Tag: Help Net Security

Kinsing threat actors have been spotted exploiting the recently disclosed Looney Tunables (CVE-2023-4911) vulnerability to covertly install cryptomining software into cloud-native environments. Kinsing (aka Money Libra) is a threat actor group that has been active since late 2021, targeting cloud-native…

Read more →

Cyber threat maps are one of the most visually engaging tools in the arsenal of cybersecurity professionals. These real-time visualizations provide a global perspective on digital threats, showcasing the intensity and frequency of attacks as they happen. This article lists…

Read more →

Consumers are concerned about their privacy with AI. Cisco discovered that 60% had lost trust in organizations due to their AI use. In this Help Net Security video, Robert Waitman, Director of Cisco’s Privacy Center of Excellence, discusses consumers’ perceptions…

Read more →

Targeted at the DevSecOps practitioner or platform engineer, Kubescape, the open-source Kubernetes security platform has reached version 3.0. Vulnerability scan results Kubescape 3.0 features Kubescape 3.0 adds new features that make it easier for organizations to secure their Kubernetes clusters,…

Read more →

Cryptography is largely taken for granted – rarely evaluated or checked – a practice that could have devastating consequences for businesses as attack surfaces continue to expand, the cost of a data breach rises year-over-year, and the age of quantum…

Read more →

The number of ransomware attacks (successful and unsuccessful) has doubled over the past two years, from 43 on average in 2021 to 86 in 2023, according to Akamai. Security organizations have responded to the recent rise in ransomware attacks by…

Read more →

Active Directory is a prime target for threat actors, and companies must act now to eliminate it as a threat vector permanently. Read the e-book to review: Active Directory (AD) and what it provides Threats and how to keep hackers…

Read more →

Palo Alto Networks has entered into a definitive agreement to acquire Talon Cyber Security, a pioneer of Enterprise Browser technology. Talon’s Enterprise Browser provides a solution that, combined with Prisma SASE, will enable users to securely access business applications from…

Read more →

Beyond Identity released the Okta Defense Kit, a duo of two preventative tools to help security and identity professionals identify and prevent security vulnerabilities, including those that contributed to recent breaches of the identity management service Okta. Okta has been…

Read more →

Red Hat has introduced Red Hat Device Edge, which offers a consistent platform designed for resource-constrained environments that necessitate small form-factor computing at the device edge. This includes Internet of Things (IoT) gateways, industrial controllers, smart displays, point-of-sale terminals, vending…

Read more →

MITRE and Microsoft have added a data-driven generative AI focus to MITRE ATLAS, a community knowledge base that security professionals, AI developers, and AI operators can use as they protect AI-enabled systems. This new framework update and associated new case…

Read more →

Wing Cloud, the company behind the open source programming language Winglang that works across all clouds, enhances their container support with the ‘Wing Simulator’ that enables developers to build and test their containerized applications locally. The Wing Simulator enables local…

Read more →

RedSense released RedSense Compromised Credential Services 2.0. The new services include RedSense Credential Alert and RedSense Credential Investigator. RedSense has pioneered the use of AI to optimize stolen credential discovery on the dark web ensuring clients always have the most…

Read more →

The recent breach of the Okta Support system was carried out via a compromised service account with permissions to view and update customer support cases. “During our investigation into suspicious use of this account, Okta Security identified that an employee…

Read more →

Silobreaker unveiled plans for its new generative AI tool, Silobreaker AI, which will provide assistance to threat intelligence teams tasked with collecting, analysing and reporting on intelligence requirements. With Silobreaker AI, analysts will be able to accelerate the production of…

Read more →

Android VPN apps that have gone through an independent security validation will now be able to claim that distinction on Google Play with a prominent badge in their Data Safety section. “We’ve launched this banner beginning with VPN apps due…

Read more →

Threat actors are trying to exploit CVE-2023-22518, a critical Atlassian Confluence flaw that allows unauthenticated attackers to reset vulnerable instances’ database, Greynoise is observing. The Shadowserver Foundation has also seen 30+ IP addresses testing for the flaw in internet-facing Confluence…

Read more →

In this Help Net Security interview, Sarah Pearce, Partner at Hunton Andrews Kurth, offers insights into the evolving landscape of AI legislation and its global impact. Pearce explores key principles, public participation, the future of AI laws in a world…

Read more →

Password health and hygiene improved globally over the past year, reducing the risk of account takeover for consumers and businesses, according to Dashlane. Password reuse remains prevalent, however, leaving user accounts particularly vulnerable to password-spraying attacks if they’re not protected…

Read more →

Two groups in particular play a key and critical role in ensuring data governance and security: the CISO and the CDO. CISOs are responsible for identifying and managing risks associated with data security, while CDOs are responsible for ensuring data…

Read more →