Tag: Help Net Security

40% of senior cybersecurity decision makers effectively prioritize risks to Payment Card Industry Data Security Standard (PCI DSS) 4.0 compliance, according to Titania. The study highlights that oil and gas, telecommunications, and banking and financial services organizations are prime targets…

Read more →

Organizations follow a reactive approach to cybersecurity which is stifling their progress in demonstrating value and aligning with business outcomes, according to WithSecure. 83% of respondents surveyed in the study were interested in, planning to adopt, or expanding their adoption…

Read more →

Workspot has launched Workspot Global Desktop, a capability that creates a way for enterprises to deliver end-user computing with the ultimate availability. Through a multi-cloud (private and public) and multi-region approach, the company provides enterprises with a Cloud PC that…

Read more →

The new McAfee+ product suite, launched in Italy, allows users access to identity restoration and lost wallet assistance, as well as the ability to secure all their devices with award-winning protection against threats and viruses. As part of the new…

Read more →

AuthenticID has revealed the launch of its identity document liveness detector. This feature enhancement validates the actual, physical presence of identity documents when used as part of the identity verification process. AuthenticID’s identity document liveness detector utilizes advanced AI and…

Read more →

LastPass has expanded availability of its Security Dashboard and associated dark web monitoring and alerting, making it the only password manager providing proactive credential monitoring for all customers, including those using the product for free. The Security Dashboard is the…

Read more →

In a tightening economic market, addressing enterprise performance can help organizations better weather challenges by reducing costs, creating efficiencies, and coming in on schedule while improving overall quality. ISACA’s Capability Maturity Model Integration, or CMMI, has been doing just that…

Read more →

An unbranded ransomware strain that recently hit a US-based company is being deployed by attackers who are misusing a tool included in a commercial security product, Check Point researchers have found. The solution in question is Palo Alto Networks’ Cortex…

Read more →

Google Play will be pushing Android app developers to allow users to delete their account and associated data from within the app. Users will also be given the option to only delete data where applicable, as some data needs to…

Read more →

Resecurity has recently identified the STYX Innovation Marketplace, a new cybercriminal e-commerce platform with a specialized focus on financial fraud and money laundering. STYX launched at the beginning of 2023. This platform is specifically designed to facilitate financial crime, providing…

Read more →

To help customers stay ahead of the emerging cybersecurity threats, fulfill regulatory and compliance requirements, and implement intelligent automation to accelerate internal processes and reduce operational costs, ImmuniWeb has unveiled many updates. ImmuniWeb AI platform: New CI/CD and DevSecOps integrations…

Read more →

Organizations globally are under tremendous pressure to address evolving threats like ransomware, zero-day vulnerabilities, and espionage, and they face challenges in extending security coverage across multiple environments and dealing with an ongoing skills shortage, according to Bitdefender. “The results of…

Read more →

Researchers at the University of Surrey have developed software that can assess the amount of data that an artificial intelligence (AI) system has acquired from a digital database of an organization, in response to the increasing global interest in generative…

Read more →

Despite the decline in network-detected malware in Q4 2022, endpoint ransomware spiked by 627%, while malware associated with phishing campaigns persisted as a threat, according to WatchGuard. Malware going undetected Despite seeing an overall decline in malware, further analysis from…

Read more →

The impact of identity fraud varies for organizations in the financial services industry, based on whether they belong to the banking or FinTech sector, according to Regula. Specifically, every fourth bank reported experiencing over 100 identity fraud incidents in the…

Read more →

Synopsys has launched the Fast Application Security Testing (fAST) offerings that represent the latest capabilities and features of the Polaris Software Integrity Platform. Synopsys fAST Static and Synopsys fAST SCA enable DevOps teams to quickly find and fix vulnerabilities in…

Read more →

Industrial Defender has unveiled the launch of Phoenix, an OT security solution tailored to the needs of SMBs. Phoenix is revolutionizing how smaller industrial organizations approach OT security by providing visibility into all their OT assets and their associated cyber…

Read more →

Stamus Networks released its latest software release, Update 39 (U39). The new release represents a significant enhancement to the company’s flagship Stamus Security Platform (SSP), arming enterprise cybersecurity defenders with improved visibility while reducing the time it takes to respond…

Read more →

1Kosmos has unveiled the integration of 1Kosmos BlockID with ForgeRock Access Manager which enables customers to modernize the onboarding experience for users and implement identity-based passwordless authentication on all ForgeRock protected applications with the click of a mouse. ForgeRock customers…

Read more →

Fortinet has expanded the Fortinet Security Fabric with new and enhanced products and capabilities to enable advanced threat prevention and coordinated response for a self-defending ecosystem across networks, endpoints, and clouds. The majority of organizations are pursuing a consolidation strategy…

Read more →

Attackers are exploiting the good reputation and “openness” of the popular public JavaScript software registry NPM to deliver malware and scams, but are also simultaneously and inadvertently launching DoS attacks against the service. Malicious package on NPM pointing to a…

