Tag: Help Net Security

Aqua Security has launched Real-Time CSPM, a next-gen cloud security posture management (CSPM) solution, which provides a complete view of multi-cloud security risk, pinpoints threats that evade agentless detection, and reduces noise so security practitioners can identify, prioritize, and remediate…

Read more →

Circle Security has unveiled a joint integration with the ForgeRock Identity Platform. The pre-built on-premises integrated node will help businesses stay ahead of evolving threats and achieve their security goals by integrating identity authentication and privacy protection capabilities into customer…

Read more →

Scality announced its newest release of Scality ARTESCA, its secure S3 object storage software for data deployments starting at a few terabytes. Over a dozen innovations in ARTESCA 2.0 strengthen cyber resiliency through a hardened, reduced attack surface that minimizes…

Read more →

Leostream has unveiled federated identity management with Zero-Trust Network Access (ZTNA) for secure remote computing. Built to protect and connect users across virtual desktop infrastructure (VDI), desktops-as-a-service (DaaS), and end-user computing (EUC) applications in Amazon Web Services (AWS) environments, the…

Read more →

Criminals have never had more avenues through which to defraud people. This has been fueled by the proliferation of technology ranging from instant messaging to new forms of remittance, like P2P and real-time payments. That’s why ComplyAdvantage launched Fraud Detection,…

Read more →

Veriff has partnered with MassPay to provide enhanced identity verification (IDV) services and know your customer (KYC) offerings through its Global Payment Orchestration Platform. With this partnership, Veriff expedites the IDV process for MassPay and its growing customer base, while…

Read more →

Nozomi Networks has introduced Vantage IQ, the AI-based analysis and response engine designed to address security gaps and resource limitations in mission critical operational infrastructure. Available as an add-on to Vantage, Nozomi Networks’ SaaS-based security management platform, Vantage IQ uses…

Read more →

Island announced Self-Protection for the Enterprise Browser, delivering a fundamentally new approach and level of security to enterprise work. Island has introduced the ideal solution for organizations with extremely sensitive data and applications, to ensure safe operation even on devices…

Read more →

Fraudsters are trying out a new approach to convince companies to pay bogus invoices: instead of hijacking existing email threads, they are creating convincing ones themselves. A clever payment request fraud The fraud attempt begins with an email containing a…

Read more →

IBM has acquired Polar Security, an innovator in technology that helps companies discover, continuously monitor and secure cloud and SaaS application data – and addresses the growing shadow data problem. This news marks IBM’s 5th acquisition in 2023. Since Arvind…

Read more →

CellTrust is teaming up with Proofpoint to help organizations manage mobile communication information risk and improve investigative readiness. As the number of mobile communication channels (text, chat, voice, app to app) grows, highly regulated organizations are relying on technology to…

Read more →

Confluent has unveiled new Confluent Cloud capabilities that give customers confidence that their data is trustworthy and can be easily processed and securely shared. With Data Quality Rules, an expansion of the Stream Governance suite, organizations can resolve data quality…

Read more →

SolarWinds announces it’s adding transformative artificial intelligence (AI) and machine learning (ML) capabilities to its IT service management (ITSM) solutions. The new AI features include a virtual agent to help users solve everyday IT problems and guided incident resolution to…

Read more →

French electronics manufacturer Lacroix closed three factories as a result of a cyberattack they “intercepted” over the weekend, the company has announced on Monday. Lacroix designs and produces electronic equipment for the automotive, home automation, aerospace, industrial and health sectors,…

Read more →

As part of Google’s commitment to building a strong cybersecurity workforce, the Google Cybersecurity Certificate offers an affordable and accessible pathway to a career in cybersecurity. In this Help Net Security interview, Phil Venables, CISO at Google Cloud, sheds light…

Read more →

Meta has unveiled Chat Lock within WhatsApp, a feature that allows users to keep sensitive and intimate conversations safe from prying eyes. WhatsApp Chat Lock (Source: WhatsApp) Enabling Chat Lock By tapping on a one-to-one or group conversation, users can…

Read more →

Corvus Insurance analyzed data from the dark web and ransomware leak sites. Researchers uncovered a 60% increase in ransomware victims in March 2023, marking the highest monthly victim count observed in the past two years. In this Help Net Security…

