42916, CVE-2023-42917) CVE-2023-42916 is a out-of-bounds read flaw, while…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Amazon, Datadog, Entrust, Fortanix, GitHub, Nitrokey, and Paladin Cloud. Amazon One Enterprise palm-based identity service improves security of physical spaces, digital assets Amazon One Enterprise…

Read more →

With the proliferation of SaaS applications, remote work and shadow IT, organizations feel obliged to embrace cloud-based cybersecurity. And rightly so, because the corporate resources, traffic, and threats are no longer confined within the office premises. Cloud-based security initiatives, such…

Read more →

Nearly 72% of applications in the financial services sector contain security flaws, according to Veracode. Despite the alarming figure, this rate of software vulnerability was the lowest of all industries analyzed and has improved since last year. The research also…

Read more →

97% of US-based CIOs expressed serious concerns about at least one cybersecurity threat, according to Opengear. Failing to have the correct human oversight over the network can open up opportunities for cybercriminals to find vulnerabilities in underserved setups. It’s perhaps…

Read more →

Flow Security announced its extension to GenAI Security with the launch of a new GenAI DLP module. The widespread use of Generative AI, while leading to advancements across the enterprise and fueling exceptional innovation, has led to increasing concern over…

Read more →

Secret Double Octopus (SDO) has enhanced its Passwordless MFA platform to offer government- caliber identity verification to enterprises who need high-assurance login for privileged business and technical users. SDO’s new Proximity Assurance feature uses familiar mobile push notifications to cryptographically…

Read more →

Dremio has unveiled AI-powered data discovery capabilities that accelerate and simplify data contextualization and description for analytics, along with improved capabilities that extend its leadership as the analytics engine for Apache Iceberg. Expanding on previously announced Generative AI text-to-SQL capabilities,…

Read more →

Delinea announced new features for Secret Server to improve usability and increase PAM adoption across organizations. These enhancements optimize how privileged users interact with the vault through Web Password Filler and Connection Manager, while new capabilities within the Delinea Mobile…

Read more →

News that Iran-affiliated attackers have taken over a programmable logic controller (PLC) at a water system facility in Pennsylvania has been followed by a public alert urging other water authorities to immediately secure their own PLCs. “The cyber threat actors…

Read more →

Egress has launched a highly accurate graymail solution, with full end-user control, dedicated to improving employee productivity and reducing the time administrators spend reviewing incorrectly reported phishing emails. The graymail feature is architected into Egress’ inbound threat detection product, Egress…

Read more →

ThreatNG Security launched its new Ransomware Susceptibility Assessment, Reporting, and Monitoring Solution. The new solution helps organizations assess their ransomware susceptibility externally and monitor their networks for potential threats. According to the FBI, ransomware attacks increased by 13% in 2022,…

Read more →

German company Nitrokey has released NetHSM 1.0, an open-source hardware security module (HSM). Nitrokey NetHSM 1.0 features The module can be used for storing and managing a variety of cryptographic keys (e.g., keys to enable HTTPS, DNSSEC, secure blockchain transactions,…

Read more →

SAS has signed a strategic collaboration agreement (SCA) with AWS with plans to help customers extract maximum value and performance from their data in the cloud. SAS now offers SAS Customer Intelligence 360, a highly intelligent customer experience solution, in…

Read more →

OpenAI is putting more power into the hands of users of GenAI, allowing them to create their custom AI agents without writing code. These custom GPTs are the latest leap forward in the rapidly evolving AI landscape, but this highly…

Read more →

Mosint is an automated email OSINT tool written in Go designed to facilitate quick and efficient investigations of target emails. It integrates multiple services, providing security researchers with rapid access to a broad range of information. “In my previous job,…

Read more →

In this Help Net Security interview, Richard Chambers, Senior Internal Audit Advisor at AuditBoard, discusses the transformational role of the internal audit function and risk management in helping organizations bridge the gap in risk exposure. He talks about how a…

Read more →

Here’s a look at the most interesting products from the past month, featuring releases from: Action1, Amazon, Aqua Security, ARMO, Datadog, Devo Technology, Druva, Entrust, Enzoic, Fortanix, GitHub, Illumio, Immuta, IRONSCALES, Kasada, Lacework, Malwarebytes, OneSpan, Paladin Cloud, Snappt, ThreatModeler, and…

Read more →

Despite the rising adoption of collaboration and instant messaging software, email remains a significant area of concern regarding cyber attacks, particularly the increasing threat of cybercriminals employing harmful web links in emails, according to Hornetsecurity. Attack techniques used in email…

Read more →

ManageEngine has unveiled the dual-layered threat detection system in its security information and event management (SIEM) solution, Log360. The new feature, available in Log360’s threat detection, investigation and response (TDIR) component, Vigil IQ, empowers security operations center (SOC) teams in…

Read more →