Tag: Help Net Security

2023 has been marked as a year of global conflict and unrest, all of which will impact the cyber threat landscape for years to come. However, one of the most significant cyber security developments for 2024 isn’t driven by attackers.…

Read more →

In this Help Net Security interview, Wolfgang Goerlich, Advisory CISO at Cisco, discusses the benefits of implementing a mature zero-trust model for both security and business outcomes, revealing a decrease in reported security incidents and enhanced adaptability. Goerlich emphasizes the…

Read more →

Recent IDC research shows that in many cases, senior executives/line-of-business leaders are minimally engaged in their company’s cyber preparedness initiatives. In fact, 52% of senior leaders have no involvement in their company’s cyber cases. In this Help Net Security video,…

Read more →

Vigil is an open-source security scanner that detects prompt injections, jailbreaks, and other potential threats to Large Language Models (LLMs). Prompt injection arises when an attacker successfully influences an LLM using specially designed inputs. This leads to the LLM unintentionally…

Read more →

Lacework has released a generative artificial intelligence (AI) assistant that gives enterprise customers a new way to engage with the Lacework platform by providing customized context to investigate and remediate proactive and reactive alerts. This capability extends the impact of…

Read more →

Entrust is launching a new digital account opening solution to enable banks and credit unions with a secure, convenient digital onboarding experience. “Entrust is working to redefine the customer experience in the banking industry,” said Tony Ball, President, Payments and…

Read more →

Armis has unveiled the availability of version 23.3 of the Armis Centrix platform. New enhanced integrations, utilizing Armis’ AI Asset Intelligence Engine, enhances organizations’ ability to strategically combine comprehensive data and sophisticated intelligence to efficiently drive key security processes and…

Read more →

Slovenian power generation company Holding Slovenske Elektrarne (HSE) has been hit by ransomware and has had some of its data encrypted. The attack HSE is a state-owned company that controls numerous hydroelectric, thermal and coal-fired power plants. The company has…

Read more →

A design flaw in Google Workspace’s domain-wide delegation feature, discovered by Hunters’ Team Axon, can allow attackers to misuse existing delegations, enabling privilege escalation and unauthorized access to Workspace APIs without Super Admin privileges. Such exploitation could result in the…

Read more →

Armory announced a new unified declarative deployment capability for AWS Lambda. This innovation streamlines deployment workflows by enabling the configuration of Lambda deployments through the same interface used for Kubernetes. Historically, DevOps teams have had to use separate tools and…

Read more →

Trend Micro has announced the addition of cloud risk management to its flagship cybersecurity platform. The new service drives business value by enabling organizations to consolidate their cybersecurity efforts and achieve a complete view of cloud security risks across hybrid…

Read more →

Sumo Logic announced a number of new innovations and updates that help users accelerate troubleshooting and security across AWS environments, within a span of minutes and a few clicks. Digital transformation and cloud initiatives are creating complexity for organizations, with…

Read more →

Paladin Cloud unveiled its new Prioritization Engine for Cloud Security to help security and developer teams reduce the noise by correlating and contextualizing findings across the security ecosystem to enhance the prioritization of vulnerabilities. Early customer adoption across financial services,…

Read more →

Datadog added identity, vulnerability and app-level findings to Security Inbox. This provides engineers with one actionable view to improve security posture, without any additional overhead or friction. With these new features, Datadog shifts cloud security earlier in the software development…

Read more →

IBM announced that it has been working with AWS on the general availability of Amazon Relational Database Service (Amazon RDS) for Db2, a fully managed cloud offering designed to make it easier for database customers to manage data for AI…

Read more →

Attackers are trying to exploit a critical information disclosure vulnerability (CVE-2023-49103) in ownCloud, a popular file sharing and collaboration platform used in enterprise settings. Greynoise and SANS ISC say attemps have been first spotted over the weekend, though Dr. Johannes…

Read more →

Law enforcement and judicial authorities from seven countries have joined forces with Europol and Eurojust to dismantle and apprehend in Ukraine key figures behind significant ransomware operations. On 21 November, 30 properties were searched in the regions of Kyiv, Cherkasy,…

Read more →

“Malware free” attacks, attackers’ increased reliance on legitimate tools and scripting frameworks, and BEC scams were the most prominent threats small and medium businesses (SMBs) faced in Q3 2023, says the inaugural SMB Threat Report by Huntress, a company that…

Read more →

AWS announced Amazon One Enterprise, a palm-based identity service for comprehensive and easy-to-use authentication that improves organizational security and helps prevent costly security breaches. The new service enables organizations to provide a fast, convenient, and contactless experience for employees and…

Read more →

As 2024 is rounding the corner, many companies are making a fresh start with a new cybersecurity budget. But with the growing number of cyberattacks and their increasingly complex nature, even those companies whose cybersecurity budgets have gone up for…

Read more →