Read more →

Zero trust adoption is beginning to accelerate as networks get more complex. Gartner predicts that by 2026, 10% of large enterprises will have a comprehensive, mature, and measurable zero-trust program in place (compared to just 1% today). But adoption has…

Read more →

Parablu has unveiled a multi-year agreement with Microsoft that integrates engineering, go-to-market activities, and co-selling of Parablu’s BluVault and the Ransomware Defense Suite Software-as-a-Service (SaaS) offerings. Parablu will leverage Microsoft Cloud infrastructure and services –– Microsoft Azure and Microsoft 365…

Read more →

SAP has unveiled the next step in its long-standing partnership with Microsoft, using the latest in enterprise-ready generative AI innovation to help solve customers’ most fundamental business challenges. The companies will collaborate on integrating SAP SuccessFactors solutions with Microsoft 365…

Read more →

Everbridge and samdesk have expanded its partnership, building on the integration of samdesk’s crisis detection feeds with Everbridge’s CEM suite of products. As a preferred partner, samdesk now integrates directly with Everbridge Visual Command Center (VCC) through a samdesk connector…

Read more →

Cloudflare has extended its SASE platform, Cloudflare One, to generative artificial intelligence (AI) services. Cloudflare One for AI, a suite of zero trust security controls, will enable enterprises to safely and securely use the latest generative AI tools without putting…

Read more →

Three vulnerabilities in Advantech’s EKI series of serial device servers could be exploited to execute arbitrary commands on the OS level. Source: CyberDanube The vulnerabilities Serial device servers are networking devices that “network-enable” serial devices (e.g., printer, climate control system,…

Read more →

We all have witnessed automated advances creep into our modern threat hunting processes – and with good reason. As the rate of cyberattacks steadily increases, automated threat hunting processes are being integrated to help stem the tide by providing quicker…

Read more →

With an ever-evolving landscape of cyber threats, the necessity for innovative, effective, and user-friendly security products has never been more apparent. Current security solutions, however, seem to lag behind, struggling to adequately address the challenges posed by increasingly sophisticated cyber-attacks.…

Read more →

In 2022, 47.4% of all internet traffic came from bots, a 5.1% increase over the previous year, according to Imperva. The proportion of human traffic (52.6%) decreased to its lowest level in eight years. Bad bot traffic For the fourth…

Read more →

For its recent research focusing on web entities (or content served over HTTP), Censys leveraged its internet-wide scan data to understand better the applications and services that have become core to our existence, evaluating the state of security on the…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Dragos blocks ransomware attack, brushes aside extortion attempt A ransomware group has tried and failed to extort money from Dragos, the industrial cybersecurity firm has…

Read more →

Hammerspace acquires Rozo Systems to expand the performance and hyperscale capacity capabilities of its unstructured Data Orchestration System. Data-driven organizations have rapidly become more decentralized, with files being created, analyzed, and moved across locations constantly. The speed of capturing the…

Read more →

OneTrust announces new innovations across the Trust Intelligence Platform to help organizations responsibly use data and drive trust intelligence at scale. As companies tackle the challenges of data sprawl, OneTrust’s enhancements provide companies with the discovery, automation, and intelligence to…

Read more →

AI Spera announced a data-sharing partnership agreement between its flagship search engine, Criminal IP, and DNS0.EU. This strategic collaboration makes perfect sense, as both entities share a common objective of providing the utmost protection against internet threats by blocking malicious…

Read more →

Manufacturing businesses, healthcare organizations, and tech companies in English-speaking countries are the most targeted by phishers leveraging a relatively new phishing-as-a-service (PaaS) tool called Greatness, created to phish Microsoft 365 users. According to Cisco researcher, this tool has been utilized…

Read more →

The need to protect sensitive information from unauthorized access and theft has never been greater, and cybersecurity and IAM technologies are evolving to meet this challenge while providing users with more convenience. There are three key trends to watch in…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Aqua Security, Feedzai, Nebulon, OpenVPN, Trua, and Zscaler. Aqua Security strengthens software supply chain security with pipeline integrity scanning Powered by eBPF technology, Aqua’s pipeline…

