Tag: Help Net Security

LimaCharlie is unveiling the Security Operations (SecOps) Cloud Platform, a vendor-neutral architecture built for security teams to develop the most effective infrastructure for their organization. The LimaCharlie SecOps Cloud Platform provides comprehensive enterprise protection by bringing together critical cybersecurity capabilities,…

Read more →

Perle Systems launched Native OCI Container Support, based on the popular Docker platform, in Perle IRG Routers. Introducing this new feature in Firmware version 7.2.G1 will empower customers to optimize edge computing processing capabilities by deploying lightweight applications tailored to…

Read more →

Tenable announced new Tenable Cloud Security features that deliver automated operating system (OS) vulnerability detection across container images, registries and pipelines. Building on existing exposure management capabilities, Tenable Cloud Security enables security teams to prevent OS vulnerabilities and other risks…

Read more →

Lenovo announced its next wave of data management innovation with new ThinkSystem DG Enterprise Storage Arrays and ThinkSystem DM3010H Enterprise Storage Arrays, designed to make it easier for organizations to enable AI workloads and unlock value from their data. Also…

Read more →

Veeam Software announced it is integrating Veeam Backup for Microsoft 365 with newly launched Microsoft 365 Backup via their backup APIs to bring customers and partners new capabilities for backup, recovery, ransomware protection and business continuity. Veeam plans to utilize…

Read more →

Code42 has added custom Insider Risk Indicators (IRIs) to its Incydr data protection solution. This addition enables security teams to customize their Insider Risk alerts based on needs specific to their business and industry, thus focusing analysts’ attention on the…

Read more →

Citrix has patched three vulnerabilities (CVE-2023-3519, CVE-2023-3466, CVE-2023-3467) in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway), one of which is a zero-day being exploited by attackers. A zero-day patched (CVE-2023-3519) CVE-2023-3519 is a remote code execution…

Read more →

CompTIA released the CompTIA DataSys+ program, a comprehensive set of resources for learning and skills validation for IT professionals in search of database management skills. The CompTIA DataSys+ program covers all aspects of database administration, including deployment, management, and maintenance…

Read more →

The Biden-Harris Administration has announced a cybersecurity certification and labeling program to help Americans more easily choose smart devices that are safer and less vulnerable to cyberattacks. The new “U.S. Cyber Trust Mark” program proposed by FCC Chairwoman Jessica Rosenworcel…

Read more →

Small and medium-sized businesses (SMBs) are targeted by cyberattackers as much as large companies, the 2023 Verizon Data Breach Investigations Report (DBIR) has revealed; here are some cybersecurity controls they should prioritize. Company size does not matter to cyber attackers…

Read more →

Cohesity announced Cisco and HPE will each be offering Cohesity Cloud Services (CCS) to bring efficient data security and management to companies operating in today’s modern hybrid and multicloud environments. Cohesity has benefited from strategic partnerships with Cisco and HPE…

Read more →

Data breaches have been hitting the headlines left and right. Every time a breach occurs, the impacted organization’s response differs from the last. In this Help Net Security video, Rodman Ramezanian, Global Cloud Threat Lead at Skyhigh Security, discusses what…

Read more →

In this Help Net Security interview, Arthur Hu, SVP, Global CIO and Services & Solutions Group CTO at Lenovo, discusses how AI/ML is optimizing tech stacks, the hurdles anticipated in its integration, the role of AI in enterprise resilience and…

Read more →

In January, law enforcement officials disrupted the operations of the Hive cybercriminal group, which profited off a ransomware-as-a-service (RaaS) business model. Hive is widely believed to be affiliated with the Conti ransomware group, joining a list of other groups associated…

Read more →

Bureau is announcing an additional $4.5m from GMO VenturePartners, GMO Payment Gateway, and existing investors to complete its series A funding round at $16.5m. With the completion of the latest round, total funding for the startup has reached $20.5m to…

Read more →

Improve your cloud security with these 9 proven strategies. Uptycs, alongside renowned expert Lee Atchison, share their list of comprehensive tactics to mitigate risks facing modern development teams. To address these emerging risks, Uptycs has created an eBook, Laptop to…

