Tag: Help Net Security

This article includes excerpts from various reports that provide statistics and insights on cybersecurity jobs, skills shortages, and workforce dynamics. Lack of skills and budget slow zero-trust implementation Entrust | 2024 State of Zero Trust & Encryption Study | May…

Read more →

The European Union’s GDPR policy came into effect six years ago. Since then, it has become widely regarded as the standard for data sharing, but the rise of new technology has questioned its suitability and relevance. In this Help Net…

Read more →

85% of managed service and security providers face significant challenges maintaining compliance for customers, with lack of resources, expertise, or technology cited as the most common roadblocks to offering managed compliance, according to Apptega. That being said, the survey also…

Read more →

KELA launched the Third-Party Risk Management (TPRM) module, fully integrated into its threat intelligence platform. This new offering is specifically designed to strengthen organizational defenses by focusing on software supply chain risks. KELA’s TPRM module stands out in the market…

Read more →

Compliance Scorecard has unveiled the latest version of its Compliance-as-a Service (CaaS) platform. The updated platform now includes advanced risk management tools, improved asset management capabilities, and new compliance reporting methods designed to help MSPs strengthen their cybersecurity service offerings…

Read more →

DataBee, from Comcast Technology Solutions, announced new capabilities in its DataBee Hive security, risk and compliance data fabric platform. DataBee EntityViews, powered by a patent-pending entity resolution technology, introduces automated detection chaining that improves threat hunting, security detection fidelity, and…

Read more →

LendingTree subsidiary QuoteWizard and automotive parts provider Advance Auto Parts have been revealed as victims of attackers who are trying to sell data stolen from Snowflake-hosted cloud databases. Snowflake says that their investigation is still ongoing, but continues to stand…

Read more →

Entrust launched Citizen Identity Orchestration solution. Governments now can streamline the delivery of public services through secure digital identities, embedding trust in every citizen interaction. The innovative and modular solution from Entrust launches as governments worldwide experience increasing demands for…

Read more →

Radare is an open-source UNIX-like reverse engineering framework and command-line toolset. It can be scripted, modified, and used for batch analysis. “I started the project in 2006 when I was working as a forensic analyst, and I wrote a simple…

Read more →

With its capability to analyze, predict, and automate, AI stands to reshape many corners of business, most notably cybersecurity. In the field of vulnerability management specifically, AI is poised to have a profound impact, enhancing two key areas: Providing quicker…

Read more →

75% of security professionals had to change their cybersecurity strategy in the last year due to the rise in AI-powered cyber threats, with 73% expressing a greater focus on prevention capabilities, according to Deep Instinct. Additionally, 97% of respondents are…

Read more →

CISOs who elevate response and recovery to equal status with prevention are generating more value than those who adhere to outdated zero tolerance for failure mindsets, according to Gartner. “Each new cybersecurity disruption exposes the fact that CISOs manage more…

Read more →

In this Help Net Security video round-up, security experts discuss various aspects of identity verification and security, including generative AI’s impact, the state of identity fraud prevention, and the potential impact of identity challenges on the security sector. Complete videos…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: High-risk Atlassian Confluence RCE fixed, PoC available (CVE-2024-21683) If you’re self-hosting an Atlassian Confluence Server or Data Center installation, you should upgrade to the latest…

Read more →

The insistent public complaints and proof-of-concept tools have have borne fruit: Microsoft has realized that the security of its recently previewed Windows Recall feature leaves much to be desired, and has announced important changes. About Windows Recall A few weeks…

Read more →

SolarWinds has fixed a high-severity vulnerability (CVE-2024-28995) affecting its Serv-U managed file transfer (MFT) server solution, which could be exploited by unauthenticated attackers to access sensitive files on the host machine. About CVE-2024-28995 Serv-U MFT Server is a widely used…

Read more →

May 2024 Patch Tuesday was unusual because we had security updates from Adobe, Apple, Google, Mozilla, and Microsoft on the same day. While individually from each vendor, the updates weren’t that large, managing them together was more challenging. On the…

Read more →

Ransomware remains an ongoing threat for organizations and is the largest single cause of IT outages and downtime as 41% of data is compromised during a cyberattack, according to Veeam. “Ransomware is endemic, impacting 3 out of 4 organizations in…

Read more →

CISA’s late April AI and infrastructure guidelines address 16 sectors along with their cybersecurity needs and operations concerning the growth of AI as a tool to build both federal and vendor cybersecurity infrastructure in the federal marketplace. In this Help…

Read more →

26% of organizations don’t provide IT security training to end-users, according to Hornetsecurity. The Hornetsecurity survey, which compiled feedback from industry professionals worldwide, also reveals that 8% of organizations offer adaptive training that evolves based on the results of regular…

Read more →