Read more →

Most CISOs have returned to the elevated concerns they experienced early in the pandemic, according to Proofpoint. Elevated concerns among CISOs Globally, 68% of surveyed CISOs feel at risk of a material cyber attack, compared to 48% the year before,…

Read more →

Digital fraud has significant financial and psychological repercussions on victims, according to Telesign. Businesses may find a new reason to fear digital fraud as the negative impacts of digital fraud on companies’ brand perception and the bottom line. Trust in…

Read more →

Bitdefender has unveiled App Anomaly Detection, the real-time, behavior-based protection layer available now in Bitdefender Mobile Security for Android, that continuously detects anomalous and malicious behavior in Android applications as it emerges. The number of malicious and compromised Android applications…

Read more →

Check Point has expanded its Check Point Harmony Endpoint protections solution by incorporating vulnerability and automated patch management capabilities. This enhancement addresses the mounting number of cyberattacks that exploit unpatched system vulnerabilities for unauthorized access. To deliver this advanced feature,…

Read more →

Point Predictive launched its newest solution, BorrowerCheck 3.0. Available via API or web browser, BorrowerCheck 3.0 addresses the problem of fraud and identity theft in a more comprehensive way than existing identity solutions to help stop the billions in fraud…

Read more →

Qrypt has formed a partnership with Carahsoft. Under the agreement, Carahsoft will serve as Qrypt’s Master Government Aggregator, making the company’s quantum-secure encryption technology available to the Federal Government through Carahsoft’s reseller partners’, Information Technology Enterprise Solutions – Software 2…

Read more →

In today’s world of fake news and AI-generated content, it is increasingly difficult to know if documents and files are trustworthy. But now anyone can easily verify the provenance of any file by simply dragging and dropping that file onto…

Read more →

Financial fraud has increased substantially as the trend towards mobile banking and digitization accelerates. In 2022 alone, the Federal Trade Commission received over 1.1 million reports of identity theft and over 440,000 reports of credit card fraud. To help banks…

Read more →

SAP and Google Cloud announced an extensive expansion of their partnership, introducing a comprehensive open data offering designed to simplify data landscapes and unleash the power of business data. The offering enables customers to build an end-to-end data cloud that…

Read more →

Cynalytica has launched the OTNetGuard 4G/5G sensor that offers a capability for cellular backhaul for communications monitoring of ICS/SCADA and OT environments, providing a secure out-of-band monitoring capability for critical infrastructure operators. As the threat landscape for industrial control systems…

Read more →

NETGEAR launched its latest innovation: the Nighthawk M6 Pro 5G WiFi 6E Hotspot Router (MR6550). With its 5G mmWave and WiFi 6E capabilities, this device delivers ultra-fast internet speeds and enhanced connectivity, powerful enough for remote business sites and portable…

Read more →

Arlo Technologies announced a partnership with Ping Identity, the intelligent identity solution for the enterprise. The new benefit will provide Ping Identity’s approximately 800 US employees with an Arlo Safe subscription to deliver comprehensive on-the-go personal, family and car safety.…

Read more →

Absolute Software has agreed to be acquired by venture capital firm Crosspoint Capital Partners in a deal with an enterprise value of $870 million. Under the terms of the Arrangement Agreement, Absolute shareholders will receive $11.50 per Common Share in…

Read more →

Comcast Business, Fortinet, and Exclusive Networks teamed up to deliver a new distribution sales route and managed SD-WAN services for value-added resellers (VARs) and managed service providers (MSPs). The collaboration expands the Masergy Guardian Portfolio, adding additional sales routes and…

Read more →

Google has announced new tools, features and updates to improve users’ online safety, help them evaluate content found online, and alert them if their Gmail identity appears on the dark web. New tools and options for users A new tool…

Read more →

A ransomware group has tried and failed to extort money from Dragos, the industrial cybersecurity firm has confirmed on Wednesday, and reassured that none of its systems or its Dragos Platform had been breached. What happened? “The criminal group gained…