Read more →

Supply chain executives significantly overestimate stakeholder trust in their supply chain capabilities and intentions, according to Deloitte. Of more than 1,000 executives from large global organizations surveyed, 89% on average who self-identified as leading suppliers said customers trust their supply…

Read more →

Privacera announced Governed Data Stewardship solution and significant ease of use improvements. This innovative offering transforms how IT organizations distribute data ownership and stewardship into lines of business to speed up self-service data sharing and access governance. By eliminating a…

Read more →

Rapid7 released Executive Risk View, a solution that normalizes risk scoring across cloud and on-premises environments so that security leaders can effectively assess and collaborate with teams across an organization to speed up cyber risk reduction. Now generally available within…

Read more →

Hammerspace has raised $56.7 million in funding in its first round of institutional investment. The funding round, led by Prosperity7 Ventures, also includes Pier 88 Ventures, ARK Invest, and others. Data has been widely considered to be among the world’s…

Read more →

Splunk announced Splunk Edge Hub, a new solution that simplifies the ingestion and analysis of data generated by sensors, IoT devices and industrial equipment. Splunk Edge Hub provides more complete visibility across IT and OT environments by streaming previously hard…

Read more →

Spectro Cloud announces new Palette VerteX Edition and new Spectro Cloud Government practice to meet the growing need for powerful management and security for Kubernetes (K8s) in the public sector. Kubernetes adoption is growing across the public sector, from federal…

Read more →

Attackers are exploiting two Adobe ColdFusion vulnerabilities (CVE-2023-29298, CVE-2023-38203) to breach servers and install web shells to enable persistent access and allow remote control of the system, according to Rapid7 researchers. Flaws with incomplete fixes On July 11, 2023, Adobe…

Read more →

Kyndryl and Veritas Technologies unveiled two new services — Data Protection Risk Assessment with Veritas and Incident Recovery with Veritas. As a key milestone in Kyndryl and Veritas’ strategic alliance, these services help enterprises protect and recover their critical data…

Read more →

VirusTotal has suffered a data leak that exposed the names and email addresses of 5,600 of its registered users. The leaked data reportedly includes information about employees of US and German intelligence agencies (among others). VirusTotal data leak exposed exploitable…

Read more →

Egress launched adaptive security for its Intelligent Email Security platform, providing dynamic and automated protection against advanced inbound and outbound threats, transforming the way in which organizations manage human risk on email. Egress CEO Tony Pepper comments: “Almost every organization…

Read more →

Aiming to protect the digital ecosystem in the UAE and the Mena region, Seed Group, has announced a strategic partnership with Resecurity. With this strategic partnership, Seed Group and Resecurity are set to reshape the cybersecurity landscape in the Middle…

Read more →

CheckRed Security announced that the company’s Board of Directors has appointed Pat Clawson as its first CEO. Clawson brings more than 20 years of leadership experience in driving cybersecurity innovation. As CEO, Clawson will lead CheckRed’s global initiatives to secure…

Read more →

One of the biggest challenges faced by regulated and non-regulated companies is assessing whether or not another business is safe to work with. Existing approaches rely on manual research across multiple siloed sources. This is time-consuming and fails to give…

Read more →

Netcraft secures first funding with over $100 million from Spectrum Equity and names technology executive Ryan Woodley as new CEO. Ryan Woodley has decades of experience leading growth-oriented technology companies and an established track record of success. He was previously…

Read more →

Splunk and Microsoft are partnering to build Splunk’s enterprise security and observability offerings on Microsoft Azure. Additionally, for the first time, Splunk solutions will be available for purchase on the Microsoft Azure Marketplace. “Splunk and Microsoft’s strategic partnership will provide…

Read more →

Red Siege has developed and made available many open-source tools to help with your penetration testing work. The company plans to continue to support the tools listed below, whether in the form of bug fixes or new features. Give them…

Read more →

The number of data compromises reported in the U.S. in the H1 of 2023 is higher than the total compromises reported every year between 2005 and 2020, except for 2017, according to Identity Theft Resource Center. For the H1 ending…

