Tag: Help Net Security

Cybercriminals still prefer targeting open remote access products, or like to leverage legitimate remote access tools to hide their malicious actions, according to WatchGuard. “Threat actors continue using different tools and methods in their attack campaigns, making it critical for…

Read more →

In this Help Net Security interview, Mike Regan, VP of Business Performance at TIA, discusses SCS 9001 Release 2.0, a certifiable standard crafted to assist organizations in operationalizing the NIST and other government guidelines and frameworks. Enhancing its predecessor, the…

Read more →

As an IT professional, you understand the value of automation, and like many IT experts, you may approach it with a mix of excitement and apprehension. Automation is a powerful tool for streamlining processes, reducing manual tasks, and enhancing efficiency…

Read more →

With its innovative feature for generating reliable Vulnerability Exploitability eXchange (VEX) documents, Kubescape became the first open-source project to provide this functionality. This advancement offers security practitioners a powerful tool to effectively prioritize and address software vulnerabilities. What is Vulnerability…

Read more →

Trustmi released Trustmi Certify, a critical innovation in its new solution for bank account validation. Businesses can now benefit from Trustmi’s holistic approach to bank account validation that accurately verifies the account and provides full protection against business payment fraud.…

Read more →

NuHarbor Security has partnered with Zscaler to deliver a new level of cybersecurity capability and business value based on the proven effectiveness of the largest security cloud on the planet. Combining NuHarbor’s nationally recognized leadership and security insight with Zscaler’s…

Read more →

Meta is introducing default end-to-end encryption (E2EE) for chats and calls across Messenger and Facebook, the company revealed on Wednesday. Rolling out E2EE for Messenger and Facebook E2EE ensures that messages content is only visible to the person sending the…

Read more →

The Apache Struts project has released updates for the popular open-source web application framework, with fixes for a critical vulnerability that could lead to remote code execution (CVE-2023-50164). About CVE-2023-50164 CVE-2023-50164 may allow an attacker to manipulate file upload parameters…

Read more →

Delve Risk and ThreatNG Security has unveiled a transformative partnership aimed at delivering intelligence solutions for security vendors. Strategic alliance for advanced intelligence The collaboration between Delve Risk and ThreatNG Security represents a strategic alliance aimed at revolutionizing intelligence solutions…

Read more →

The final Patch Tuesday of the year is almost upon us! This is the time of year when we want to relax and enjoy the holidays, but we need to be extra vigilant to detect and respond to suspicious activity.…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Atsign, Daon, Global Integrity, Living Security, Panther Labs, Searchlight Cyber, and Varonis. Varonis enhances DSPM capabilities with Azure and AWS support Varonis Systems has expanded…

Read more →

Risk, compliance, governance, and security professionals are finally realizing the importance of subjecting sensitive workloads to robust data governance and protection the moment the data begins traversing the data pipeline. Many organizations no longer feel it’s adequate to secure data…

Read more →

Security practitioners are under a tremendous amount of pressure to secure today’s applications, according to Cycode. The research found that AppSec chaos reigns, with 78% of CISOs responding that today’s AppSec attack surfaces are unmanageable and 90% of responders confirmed…

Read more →

Even as organizations accelerate AI adoption, the majority don’t understand the AI skills their employees possess, if any, or have an upskilling strategy to develop them, according to Pluralsight. “AI is transforming the way that business is done, but many…

Read more →

33% of Americans have used a sports-related term in a password, according to Bitwarden. Those who have are twice as likely to have used one inspired by a professional sports team (46%) versus a college sports team (22%). 49% of…

Read more →

Phylum announced the availability of the Phylum Threat Feed and its partnership with Sumo Logic. With the Phylum App for Sumo Logic, users can know if their organization has been impacted by software supply chain risks, including: Zero-day attacks Credential…

Read more →

HireRight launched its new global identity verification solution, Global ID. With identity theft and fraud on the rise—and many employees being onboarded and working remotely—it is arguably more important than ever to verify candidates’ identities. HireRight’s new digital Global ID…

Read more →

Netskope has unveiled the completion of the rollout of Localization Zones to its NewEdge security private cloud offering a localized experience for 220 countries and territories, including every non-embargoed UN member state. While a move to a cloud web proxy…

Read more →

Attackers usually gain access to an organization’s cloud assets by leveraging compromised user access tokens obtained via phishing, by using malware, or by finding them in public code repositories. These are long-term access tokens associated with an AWS IAM or…

Read more →

Cybersixgill announced new features and capabilities that take security teams’ threat detection and mitigation efforts to new levels, helping them identify and mitigate vulnerabilities and detect and stop threats more quickly and effectively. Cybersixgill’s new Identity Intelligence module enables centralized…

Read more →