Read more →

Monitoring assets in ever-changing settings operating in both development and production stages presents challenges. In this Help Net Security video, Daniel Deeney, CEO at Paladin Cloud, discusses how companies face difficulties identifying security threats within cloud environments. As businesses transition…

Read more →

Adversaries were able to encrypt data in 76% of the ransomware attacks that were conducted against surveyed organizations, according to Sophos. The survey also shows that when organizations paid a ransom to get their data decrypted, they ended up additionally…

Read more →

30% of automotive employees don’t check security protocols before trying a new tool, according to Salesforce. This could put their company and customer data at risk. Alarming rise in automotive API attacks Cybersecurity is a growing concern in the automotive…

Read more →

Feedzai announced significant enhancements to its RiskOps Platform, enabling banks to better protect their customers from a wide variety of financial scams. These new Feedzai ScamPrevent capabilities deliver detection, classification, and interception of the widest variety of payment scams and…

Read more →

Aqua Security added pipeline integrity scanning to prevent software supply chain attacks and assure CI/CD pipeline integrity. Powered by eBPF technology, Aqua’s pipeline integrity scanner detects and blocks suspicious behaviour and malware in real time, preventing code tampering and countering…

Read more →

Red Hat has unveiled the general availability of Red Hat Enterprise Linux 9.2 and the forthcoming availability of Red Hat Enterprise Linux 8.8. These new releases further Red Hat’s efforts to simplify and streamline complex Linux platform tasks across the…

Read more →

iProov and Wultra partnership enables Wultra to provide iProov’s biometric solutions suite as part of its portfolio of digital banking solutions. Consumers are increasingly calling on their financial services providers to offer online access to high-risk services including new account…

Read more →

Trua launched a new product called TruaID, which will give consumers a greater sense of security with their private information while providing businesses a more efficient means of screening customers and prospective employees. Simultaneously, Trua announced that it has branched…

Read more →

Dell Technologies advances software-driven innovation across its storage portfolio, driving increased cyber resiliency, energy efficiency and automation to power customers’ multicloud journeys. Dell’s commitment to software development has resulted in more than 2,000 storage portfolio advancements in the past twelve…

Read more →

IBM announced its new IBM Quantum Safe technology: a comprehensive set of tools and capabilities, combined with IBM’s deep security expertise, designed as an end-to-end solution to be made available as organizations, including governmental agencies, prepare their quantum-safe journey towards…

Read more →

Kasada partners with Signifyd to help eCommerce providers deliver on their core business priorities to reduce fraud while improving the user experience. Together Kasada and Signifyd provide an impenetrable barrier against fraud. Kasada’s anti-bot platform stops automated online fraud before…

Read more →

Prove Identity announced a new partnership with Visa to empower brands to increase secure loyalty account enrollment by eliminating manual account registration and pre-filling application forms with verified information. Visa clients will now have access to Prove’s Prove Pre-Fill identity…

Read more →

Among the vulnerabilities fixed by Microsoft on May 2023 Patch Tuesday is CVE-2023-29324, a bug in the Windows MSHTML platform that Microsoft rates as “important.” Akamai’s research team and Ben Barnea, the researcher who’s credited with finding the flaw, disagree…

Read more →

Nutanix has unveiled Nutanix Central, a cloud-delivered solution that provides a single console for visibility, monitoring, and management across public cloud, on-premises, hosted or edge infrastructure. This will extend the universal cloud operating model of the Nutanix Cloud Platform to…

Read more →

Revelstoke announced partnership with Check Point to enhance edge network security, endpoint and XDR with low-code, high-speed automation, and to empower SOC teams to work more accurately and efficiently. Cybersecurity professionals seek to overcome challenges due to talent shortages, increasing…

Read more →

Codenotary and Snyk alliance agreement provides enhanced security and trust for the modern development organization seeking to assure that only known and trusted artifacts are used in software builds. Vulnerability scanners are widely used by organizations of all sizes and…

Read more →

LogRhythm and Mimecast’s integration will help organizations around the globe protect against modern cyberattacks. Organizations need the ability to correlate data from their disparate security products and services to distinguish the real threats from false alarms. LogRhythm SIEM integrates Mimecast’s…