Read more →

In an era where cyber threats continue to evolve, healthcare organizations are increasingly targeted by malicious actors employing multiple attack vectors, according to Trustwave. In its new research, Trustwave SpiderLabs has documented the attack flow utilized by threat groups, shedding…

Read more →

Consumer expectations will reshape the needs and economics of the internet, according to Cisco. People in EMEA are rethinking what they rely on the internet for, balancing classic demands for speed and reliability, with the intensifying needs of rising eco-consciousness,…

Read more →

A critical cross site scripting (XSS) vulnerability (CVE-2023-34192) in popular open source email collaboration suite Zimbra is being exploited by attackers. About the vulnerability (CVE-2023-34192) CVE-2023-34192 could allow a remote authenticated threat actor to execute arbitrary code through a crafted…

Read more →

Anviz launched IntelliSight, its latest video surveillance offering that harnesses the power of distributed cloud and 4G technology to create an all-in-one security solution that delivers versatility, security, and data analytical capabilities. Now, users can enjoy One-year free cloud storage…

Read more →

In this Help Net Security interview, Charles Brooks, Adjunct Professor at Georgetown University’s Applied Intelligence Program and graduate Cybersecurity Programs, talks about how zero trust principles, identity access management, and managed security services are crucial for effective cybersecurity, and how…

Read more →

DevSecOps, short for Development, Security, and Operations, is an approach that emphasizes the integration of security practices and principles into every stage of the software development lifecycle. It aims to bridge the gap between development teams, security teams, and operations…

Read more →

Quantum computing is poised to revolutionize the way we secure and privatize data. It can potentially disrupt our existing encryption methods, endangering sensitive data from various sources in ways even beyond what we’ve experienced with AI. In this Help Net…

Read more →

The average number of scam resources created per brand across all regions and industries more than doubled year-on-year in 2022, up 162%, according to Group-IB. Additionally, the total number of scam pages detected by Group-IB in 2022 was more than…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: CISO perspective on why boards don’t fully grasp cyber attack risks In this Help Net Security interview, David Christensen, CISO of PlanSource, proposes strategies to…

Read more →

BlueVoyant announced MXDR for Splunk, enabling clients to maximize their security investment, expedite implementation, and streamline threat detection. The new service integrates Splunk SIEM (Security Information and Event Management) capabilities with supported EDR partner expertise to provide a cloud-native, fully…

Read more →

Teleskope has launched a data protection platform that automates data security, privacy, and compliance at scale, helping organizations comply with regulations like GDPR and CCPA, and reduce the manual and operation burden on security, data, and engineering teams. The company…

Read more →

As enterprise data grows at a 28% compound annual growth rate, businesses continue to face a myriad of challenges to manage their data and secure their organizations. Most enterprises are using more than 30 tools to manage and analyze data,…

Read more →

It was to be expected: As the buzz around Meta’s new microblogging platform Threads gained momentum, some individuals have stepped in to take advantage of the fact that the app still can’t formally serve users in the European Union (or…

Read more →

72% of hackers are confident that AI cannot replace human creativity in security research and vulnerability management, according to Bugcrowd. Generative AI hacking Generative AI was a major theme in the 2023 report, with 55% of respondents saying that it…

Read more →

While trends in phishing frequently evolve, Facebook and Microsoft’s collective dominance as the most spoofed brands continues, according to Vade. Facebook and Microsoft’s collective dominance as the most spoofed brands continued into H1 2023, with the former accounting for 18%…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Fidelis Cybersecurity, Hubble, NETSCOUT, Regula, and WatchGuard. WatchGuard expands identity protection capabilities with AuthPoint Total Identity Security AuthPoint Total Identity Security enables MSPs to offer…

Read more →

Researchers from Ruhr University Bochum and the CISPA Helmholtz Center for Information Security in Saarbrücken have assessed the security mechanisms of satellites currently orbiting the Earth from an IT perspective. Moritz Schloegel (left) and Johannes Willbold analyzed the safety of…

Read more →

The top focus areas for chief audit executives (CAEs) in 2023 are advancing data analytics, assuring proliferating digital risks, and talent management, according to Gartner. “In 2023 most CAEs are focusing on organizational and departmental digital transformation initiatives and improving…

