The high number of attacks on IoT devices represents a 400% increase in malware compared to the previous year, according to Zscaler. The increasing frequency of malware attacks targeting IoT devices is a significant concern for OT security, as the…
Tag: Help Net Security
New infosec products of the week: October 27, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Darktrace, Data Theorem, Jumio, Malwarebytes, Progress, and Wazuh. Progress Flowmon ADS 12.2 AI offers advanced security event monitoring Flowmon ADS 12.2 harnesses the power of…
Raven: Open-source CI/CD pipeline security scanner
Raven (Risk Analysis and Vulnerability Enumeration for CI/CD) is an open-source CI/CD pipeline security scanner that makes hidden risks visible by connecting the dots across vulnerabilities woven throughout the pipeline that, when viewed collectively, reveal a much greater risk than…
Apple news: iLeakage attack, MAC address leakage bug
On Wednesday, Apple released security updates for all supported branches of iOS and iPadOS, macOS, tvOS, watchOS and Safari. This time around, the updates did not garner as much attention as when they deliver a zero-day fix, though it has…
Humans are still better than AI at crafting phishing emails, but for how long?
Humans are still better at crafting phishing emails compared to AI, but not by far and likely not for long, according to research conducted by IBM X-Force Red. Creating phishing emails: Humans vs. AI The researchers wanted to see whether…
Progress Flowmon ADS 12.2 AI offers advanced security event monitoring
Progress has unveiled the latest release of its network anomaly detection system, Progress Flowmon ADS. Flowmon ADS 12.2 harnesses the power of artificial intelligence (AI) to provide an advanced and holistic view of detected security events, empowering cybersecurity professionals to…
Darktrace/Cloud solution based on self-learning AI provides cyber resilience for cloud environments
Darktrace unveiled a new Darktrace/Cloud solution based on its self-learning AI. The new solution provides comprehensive visibility of cloud architectures, real-time cloud-native threat detection and response, and prioritized recommendations and actions to help security teams manage misconfigurations and strengthen compliance.…
Cado Security launches Cloud Incident Readiness Dashboard for proactive response
Cado Security has unveiled Cado’s Incident Readiness Dashboard. This new dashboard provides the ability to proactively run readiness checks, see readiness trends over time, and identify issues that could prevent the organization from rapidly responding to active threats. “The reality…
At-Bay Stance MDR improves cyber resilience for SMBs
At-Bay launched At-Bay Stance Managed Detection and Response (At-Bay Stance MDR), a new MDR solution designed to help emerging and mid-sized businesses advance their security defenses and threat preparedness in light of rising cyber crime rates. By analyzing its claims…
LiveAction updates LiveWire to provide visibility for NetOps and SecOps teams
LiveAction has released the latest LiveWire updates, enhancing network visibility, empowering SecOps and NetOps teams, and boosting packet analysis capabilities. This latest release delivers three major advancements: Do more: the new LiveWire upgrade allows customers to literally see more traffic,…
runZero unveils CAASM Platform for IT and OT visibility
runZero has unveiled the availability of of their new runZero Platform, which introduces a number of new features, most notably the addition of native passive discovery. This functionality positions runZero as the CAASM (cyber asset attack surface management) solution to…
Critical JetBrains TeamCity vulnerability could be exploited to launch supply chain attacks (CVE-2023-42793)
Software development firm JetBrains has fixed a critical vulnerability (CVE-2023-42793) in its TeamCity continuous integration and continuous delivery (CI/CD) solution, which may allow authenticated attackers to achieve remote code execution and gain control of the server. “As of September 25,…
Transposit On-Call enables users to handle incidents from alert to resolution
Transposit announced new on-call capabilities in its end-to-end incident management platform. Transposit On-Call reimagines how platform teams, SREs, on-call engineers, and customer support teams handle incidents from alert to resolution — whether they’re seasoned pros or just getting started. Effective…
T-Mobile SASE protects corporate networks, applications and data
T-Mobile introduced T-Mobile SASE, a network management and ZTNA (Zero Trust Network Access) platform that helps customers securely connect employees, systems and endpoints to remote networks, corporate applications and resources. Not only is it the first SIM-based SASE solution, it’s…
5 free vulnerability scanners you should check out
Vulnerability scanners delve into systems to uncover security gaps. The primary mission? To fortify organizations against breaches and shield sensitive data from exposure. Beyond merely pinpointing weaknesses, vulnerability scanning is a proactive measure to anticipate potential attacker entry points. The…
Are developers giving enough thought to prompt injection threats when building code?
With National Coding Week behind us, the development community has had its annual moment of collective reflection and focus on emerging technologies that are shaping the industry. Among these, large language models (LLMs) and “generative AI” have become a cornerstone…
Cybersecurity skills employers are desperate to find in 2023
The surge in digital economic growth and our increasing dependence on it make cybersecurity a critical profession. In this Help Net Security video, Aaron Rosenmund, Director of Security Research and Curriculum, Pluralsight, discusses the most sought-after cybersecurity skills in today’s…
MITRE ATT&CK project leader on why the framework remains vital for cybersecurity pros
MITRE ATT&CK, a common language for cybersecurity professionals to communicate with each other and better understand real-world adversary behaviors, celebrates its 10th anniversary this fall. In this Help Net Security interview, project leader Adam Pennington discusses the framework, how defenders…
IT workers see generative AI as a serious threat to their profession
While many IT workers see the productivity benefits of AI, 56% believe it benefits employers more than employees, according to Ivanti. Additionally, 63% are concerned generative AI tools might take their job in the next five years compared to 44%…
Fraud prevention forces scammers to up their game
The risk of falling victim to fraud is a constant concern for individuals, businesses, and organizations alike. As technology evolves, so too do the methods employed by fraudsters, making fraud prevention an increasingly critical and complex endeavor. In this Help…