Read more →

The US Justice Department announced the completion of court-authorized operation MEDUSA, to disrupt a global peer-to-peer network of computers compromised by sophisticated malware, called “Snake” (aka “Uroburos”), that the US Government attributes to a unit within Center 16 of the…

Read more →

Nutanix announced new capabilities in the Nutanix Cloud Platform to enable customers to integrate data management of containerized and virtualized applications on-premises, on public cloud, and at the edge. This includes comprehensive data services for Kubernetes applications as well as…

Read more →

GitHub is making push protection – a security feature designed to automatically prevent the leaking of secrets to repositories – free for owners of all public repositories. Previously, the feature was available only for private repositories with a GitHub Advanced…

Read more →

SquareX, led by serial cybersecurity entrepreneur Vivek Ramachandran, is developing a browser-based cybersecurity product to keep consumers safe online. The company announced that it has raised $6 million in a seed round led by Sequoia Capital Southeast Asia. It will…

Read more →

SquareX, led by serial cybersecurity entrepreneur Vivek Ramachandran, is developing a browser-based cybersecurity product to keep consumers safe online. The company announced that it has raised USD 6 million in a seed round led by Sequoia Capital Southeast Asia. It…

Read more →

Kubernetes Security Operations Center (KSOC) released the first-ever Kubernetes Bill of Materials (KBOM) standard. Available in an open-source CLI tool, this KBOM enables cloud security teams to understand the scope of third-party tooling in their environment to respond quicker to…

Read more →

The technology sector had the highest number of malware-infected employees, most exposed corporate credentials and the majority of all stolen cookies, according to SpyCloud. Drawing on SpyCloud’s database of 400+ billion recaptured assets from the criminal underground, researchers analyzed 2.27…

Read more →

A large language model (LLM) is an artificial intelligence (AI) algorithm that employs deep learning methodologies, and extensive data sets to comprehend, condense, create, and predict new content. An example of an LLM is ChatGPT, a model developed by OpenAI…

Read more →

Malicious actors are increasingly exploiting legitimate tools to accomplish their goals, which include disabling security measures, lateral movement, and transferring files. Using commonly available tools allows attackers to evade detection. While custom-built tools or malware can be flagged as malicious…

Read more →

Asked about the Board and C-Suite‘s understanding of cybersecurity across the organisation, only 39% of respondents think their company’s leadership has a sound understanding of cybersecurity’s role as a business enabler, according to Delinea. The high cost of ignoring security…

Read more →

For May 2023 Patch Tuesday, Microsoft has delivered fixes for 38 CVE-numbered vulnerabilities, including a patch for a Windows bug (CVE-2023-29336) and a Secure Boot bypass flaw (CVE-2023-24932) exploited by attackers in the wild. The two exploited bugs (CVE-2023-29336, CVE-2023-24932)…

Read more →

Nebulon announced TripLine, a new threat detection service designed to alert customers when a cryptographic ransomware attack has been detected, as well as the precise location and point-in-time the attack occurred. The company also announced smartDefense, a cybersecurity solution that…

Read more →

SAIC introduced its new encrypted query analytics and data retrieval (EQADR) platform. “Agencies rely on data to help support their missions in a secure environment,” said Andy Henson, VP, Innovation at SAIC. “We are providing our customers with data encryption…

Read more →

Zscaler has expanded Zscaler Digital Experience (ZDX), an integrated solution that provides end-to-end visibility and IT troubleshooting capabilities accessed through the Zscaler security cloud. The modern workforce is geographically dispersed, resulting in difficulties for IT and helpdesk teams that need…

Read more →

CertifID released an identity verification solution to help title agencies and real estate firms combat seller impersonation fraud. The solution augments CertifID’s existing capabilities that evaluate more than 150 markers of fraud, including the verification of wiring instructions and bank…

Read more →

OneLayer released OneLayer Bridge, a security solution for private mobile networks. The use of private cellular networks allows organizations to improve IoT and OT device connectivity. As the adoption of these networks increases, organizations must consider the essential aspect of…

Read more →

Kyndryl introduced a managed Secure Access Service Edge (SASE) solution powered by Fortinet, which aims to help customers enable advanced network security initiatives. The solution combines Fortinet’s cloud-delivered security and secure networking solutions with Kyndryl’s network and security services to…