Read more →

Blue Team Con has announced that Lesley Carhart will deliver the keynote address titled “We’re All Scared, Too: 10 Years of Lessons from Cybersecurity Mentorship” at the conference. “We are thrilled to have Lesley as our keynote speaker this year,”…

Read more →

Security Journey announced an acceleration of its secure coding training platform enhancements. Since combining HackEDU and Security Journey training offerings into one Platform, the company has added or refreshed almost 200 lessons and 25 languages, frameworks, and technologies; giving customers…

Read more →

AU10TIX launched the AU10TIX app, empowering customer-facing businesses with automated, in-person and point of sale (POS) identity and age verification capabilities. The app enables companies to securely verify IDs in the field within 4-8 seconds, enhancing the customer experience and…

Read more →

Truework launched Truework Guardian, a new verification automation tool for employees, employers and payroll providers that replaces the manual HR verification process while increasing the protection of sensitive data. Guardian is a solution to help payroll providers and Human Capital…

Read more →

Concentric AI has announced an archetype functionality for granularity and precision of data discovery and protection. Archetype in the context of data discovery, classification and risk remediation is a specific type of data or file that contains sensitive or confidential…

Read more →

ManageEngine has added OpenAI observability as a native capability to Site24x7, its comprehensive cloud-based observability platform. The offering enables application owners to monitor the utilization of different OpenAI models seamlessly while tracking real-time performance and cost metrics — all within…

Read more →

Secure Code Warrior closed its Series C funding round, led by Paladin Capital Group. At $50 million, this marks the largest investment since the company’s inception, bringing its total funding to date to over $100 million. The new funding will…

Read more →

The Biden-Harris Administration’s recently released National Cybersecurity Strategy calls for two fundamental shifts in how the United States allocates roles, responsibilities, and resources in cyberspace: Ensuring that the biggest, most capable, and best-positioned entities – in the public and private…

Read more →

Rockwell Automation has fixed two vulnerabilities (CVE-2023-3595, CVE-2023-3596) in the communication modules of its ControlLogix industrial programmable logic controllers (PLCs), ahead of expected (and likely) in-the-wild exploitation. “An unreleased exploit capability leveraging these vulnerabilities is associated with an unnamed APT…

Read more →

Fidelis Cybersecurity released the new Fidelis Active Directory Intercept, a capability that combines network detection and response, deception technology, and Active Directory (AD) security, as part of their Fidelis Network and Deception 9.6.1 product release. Active Directory Intercept is the…

Read more →

The update of the Regula 4306 is centered around light sources that are indispensable for thorough document examination, including relief and various security features, especially those invisible to the naked eye. The redesigned device boasts of a new light source…

Read more →

FIRST has unveiled the latest version of its Common Vulnerability Scoring System (CVSS 4.0). Critical in the interface between supplier and consumer, CVSS provides a way to capture the principal characteristics of a security vulnerability and produces a numerical score…

Read more →

In this Help Net Security video, Brianna McGovern, Product Manager, Attack Surface Management, NetSPI, discusses Attack Surface Management (ASM). Attack Surface Management detects known, unknown, and potentially vulnerable public-facing assets and changes to your attack surface that may introduce risk.…

Read more →

When companies utilize public generative AI tools, the models are refined on input data provided by the company. Regarding data security, unauthorized use of sensitive data or the accidental exposure of proprietary information can lead to reputational damage, legal consequences,…

Read more →

While 75% of organizations have made significant strides to upgrade their infrastructure in the past year, including the adoption of public cloud hosting and containerization, and 78% have increased their security budgets, only 2% of industry experts are confident in…

Read more →

Security leaders are concerned about attacks that leverage malware-exfiltrated authentication data, with 53% expressing extreme concern and less than 1% admitting they weren’t concerned at all, according to SpyCloud. However, many still lack the necessary tools to investigate the security…

Read more →

39% of businesses have experienced a data breach in their cloud environment last year, an increase on the 35% reported in 2022, according to Thales. In addition, human error was reported as the leading cause of cloud data breaches by…

