Tag: Help Net Security

White Phoenix is a free ransomware recovery tool for situations where files are encrypted with intermittent encryption. It was tested on BlackCat/ALPHV Ransomware, Play Ransomware, Qilin/Agenda Ransomware, BianLian Ransomware, and DarkBit. Intermittent encryption occurs when ransomware chooses not to encrypt…

Read more →

The newest version of the vulnerability scoring system CVSS 4.0 is here! After a lengthy gap between version 3 (released in 2015), as of November 2023 version 4.0 is officially live. Building iteratively on version 3 there are a few…

Read more →

In this Help Net Security interview, Stephanie Hagopian, VP of Security at CDW, discusses offensive strategies in the face of complex cyberattacks and the role of the zero-trust model. The conversation also covers the essential steps for a reactive cybersecurity…

Read more →

According to a recent Dynatrace report, only 50% of CISOs believe that development teams have thoroughly tested the software for vulnerabilities before deploying it into the production environment. This is a statistic that needs to change and the only way…

Read more →

Increasing complexity, the rapid adoption of emerging technologies and a growing skills gap are the biggest concerns facing IT leaders in 2024, according to Redgate. 30% of development teams now deploy database changes to production in a day or less,…

Read more →

Ransomware attacks are increasing again as cybercriminals’ motivation shifts to data exfiltration, according to Delinea. The familiar tactics of crippling a company and holding it hostage have been replaced by new strategies that use stealth to exfiltrate private and sensitive…

Read more →

Siren has launched a new AI-Powered search with mobile access as part of its latest release and its Siren for Law Enforcement product bundle. Siren provides a complete suite of investigation tools for contemporary challenges such as police vetting, “Smash…

Read more →

Organizations today face a relentless pace of sophisticated cyber attacks that they must be able to swiftly detect and neutralize to keep their assets and infrastructure safe. But many lack the time and resources to pull this off. To help…

Read more →

NordVPN launches its new experimental product from the NordLabs platform. Link Checker is a manual URL-checking tool that enables users to examine a website’s safety before visiting by scanning it for different types of malware and getting a notification about…

Read more →

Less than two weeks after having plugged a security hole that allows account takeover without user interaction, GitLab Inc. has patched a critical vulnerability (CVE-2024-0402) in GitLab CE/EE again and is urging users to update their installations immediately. GitLab Inc.…

Read more →

HaystackID announced the expansion of its Protect Analytics AI Suite of AI enabled services designed to enhance the efficiency and effectiveness of identifying, analyzing, and reporting on sensitive information within large, unstructured datasets. The enhanced suite featuring Protect Analytics AI…

Read more →

Qualys announced that it is expanding its partnership with Orange Cyberdefense. This expansion signifies that Qualys’ capabilities such as Vulnerability Management, Detection and Response (VMDR) will be included in Orange Cyberdefense’s managed Vulnerability Intelligence Service. The expanded collaboration will give…

Read more →

Faction is an open-source solution that enables pentesting report generation and assessment collaboration. Josh Summitt, the creator of Faction, has always disliked the process of writing reports, preferring to focus on uncovering bugs. A key frustration for him was the…

Read more →

A new user is signing up for a SaaS application. On the one hand, UX teams want that user to get into the app as quickly as possible. On the other hand, security teams want the user to strongly validate…

Read more →

In this Help Net Security video, Yochai Corem, CEO of Cyberint, explores the ransomware environment’s development, effects, and emerging patterns throughout the previous year. 2023 marked a historic high for ransomware groups, with a 55.5% increase in attacks, reaching 4,368…

Read more →

Despite stringent regulations and calls for ‘security by design’, organizations are still failing to equip teams with the knowledge to secure code, according to Security Journey. In fact, only 20% of respondents were confident in their ability to detect a…

Read more →

To manage an environment of increasing risks and limited resources, healthcare internal audit and compliance departments must align their risk assessments and audit work plans to areas most vital to achieving the strategic goals and business objectives of their organizations,…

Read more →

Dynatrace announced it signed a definitive agreement to acquire Runecast, a provider of AI-powered security and compliance solutions. Adding Runecast to the Dynatrace platform will extend Dynatrace contextual security protection and analytics with Runecast security posture management. This will enable…

Read more →

Juniper Networks announced an AI-Native Networking Platform, purpose-built to leverage AI to assure the best end-to-end operator and end-user experiences. Trained on seven years of insights and data science development, Juniper’s AI-Native Networking Platform was designed from the ground up…

Read more →

Several proof-of-concept (PoC) exploits for a recently patched critical vulnerability (CVE-2024-23897) in Jenkins has been made public and there’s evidence of exploitation in the wild. About CVE-2024-23897 Jenkins is a widely used Java-based open-source automation server that helps developers build,…

Read more →