Read more →

ThreatBlockr and GreyNoise announced a partnership that will enhance the ThreatBlockr platform. By leveraging GreyNoise data, ThreatBlockr customers now have automatic access to this enhanced cyber intelligence and the largest cyber intelligence data set that protects against false positives. “False…

Read more →

DigiCert announced a partnership to provide DigiCert ONE, the platform for digital trust, on Oracle Cloud Infrastructure (OCI). Customers will benefit from DigiCert ONE’s fast time to value combined with OCI’s high-performance and security-first architecture for single and multi-cloud deployments.…

Read more →

Waterfall Security Solutions and Atlantic Data Security announced a partnership to protect data centers, building automation systems and critical infrastructure facilities. With attacks on OT networks becoming more powerful and pervasive, this new partnership provides owners and operators with solutions…

Read more →

SafePaaS announces its Unified Privileged Access Management (UPAM) solution to protect the digital enterprise without the complexity of traditional PAM solutions that fail to meet the evolving needs of today’s dynamic, complex organizations. SafePaaS’ UPAM offering enables in-depth cyber mechanisms…

Read more →

Webb Protocol raised $7 million in a seed funding round co-led by Polychain and Lemniscap, with participation from Zeeprime, CMS Holdings among others. The funding will go towards growing Webb’s staff base, accelerating the development of innovative privacy tools and…

Read more →

Microsoft has enabled number matching for Microsoft Authenticator push notifications to improve user sign-in security. Authenticator MFA number matching in action (Source: Microsoft) “If the user has a different default authentication method, there’s no change to their default sign-in. If…

Read more →

OpenVPN has introduced Device Identity Verification & Enforcement (DIVE) to their cloud-based solution, CloudConnexa (previously known as OpenVPN Cloud). This powerful new feature will take your ZTNA structure to the next level. With the rapid growth of remote and hybrid…

Read more →

With increased data breaches, errors, ransomware and hacks, digital trust can be the difference between retaining reputations and customer loyalty after a major incident and suffering serious, time-consuming, and expensive losses, according to ISACA. From digital trust to business success…

Read more →

DEF CON’s AI Village will host the first public assessment of large language models (LLMs) at the 31st edition of the hacker convention this August, aimed at finding bugs in and uncovering the potential for misuse of AI models. The…

Read more →

API sprawl is a prevalent issue in modern enterprises, as APIs are being developed and deployed at an unprecedented rate. As highlighted by Postman’s 2022 State of the API Report, “89% of respondents said organizations’ investment of time and resources…

Read more →

In this Help Net Security video, Devon Kerr, Team Lead, Elastic Security Labs, talks about the 2023 Global Threat Report Spring edition. Key takeaways In this report, the Elastic Security team highlights how they’ve noticed a slight increase in Linux…

Read more →

Organizations need to be able to match the ingenuity and resources of cybercriminals to better defend themselves against the increasing number of threats and attacks that could paralyze their business. Unfortunately, some laws restrict genuine security research. As we await…

Read more →

Cloudflare has partnered with Kyndryl to help enterprises modernize and scale their corporate networks with managed WAN-as-a-Service and Cloudflare zero trust. The partnership couples Kyndryl’s expert managed end-to-end networking services with Cloudflare’s robust technology platform to enable enterprises to streamline…

Read more →

Privoro announced a new partnership with Samsung to provide a security capability for mobile devices. The new capability provides a critical shield against the invisible threat posed by modern cyberweapons via high-assurance control over the radios, sensors and other peripherals…

Read more →

Waratek introduced API security to its Java Security Platform, giving customers the ability to scale strategic risk mitigation in the enterprise. This unique combination provides turnkey protection against bytecode and serialization vulnerabilities, classpath manipulation, and sandbox escapes that are unique…

Read more →

The cybercriminals who breached Taiwanese multinational MSI last month have apparently leaked the company’s private code signing keys on their dark web site. The breach MSI (Micro-Star International) is a corporation that develops and sells computers (laptops, desktops, all-in-one PCs,…

Read more →