Read more →

(ISC)² expanded its diversity, equity, and inclusion (DEI) partner network, cementing its commitment to fostering greater diversity within the cybersecurity field. Following the initial announcement of five founding partners, an additional eight organizations have joined forces with (ISC)², demonstrating a…

Read more →

WatchGuard Technologies has unveiled AuthPoint Total Identity Security, a comprehensive bundle that combines the AuthPoint multi-factor authentication (MFA) with dark web credential monitoring capabilities and a corporate password manager. The introduction of this new product, paired with the zero trust…

Read more →

anecdotes launched Analysis Engine, empowering its customers to attain proactive GRC monitoring. With the introduction of the new engine, users gain access to robust analysis capabilities that automatically detect gaps in their data and provide deep visibility into their Compliance…

Read more →

Liongard announced its newly enhanced platform to transform the way IT service providers deliver IT governance and mitigate risk with the launch of its Configuration Change Detection and Response (CCDR) platform. More than 2,000 cyberattacks strike the internet each day.…

Read more →

CyberCatch and Proficio announced a strategic partnership to join forces to market and deliver a combined AI-enabled solution for organizations worldwide. CyberCatch’s proprietary, artificial intelligence-enabled (AI) Software-as-a-Service (SaaS) solution is designed to help organizations implement all mandated and necessary controls,…

Read more →

DirectDefense announced its partnership with SCADAfence to enhance industrial cybersecurity and safeguard OT Networks in the era of IIoT. The SCADAfence Platform enables critical infrastructure and manufacturing organizations with complex Operational Technology (OT) networks to embrace the benefits of the…

Read more →

Wipro launched Wipro ai360, a comprehensive, AI-first innovation ecosystem that builds on Wipro’s decade-long investments in AI with the goal of integrating AI into every platform, every tool, and every solution used internally and offered to clients. Along with the…

Read more →

Threat landscape trends demonstrate the impressive flexibility of cybercriminals as they continually seek out fresh methods of attack, including exploiting vulnerabilities, gaining unauthorized access, compromising sensitive information, and defrauding individuals, according to the H1 2023 ESET Threat Report. Microsoft: An…

Read more →

IDrive Backup announced the introduction of Google Shared Drive backup, which automatically detects and backs up all the shared drives available to the Super Administrator of the Google Workspace account. Shared drives, which are special folders in Google Drive that…

Read more →

IronNet’s Board of Directors has appointed Linda Zecher as Chief Executive Officer (CEO) effective immediately. Cameron Pforr, the company’s current Chief Financial Officer (CFO), has been appointed President of IronNet. GEN (Ret.) Keith Alexander will continue to serve as Chairman…

Read more →

Hubble announced its next-generation Technology Asset Visibility and Cybersecurity Posture Management Platform, Aurora. Aurora builds on the foundation of Hubble’s existing Asset Intelligence platform, providing users with asset visibility and insights into their cybersecurity posture, with new features such as…

Read more →

Sophisticated hackers have accessed email accounts of organizations and government agencies via authentication tokens they forged by using an acquired Microsoft account (MSA) consumer signing key, the company has revealed on Tuesday. “The threat actor Microsoft links to this incident…

Read more →

Ransomware has been a hugely profitable industry for criminal gangs for the last few years. The total amount of ransom paid since 2020 is estimated to be at least $2 billion, and this has both motivated and enabled the groups…

Read more →

Despite economic obstacles and constraints on IT budgets, global CIOs maintain a positive outlook on the potential of technology to provide significant benefits for their organizations, according to Lenovo. Despite their optimism, the risks are real, as 83% are concerned…

Read more →

Google Cloud’s AML AI represents an advancement in the fight against money laundering. By replacing outdated transaction monitoring systems and embracing AI technology, financial institutions can now stay ahead of evolving financial crime risks, improve operational efficiency, ensure regulatory compliance,…

Read more →

The Ultimate Guide to Certified in Cybersecurity (CC) covers everything you need to know about the entry-level credential recognized by organizations worldwide. Inside, learn how CC starts you on your path to advanced cybersecurity certification and how to access free…

