Tag: Help Net Security

For July 2024 Patch Tuesday, Microsoft has released security updates and patches that fix 142 CVEs, including two exploited zero-days (CVE-2024-38080, CVE-2024-38112) in Windows Hyper-V and Windows MSHTML Platform (respectively). Zero-days exploited in the wild (CVE-2024-38080, CVE-2024-38112) CVE-2024-38080 is a…

Read more →

Optiv has launched its managed detection and response service, Optiv MDR, on the Google Security Operations (SecOps) platform, enabling organizations to detect and respond to emerging threats with managed threat detection and response capabilities. Cybersecurity remains a top concern for…

Read more →

AttackIQ has introduced a new functionality for enterprise customers – AttackIQ Mission Control. AttackIQ Mission Control enhances AttackIQ Enterprise BAS deployments within large organizations, streamlining security testing for distributed teams. As the use of the BAS platforms by large organizations…

Read more →

Skillsoft announced a comprehensive generative AI (GenAI) skilling program developed in collaboration with Microsoft. Leveraging Skillsoft’s AI Skill Accelerator, the program upskills organizations and their workforce to effectively use Microsoft AI — including Copilot and Azure Open AI — and…

Read more →

A new critical security vulnerability in the RADIUS protocol, dubbed BlastRADIUS, leaves most networking equipment open to Man-in-the-Middle (MitM) attacks. While the vulnerability can be difficult to exploit, the possible impact of an exploit is substantial. What’s at stake? To…

Read more →

Lookout discovered GuardZoo, Android spyware targeting Middle Eastern military personnel. This campaign leverages malicious apps with military and religious themes to lure victims via social engineering on mobile devices. While researchers are still actively analyzing data, thus far, they have…

Read more →

Chinese state-sponsored cyber group APT40 is amazingly fast at adapting public proof-of-concept (PoC) exploits for vulnerabilities in widely used software, an advisory released by intelligence and cybersecurity agencies from eight countries warns. The group, which is also known as Kryptonite…

Read more →

Stellar Cyber announced that the Stellar Cyber Open XDR platform now supports “Bring Your Own Data Lake” (BYODL). This seamless integration allows organizations that have standardized their data storage framework on Splunk, Snowflake, Elastic, or AWS security data lake, or…

Read more →

Egnyte launched Egnyte Copilot, its AI-driven assistant designed to accelerate and transform enterprise content collaboration. Egnyte Copilot enables Egnyte customers to start engaging in AI-powered conversations with their own private and trusted data through a simple, turnkey solution while keeping…

Read more →

Align adds a new exfiltration prevention feature to its Align Guardian Managed Detection and Response offering, powered by Adlumin. This innovation is designed to detect and stop attackers from exfiltrating data, providing a defense against modern ransomware tactics that employ…

Read more →

Outpost24 announced the appointment of Ido Erlichman as its new CEO, effective immediately. With over 20 years of experience in cyber security, technology and finance, Erlichman will bring a wealth of knowledge and a proven track record of leadership and…

Read more →

In this Help Net Security interview, Koma Gandy, VP of Leadership and Business at Skillsoft, addresses the critical aspects of the cybersecurity skills gap, the need for diverse talent and continuous upskilling in areas like AI and cloud computing. Gandy…

Read more →

Microsoft is suffering cybersecurity failures due to systemic problems with strategic leadership. The world is witnessing an alarming trend of cybersecurity issues with Microsoft products and services. Over the past several years, Microsoft has suffered several serious attacks with cloud…

Read more →

Shadow engineering is present in many organizations, and it can lead to security, compliance, and risk challenges. In this Help Net Security video, Darren Meyer, Staff Research Engineer at Endor Labs, discusses why it causes issues and how it should…

Read more →

TeamViewer, the company developing the popular remote access/control software with the same name, has finished the investigation into the breach it detected in late June 2024, and has confirmed that it was limited to their internal corporate IT environment. “Neither…

Read more →

A cryptographic weakness in the DoNex ransomware and its previous incarnations – Muse, fake LockBit 3.0, and DarkRace – has allowed Avast researchers to create a decryptor for files encrypted by all those ransomware variants. DoNex ransom note (Source: Avast)…

Read more →

The US celebrated Independence Day last week, providing many with a long weekend leading into patch week. With summer vacations underway, many developers must be out of the office because June was fairly quiet regarding software updates. This included June…

Read more →

In this Help Net Security interview, Rob Greer, VP and GM of the Enterprise Security Group at Broadcom, discusses the impact of nation-state cyber attacks on public sector services and citizens, as well as the broader implications for trust and…

Read more →

Monocle is open-source tooling backed by a large language model (LLM) for performing natural language searches against compiled target binaries. Monocle can be provided with a binary and search criteria (authentication code, vulnerable code, password strings, etc.), and it will…

Read more →

An estimated 4 million professionals are needed to fill the growing cybersecurity workforce gap, according to Fortinet. At the same time, Fortinet’s 2024 Global Cybersecurity Skills Gap Report found that 70% of organizations indicated that the cybersecurity skills shortage creates…

Read more →