Read more →

In Malwarebytes’ most recent report on the current state of malware, the company has identified several high-profile cyber threats that organizations should be on the lookout for in 2023. The 5 most important cyber threats LockBit, an affiliate-based ransomware variant,…

Read more →

During this Help Net Security interview, Nicole Hofmann, CEO at Sentryc, delves into the critical issue of counterfeiting and the detrimental impact it has on industries and brands. Hofmann sheds light on the modus operandi of counterfeiters, who operate with…

Read more →

Many sectors view AI and machine learning with mixed emotions, but for the cybersecurity industry, they present a double-edged sword. On the one hand, AI provides powerful tools for cybersecurity professionals, such as automated security processing and threat detection. On…

Read more →

Akamai introduced an updated managed security service program and premium service offerings. The new capabilities are intended to help customers protect their businesses 24×7 from the most sophisticated attacks with proactive monitoring and rapid response in the event of a…

Read more →

F5 has unveiled new security capabilities to give customers comprehensive protection and control in managing apps and APIs across on-premises, cloud, and edge locations. Specifically, new machine learning enhancements provide F5’s cloud security portfolio with advanced API endpoint discovery, anomaly…

Read more →

Managing insider risk is becoming increasingly difficult. In fact, insider risk is emerging as one of the most challenging threats to detect, mitigate and manage, according to Code42. Although more than 72% of companies indicate they have an Insider Risk…

Read more →

Insecure authentication is a primary cause of cyber breaches, and that cumbersome login methods take an unacceptable toll on employees and business productivity, according to HYPR. Respondents indicate that a passwordless approach would increase productivity (45%), improve user experience (86%),…

Read more →

IBM has unveiled new single frame and rack mount configurations of IBM z16 and IBM LinuxONE 4, expanding their capabilities to a broader range of data center environments. Based on IBM’s Telum processor, the new options are designed with sustainability…

Read more →

Trace3’s acquisition of Set Solutions is a continuation of the company’s strategic expansion plan. The investment allows the combined companies to deepen cybersecurity capabilities to drive success for commercial and enterprise clients. Set Solutions has a longstanding history of alleviating…

Read more →

Push Security has raised $15M in Series A funding. GV (Google Ventures) led the funding with participation from Decibel and notable angels, including Dug Song, former CEO at Duo Security, and Tray.io CEO Rich Waldron. GV General Partner Karim Faris…

Read more →

McAfee has announced a five-year partnership with Acer, to provide Acer customers with a single solution to protect their personal info, privacy, and devices. Beginning April 2023, McAfee LiveSafe will be pre-installed on consumer Acer laptops and desktops. With this…

Read more →

When Adobe released security updates for its ColdFusion application development platform last month, it noted that one of the vulnerabilities (CVE-2023-26360) had been exploited in the wild “in very limited attacks.” Were your servers among those hit? And what should…

Read more →

The Department of Justice (DoJ) declared the confiscation of digital currency valued at approximately $112 million connected to fraudulent cryptocurrency investments. Laundering money from cryptocurrency confidence scams According to court documents, the virtual currency accounts were allegedly used to launder…

Read more →

Obsidian Security released its latest suite of SaaS security solutions. This suite of solutions comprising Obsidian Compliance Posture Management, Obsidian Integration Risk Management, and Obsidian Extend will together enable security and GRC teams to increase their SaaS security and compliance…

Read more →

The rapid pace of cloud transformation and democratization of data has created a new innovation attack surface, leading to 3 in 4 organizations experiencing a cloud data breach in 2022, according to Laminar. 68% of data security professionals have identified…

Read more →

Using structured, machine-readable data in defensive systems can present a significant challenge. In this Help Net Security interview, Giorgos Georgopoulos, CEO at Elemendar, discusses these challenges and how Elemendar’s application can help cyber analysts and CISOs. Giorgos highlights the company’s…

Read more →

Breaking down the silos between disaster recovery (DR) and cybersecurity has become increasingly important to ensure maximum business resiliency against outages, data breaches, and ransomware attacks. Yet, many organizations still operate these functions separately, leading to slower response times, budgeting…

Read more →

Two vulnerabilities affecting various QNAP operating systems (CVE-2022-27597 and CVE-2022-27598) have been uncovered by Sternum. These vulnerabilities enable authenticated remote users to access secret values, requiring owners to take immediate action by updating their operating system(s). Finding CVE-2022-27597 and CVE-2022-27598…

Read more →

Guardz has launched its dedicated cybersecurity platform for MSPs and IT professionals that empowers MSPs to protect their clients with automated remediation plans, to improve their reporting for existing clients and better obtain new ones, and to cut operational and…

Read more →

For SMBs (and startups in particular), breaches can be devastating, according to DigitalOcean. To strengthen their cybersecurity posture, companies must spend valuable resources on maintaining or updating systems, hiring and training staff, and implementing security software — resources and options…