Read more →

For July 2023 Patch Tuesday, Microsoft has delivered 130 patches; among them are four for vulnerabilites actively exploited by attackers, but no patch for CVE-2023-36884, an Office and Windows HTML RCE vulnerability exploited in targeted attacks aimed at defense and…

Read more →

NETSCOUT SYSTEMS has released its latest version of Arbor Edge Defense (AED) which includes new ML-based Adaptive DDoS Protection. According to NETSCOUT’s latest DDoS Threat Intelligence Report, there has been a significant increase in a new breed of dynamic DDoS…

Read more →

Drata announced the appointment of Sydney Sloan as the company’s first ever Chief Marketing Officer (CMO). Sloan will oversee global marketing at Drata to help market and brand leadership, fuel customer engagement, and accelerate the company’s commitment to delivering value…

Read more →

Digilock launched Pivot, hardwired built-in locks for new stationary furniture installations. Digilock brings its keyless lock experience to facilities requiring a hardwired power and data source for its permanent fixtures. Pivot Smart Locks are networked locks that operate with proprietary…

Read more →

Vercara has released a new integration of its enterprise-grade, cloud-based authoritative DNS service, UltraDNS, with HashiCorp’s Consul-Terraform-Sync (CTS), a multi-platform tool designed to automate tasks across network devices that are traditionally handled manually by networking operators. The integration, UltraDNS-CTS, follows…

Read more →

Perimeter 81 announced the hiring of Gadi BenMark as Chief Marketing Officer. With more than 20 years experience in marketing strategy and business development across a variety of industries, BenMark brings extensive working knowledge to Perimeter 81. He reports to…

Read more →

Netskope announced a new partnership with Wipro to deliver cloud-native Managed Secure Access Service Edge (SASE) and Managed Zero Trust Network Access (ZTNA) services to Wipro’s extensive global enterprise client portfolio. “As the global work environment transforms, our Security Cloud…

Read more →

Alteryx announced decision intelligence and intelligent automation capabilities on AWS designed to empower chief financial officers (CFOs) and finance leaders to embrace cloud and data analytics as strategic tools for their modernization goals. “Analytic insights help us tailor digital transformation…

Read more →

Today, the European Commission adopted its adequacy decision for the EU-U.S. Data Privacy Framework. The decision concludes that the United States ensures an adequate level of protection – comparable to that of the European Union – for personal data transferred…

Read more →

Apple has patched an actively exploited zero-day vulnerability (CVE-2023-37450) by releasing Rapid Security Response updates for iPhones, iPads and Macs running the latest versions of its operating systems. The vulnerability has also been fixed with a regular security update in…

Read more →

Oxeye has uncovered two critical security vulnerabilities and recommends immediate action to mitigate risk. The vulnerabilities were discovered in Owncast (CVE-2023-3188) and EaseProbe (CVE-2023-33967), two open-source platforms written in Go. Owncast vulnerability (CVE-2023-3188) The first vulnerability was discovered in Owncast,…

Read more →

Due to their distinct perspectives, board members and CISOs often have differing views on cyber attack risks. The discrepancy arises when boards need cybersecurity expertise, need help comprehending technical jargon, or when CISOs need to communicate in business language. In…

Read more →

IT teams need help to monitor and enforce BYOD policies during summer months when more employees often travel or work remotely. In this Help Net Security video, Jeremy Ventura, Director, Security Strategy & Field CISO at ThreatX, discusses how employees…

Read more →

Due to their distinct perspectives, Board members and CISOs often have differing views on cyber attack risks. The discrepancy arises when Boards need cybersecurity expertise, need help comprehending technical jargon, or when CISOs need to communicate in business language. In…

Read more →

Investment in connected device security has accelerated as upcoming legislation affecting the sector becomes more prominent, according to PSA Certified. This acceleration also highlights a noticeable difference from last year in the level of demand from industry customers and, more…

Read more →

It is important not to underestimate the potentially devastating impact of DDoS attacks. Organizations of all sizes should take proactive measures to mitigate and safeguard against DDoS attacks, ensuring the continuity and resilience of their operations. Throughout this Help Net…

Read more →