Tag: Help Net Security

A team of computer scientists led by the University of Massachusetts Amherst recently announced a new method for automatically generating whole proofs that can be used to prevent software bugs and verify that the underlying code is correct. This new…

Read more →

For January 2024 Patch Tuesday, Microsoft has released fixes for 49 CVE-numbered vulnerabilities, two of which are critical: CVE-2024-20674 and CVE-2024-20700. None of the vulnerabilities fixed this time aroundare under active exploitation or have been previously publicly disclosed. The critical…

Read more →

SpecterOps announced updates to BloodHound Enterprise (BHE) that add new Attack Paths focused on Active Directory Certificate Services (ADCS). These updates make BHE the most advanced tool on the market today for securing ADCS. ADCS is the Public Key Infrastructure…

Read more →

Critical Start launched their Asset Visibility offering. As part of an MCRR strategy, Asset Visibility helps customers become more proactive within their security program, helping them uncover assets that need protection, validate that the expected endpoint security controls are in…

Read more →

Researchers have discovered over two dozen vulnerabilities in “smart” cordless nutrunners (i.e., pneumatic torque wrenches) manufactured by Bosch Rexroth that could be exploited to make the devices inoperable or their output unreliable. “Depending on a manufacturer’s use and business configuration,…

Read more →

ID R&D introduced voice clone detection as a new option for its IDLive Voice liveness detection product. Detecting voice clones and audio deepfakes can prevent fraud and crime, deter bad actors, and help preserve trust in the authenticity of digital…

Read more →

Silex Technology announced their new protection service product offering called AMC Protect, a robust software management service designed to monitor and remedy vulnerabilities. AMC Protect targets customers utilizing Silex’s embedded wireless LAN modules or purchasing Silex’s OEM products. “We have…

Read more →

Delinea announced it has acquired Authomize, an innovator in the detection and elimination of identity-based threats across the cloud. The continuous discovery and visibility capabilities of Authomize, married with Delinea’s SaaS solutions for PAM, will extend the Delinea Platform’s reach…

Read more →

Viavi Solutions announced significant enhancements to the Observer Platform allowing IT teams to further maximize network availability, productivity and compliance. The enhancements include critical new capabilities in End-User Experience (EUE) scoring, digital certificate analysis, application identification, Unified Communications (UC) support,…

Read more →

A blind SQL injection vulnerability (CVE-2023-51448) in Cacti, a widely-used network monitoring, performance and fault management framework, could lead to information disclosure and potentially remote code execution. Cacti is often used in network operation centers of telecoms and web hosting…

Read more →

Zyxel Networks launched the XMG1915 series – a family of smart managed switches designed to provide small businesses and professional home users (prosumers) with the throughput and versatility needed to support today’s high bandwidth applications and services. With the growth…

Read more →

When organizations get hit by ransomware and pay the crooks to decrypt the encrypted data and delete the stolen data, they can never be entirely sure the criminals will do as they promised. And even if an organization gets its…

Read more →

Why is it that when a company becomes aware of a potential data security incident, the team working on it (and others who are made aware that “something” is going on) have an immediate and overwhelming feeling that the company…

Read more →

In this Help Net Security interview, Phil Vachon, Head of Infrastructure in the Office of the CTO at Bloomberg, discusses the varying definitions of zero trust among security professionals and companies, emphasizing its broad design philosophy. Vachon explores challenges in…

Read more →

As AI tools become more widespread, impersonation and deception have become easier. However, organizations are combating this issue with policies and technological solutions. In this Help Net Security video, Mike Bechtel, Chief Futurist at Deloitte, discusses the digital risk of…

Read more →

Think you’re too small to experience a cyber attack? That’s not the case. In fact, cyber threat actors (CTAs) are increasingly setting their sights on small businesses. If successful, their attack attempts can be devastating. Fortunately, the Center for Internet…

Read more →

Adversaries can intentionally mislead or “poison” AI systems, causing them to malfunction, and developers have yet to find an infallible defense against this. In their latest publication, NIST researchers and their partners highlight these AI and machine learning vulnerabilities. Taxonomy…

Read more →

McAfee announced its AI-powered Deepfake Audio Detection technology, known as Project Mockingbird. This new, proprietary technology was developed to help defend consumers against the surging threat of cybercriminals utilizing fabricated, AI-generated audio to carry out scams that rob people of…

Read more →

In this Help Net Security interview, Jayson E. Street, Chief Adversarial Officer at Secure Yeti, discusses intriguing aspects of social engineering and unconventional methods for gathering target information. Street explores the overlooked threat of physical security and the human tendency…

Read more →

Andrew Ginter is a widely-read author on industrial security and a trusted advisor for industrial enterprises. He holds a BSc. in Applied Mathematics and an MSc. in Computer Science from the University of Calgary. He developed control system software products…

Read more →