Tag: Help Net Security

GMO GlobalSign announced the rebranding of the company’s certificate automation product, Automated Enrollment Gateway (AEG), to Certificate Automation Manager. The renamed solution reflects the greatly increased capabilities introduced over the years to meet the shifts taking place across the digital…

Read more →

A convincing phishing page and some over-the-phone social engineering allowed a group of crooks to steal over $37 million from unlucky Coinbase Pro users. One of them – Chirag Tomar, a 30-year-old citizen of the Republic of India – has…

Read more →

Horizon3.ai researches have released proof-of-concept (PoC) exploits for CVE-2024-23108 and CVE-2023-34992, vulnerabilities that allow remote, unauthenticated command execution as root on certain Fortinet FortiSIEM appliances. CVE confusion FortiSIEM helps customers build an inventory of their organization’s assets, it aggregates logs…

Read more →

Dashlane unveiled Dashlane Nudges, a new automated tool to empower admins to proactively create a more security-conscious workforce and drive better credential security behavior across their organization, reducing the risk of credential theft. Compromised credentials continue to be at the…

Read more →

Transcend raised $40 million in Series B funding led by new investor StepStone Group, with participation from HighlandX and existing investors Accel, Index Ventures, 01 Advisors (01A), Script Capital, and South Park Commons. This brings the total raised to nearly…

Read more →

Cyber risk management has many components. Those who do it well will conduct comprehensive risk assessments, enact well-documented and well-communicated processes and controls, and fully implemented monitoring and review requirements. Processes and controls typically comprise policies, which will include detailed…

Read more →

RansomLord is an open-source tool that automates the creation of PE files, which are used to exploit ransomware pre-encryption. “I created RansomLord to demonstrate ransomware is not invincible, has vulnerabilities and its developers make mistakes and can write bad code…

Read more →

Cloud Security Engineer – Secret Clearance Required Constellation West | USA | Remote – View job details As a Cloud Security Engineer, you will establish, execute, and sustain an ISSP A&A capability that ensures the security of all information technology…

Read more →

This article includes excerpts from various reports that provide statistics and insights on GenAI and its impact on businesses. CEOs accelerate GenAI adoption despite workforce resistance IBM | IBM study | May 2024 63% of CEOs say their teams have…

Read more →

Tonic.ai launched secure data lakehouse for LLMs, Tonic Textual, to enable AI developers to seamlessly and securely leverage unstructured data for retrieval-augmented generation (RAG) systems and large language model (LLM) fine-tuning. Tonic Textual is an all-in-one data platform designed to…

Read more →

To secure emerging SaaS attack surfaces, Adaptive Shield has extended the capabilities of its SaaS Security Posture Management (SSPM) unified platform to cover complex Permissions and Shared Data. “SaaS security impacts the entire organization, affecting security teams, auditors and app…

Read more →

Attackers are trying to gain access to Check Point VPN devices via local accounts protected only by passwords, the company has warned on Monday. Their ultimate goal is to use that access to discover and pivot to other enterprise assets…

Read more →

In this Help Net Security interview, Ken Gramley, CEO at Stamus Networks, discusses the primary causes of alert fatigue in cybersecurity and DevOps environments. Alert fatigue results from the overwhelming volume of event data generated by security tools, the prevalence…

Read more →

CISOs have long been spreadsheet aficionados, soaking up metrics and using them as KPIs for security progress. These metrics have traditionally measured specific systems or single indicators — vulnerabilities detected, percentage of vulnerabilities patched, software and hardware asset inventory coverage,…

Read more →

In this Help Net Security video, Tom Gorup, VP of Security Services at Edgio, discusses the continually changing threat landscape. It is riddled with vulnerabilities that are frequently exploited and only intensify as geopolitics and state-sponsored activity increase. Key highlights…

Read more →

Although the goals and challenges of IT and security professionals intersect, 72% report security data and IT data are siloed in their organization, which contributes to corporate misalignment and elevated security risk, according to Ivanti. Leadership plays a crucial role…

Read more →

Incident response today is too time consuming and manual, leaving organizations vulnerable to damage due to their inability to efficiently investigate and respond to identified threats, according to Cado Security. The incident response challenge is further complicated as enterprises rapidly…

Read more →

Detectify announced a new Domains page and major improvements to existing capabilities for setting custom attack surface policies. These updates bring control over attack surface data and enable organizations to seamlessly configure alerts for policy breaches based on their unique…

Read more →

While fears of cyber attacks continue to rise, CISOs demonstrate increasing confidence in their ability to defend against these threats, reflecting a significant shift in the cybersecurity landscape, according to Proofpoint. CISOs’ confidence is growing despite fear of cyber attacks…

Read more →

Chronon is an open-source, end-to-end feature platform designed for machine learning (ML) teams to build, deploy, manage, and monitor data pipelines for machine learning. Chronon enables you to harness all the data within your organization, including batch tables, event streams,…

Read more →