Tag: Help Net Security

With more voters than ever in history heading to the polls in 2024, Resecurity has identified a growing trend of malicious cyber-activity targeting sovereign elections globally. In an era of unprecedented geopolitical volatility, this trend is particularly concerning, as Time…

Read more →

Sigma Defense Systems launched Sigma Software Studio, a DevSecOps platform poised to revolutionize software development for the DoD and government agencies. Rooted in Sigma’s collaboration with PEO Digital and Black Pearl, Sigma Software Studio, is a DevSecOps platform designed for…

Read more →

Nucleus Security has announced it has secured $43 million in Series B funding led by Arthur Ventures and Lead Edge Capital. This milestone marks a significant leap forward in the company’s mission to redefine how enterprises manage risk exposure from…

Read more →

Hackers are actively exploiting a vulnerability (CVE-2024-21893) in Ivanti Connect Secure, Policy Secure and Neurons for ZTA to inject a “previously unknown and interesting backdoor” dubbed DSLog. CVE-2024-21893 patches and exploitation Ivanti disclosed CVE-2024-21893 – a server-side request forgery (SSRF)…

Read more →

CVE-2023-43770, a vulnerability in the Roundcube webmail software that has been fixed in September 2023, is being exploited by attackers in the wild, CISA has warned by adding the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. About CVE-2023-43770 Roundcube…

Read more →

In this Help Net Security interview, Mick Baccio, Staff Security Strategist at Splunk SURGe, discusses the future of cybersecurity, emphasizing the importance of data analytics and automation in addressing evolving threats. He points out the changes in threat tactics, the…

Read more →

Generative AI based on large language models (LLMs) has become a valuable tool for individuals and businesses, but also cybercriminals. Its ability to process large amounts of data and quickly generate results has contributed to its widespread adoption. AI in…

Read more →

Basically, DLP systems are aimed at prevention of data leaks, and in real-life mode they monitor and block (if required) transmitting of confidential data. However, the traditional approach to DLP system isn’t sufficient. That’s why SearchInform offers the next-gen platform…

Read more →

In this Help Net Security video, Andrew Costis, Chapter Lead of the Adversary Research Team at AttackIQ, discusses how purple teaming allows security teams to break down barriers between teams and increase operational effectiveness. It’s no longer about team red…

Read more →

QR code attacks, or “quishing” attacks, have emerged as a popular tactic among cybercriminals, with no signs of slowing down, according to Abnormal Security. Although phishing emails have grown in sophistication over time, the end goal has stayed the same:…

Read more →

Fortinet has patched critical remote code execution vulnerabilities in FortiOS (CVE-2024-21762, CVE-2024-23313), one of which is “potentially” being exploited in the wild. The exploitation-in-the-wild has been confirmed by CISA, by adding it to its Known Exploited Vulnerabilities (KEV) catalog, though…

Read more →

OneTrust announced its newest platform features that make it easier for customers to govern their use of AI and accelerate AI innovation, ensure the responsible use of data across the entire data lifecycle, and achieve compliance program efficiency through enhanced…

Read more →

While most organizations focus cybersecurity efforts on fortifying their networks, the mobile devices connected to them often remain vulnerable. In addressing this gap, the Center for Internet Security (CIS) introduces CIS Endpoint Security Services (ESS) Mobile, a tailored solution offered…

Read more →

Bugcrowd has secured $102 million in strategic growth funding to scale its AI-powered crowdsourced security platform offerings globally. Led by General Catalyst, with participation from longtime existing investors Rally Ventures and Costanoa Ventures, this funding round underscores investor confidence in…

Read more →

Visa announced extended digital wallet capabilities within Visa Commercial Pay, a suite of B2B payment solutions built in partnership with Conferma Pay to revolutionize how businesses manage transactions globally. The innovation enables financial institutions to add virtual corporate cards into…

Read more →

Files encrypted by Rhysida ransomware can be successfully decrypted, due to a implementation vulnerability discovered by Korean researchers and leveraged to create a decryptor. About Rhysida Rhysida is a relatively new ransomware-as-a-service gang that engages in double extortion. First observed…

Read more →

In this Help Net Security interview, Yaron Edan, CISO at REE Automotive, discusses the cybersecurity landscape of the automotive industry, mainly focusing on electric and connected vehicles. Edan highlights the challenges of technological advancements and outlines strategies for automakers to…

Read more →

As we enter 2024, ransomware remains the most significant cyberthreat facing businesses, according to Malwarebytes. Malwarebytes reveals that the United States accounted for almost half of all ransomware attacks in 2023. “Small and medium-sized organizations face a deluge of cyber…

Read more →

In this Help Net Security video, Andy Thompson, Offensive Cybersecurity Research Evangelist at CyberArk, discusses the dire consequences of hacking water systems and why their cybersecurity must be prioritized. From contaminating water supplies to disrupting essential services, the impact of…

Read more →

SiCat is an open-source tool for exploit research designed to source and compile information about exploits from open channels and internal databases. Its primary aim is to assist in cybersecurity, enabling users to search the internet for potential vulnerabilities and…

Read more →