Tag: Help Net Security

Microsoft reported a record 1,360 vulnerabilities in 2024, according to the latest BeyondTrust Microsoft Vulnerabilities Report. The volume marks an 11% increase from the previous record in 2022 and fits within a broader post-pandemic trend: more vulnerabilities, more products, and…

Read more →

Hands-On Industrial Internet of Things is a practical guide designed specifically for professionals building and securing industrial IoT (IIoT) systems. About the authors Giacomo Veneri brings deep expertise in telecommunications and AI, shaped by over 25 years in IoT and…

Read more →

Entrust announced the Entrust Cryptographic Security Platform, a unified, end-to-end cryptographic security management solution for keys, secrets, and certificates. Cyberattacks on data security and identity systems are exploding in scale and sophistication. Traditional approaches to securing data and identities aren’t…

Read more →

APT29 (aka Cozy Bear, aka Midnight Blizzard) is, once again, targeting European diplomats with fake invitations to wine-tasting events, Check Point researchers have shared. Cozy Bear uses wine-tastings and dinners as a lure In early 2024, Zscaler flagged a low-volume…

Read more →

Cyware has added Compromised Credential Management to the Cyware Intel Packaged Solution, a pre-configured threat intelligence program-in-a-box that enables security teams to operationalize threat intelligence faster by eliminating complex integrations and configurations. Built on Cyware Intel Exchange and pre-bundled with…

Read more →

The future of the Common Vulnerabilities and Exposures (CVE) program hangs in the balance: MITRE, the not-for-profit US organization that runs it, could lose the US federal funding that helps them maintain it. But others have been waiting in the…

Read more →

Cato Networks introduced GenAI security controls for Cato CASB (Cloud Access Security Broker). Cato CASB, a native feature in the Cato SASE Cloud Platform, is now enhanced with new capabilities for GenAI applications including a shadow AI dashboard and policy engine. With…

Read more →

NEC introduces Identity Cloud Service (ICS), a new identity verification solution to deliver streamlined, secure and cost-effective access management. Based on NEC’s biometric technology, ICS provides verification and search capabilities for corporations and global enterprises, financial services, hospitality, e-commerce, government…

Read more →

For CISOs, mergers and acquisitions (M&A) bring both potential and risk. These deals can drive growth, but they also open the door to serious cybersecurity threats that may derail the transaction. Strong due diligence, smart risk planning, and a shared…

Read more →

AI readiness in cybersecurity involves more than just possessing the latest tools and technologies; it is a strategic necessity. Many companies could encounter serious repercussions, such as increased volumes of advanced cyber threats, if they fail to exploit AI due…

Read more →

MITRE’s Attack Flow project aims to translate complex cyber operations into a structured language. By describing how adversaries sequence and combine offensive techniques to reach their objectives, Attack Flow offers defenders, analysts, and decision-makers a tool to see the bigger…

Read more →

By now, most CISOs agree: passwords are the weakest link in the authentication chain. They’re easy to guess, hard to manage, and constantly reused. Even the most complex password policies don’t stop phishing or credential stuffing. That’s why passwordless authentication…

Read more →

Despite being present on virtually every employee’s browser, extensions are rarely monitored by security teams or controlled by IT, according to LayerX. Most extensions have access to sensitive data 99% of enterprise users have at least one extension installed in…

Read more →

American car rental company Hertz has suffered a data breach linked to last year’s exploitation of Cleo zero-day vulnerabilities by a ransomware gang. The breach resulted in information of an unknown number of customers of Hertz and Hertz’s subsidiaries Dollar…

Read more →

PlexTrac launched PlexTrac for CTEM, expanding the platform’s capabilities with a proactive and continuous threat exposure management solution designed to help security teams centralize security data, prioritize risk based on business impact, and automate validation and remediation workflows. PlexTrac for…

Read more →

DataDome announced major advancements to its platform and partner ecosystem that put businesses back in control of how AI agents access and interact with their digital assets. These innovations come at a pivotal moment, as enterprises grapple with the rapid…

Read more →

Zyxel Networks announced its USG FLEX H series firewalls have been upgraded to combine both cloud and on-premises network security into a single seamless solution for small- and medium-sized businesses and managed service providers. Unlike most hybrid firewalls that treat…

Read more →

ConnectSecure announced its new Google Workspace Assessments. This new capability enhances ConnectSecure’s vulnerability platform by empowering MSPs to assess, detect, and mitigate risks within their clients’ Google Workspace environments. With this addition, ConnectSecure expands its cloud assessment capabilities beyond Microsoft…

Read more →

The Nagios Security Team has fixed three critical vulnerabilities affecting popular enterprise log management and analysis platform Nagios Log Server. About the flaws The vulnerabilities, discovered and reported by security researchers Seth Kraft and Alex Tisdale, include: 1. A stored…

Read more →

Seemplicity announced a major product release. This latest version of the Seemplicity Platform introduces powerful new AI-driven capabilities designed to streamline and scale remediation operations. Two major new features – called “Find the Fixer” and “Automatic Scoping” – reduce remediation…

Read more →