Read more →

Riskified has announced that Jeff Otto has joined the company as Chief Marketing Officer, effective immediately. Otto will be responsible for a global integrated marketing strategy that will amplify Riskified’s brand, strengthen its category leadership and accelerate demand for Riskified’s…

Read more →

Five days have passed since the supply chain attack targeting 3CX customers gained wider public attention, but the software’s manufacturer is yet to confirm how the Windows and macOS desktop apps (based on the Electron software framework) have been compromised…

Read more →

For a fourth consecutive quarter, LogRhythm releases new cybersecurity capabilities that makes it easier for security teams to reduce noise, prioritize work and quickly secure their environments. Analysts gain a simplified experience to focus on detecting, investigating, and responding to…

Read more →

We’ve been developing machine learning-based cybersecurity systems for many years and began developing automation for analysis in our labs in 2005. These early automation projects have since evolved into full-blown machine-learning frameworks. Since then, we’ve been waiting for our enemies…

Read more →

US-based data storage company Western Digital has announced that it has suffered a network security incident that resulted in an unauthorized third party gaining access to a number of the company’s systems and some company data. These are the most…

Read more →

Malwarebytes launched WorldBytes, a next-generation mobile security application that takes the malware scanning technologies that customers know and love and applies them to the first frontier of human evolution: real life interactions. Powered by Malwarebytes and AI technology, WorldBytes empowers…

Read more →

Recent travel meltdowns at Southwest Airlines and the FAA have exposed our dependence on fragile, outdated, or unreliable computer systems. Institutional failures have made updating airline technology even more challenging, with some legacy systems dating back to the 1970s. Airlines…

Read more →

Liran Haimovitch, CTO and co-founder of Rookout, with his extensive background in cybersecurity within the Israeli government, has a unique perspective on the importance of security and its impact on businesses. In this Help Net Security interview, we’ll explore how…

Read more →

In this Help Net Security video, Kevin Muller, CEO at Passbolt, delves into the critical concerns linked to password usage, outlines how the Passbolt password manager guarantees the utmost level of security for businesses, highlights its features in the competitive…

Read more →

Here’s a look at the most interesting products from the past month, featuring releases from: 1Password, Appdome, Atakama, BreachLock, Elevate Security, Fastly, Forescout, ForgeRock, GrammaTech, HackNotice, Hornetsecurity, HYPR, Kensington, LOKKER, ManageEngine, Nile, Palo Alto Networks, Persona, ReversingLabs, Tausight, Vectra, Veeam…

Read more →

Locating and identifying sensitive data, including defense-in-depth strategies where a series of mechanisms are layered to protect valuable information, should be a critical component of any cloud data security strategy, say experts at Aparavi. Data security refers to protecting digital…

Read more →

Although KEV catalog vulnerabilities are frequent targets of APT Groups, a large and exploitable attack surface remains due to software vendors’ lack of awareness and action, according to Rezilion. The Known Exploited Vulnerabilities (KEV) catalog, maintained by the Cybersecurity and…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Visa fraud expert outlines the many faces of payment ecosystem fraud In this Help Net Security interview, Michael Jabbara, the VP and Global Head of…

Read more →

CloudBees has unveiled the integration of CloudBees’ continuous delivery and release orchestration solution, CloudBees CD/RO, with Argo Rollouts. The integration will enhance customers’ ability to deliver software faster, with higher quality, and at scale in cloud-native environments. This latest integration…

Read more →

Zenoss has launched a free trial for monitoring Kubernetes, the de facto standard platform for running containers in production at scale, including in on-prem and cloud environments. This real-time monitoring of Kubernetes streaming data is another advancement of the Zenoss…

Read more →

Socura has launched its Managed SASE (Secure Access Service Edge) service in partnership with Palo Alto Networks‘ Prisma. Market industry researchers expect SASE to be a $60bn industry by 2027 fuelled by the rise of flexible working, which was enshrined…

Read more →

In this Help Net Security interview, Michal Cizek, CEO at GoodAccess, discusses the crucial balance between leveraging distributed resources and maintaining top-notch security measures. With the growing remote work trend, Cizek highlights the importance of implementing a zero-trust security model,…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from BreachLock, HackNotice, LOKKER, Nile, and Tausight. HackNotice Actions helps people to understand the extent of their data exposure HackNotice is offering additional tailored protection via…

Read more →

As IT infrastructure becomes more diverse, organizations face the challenge of integrating data management and control, according to Nutanix. The research showed that the majority of IT teams leverage more than one IT infrastructure, a trend that’s expected to intensify…

Read more →

Data backups get a lot of attention, but sadly, sometimes, the operational work that keeps networks secure – like device backups, upgrades, and configuration grooming – goes undone. Recent high-profile network outages have brought attention to the importance of not…

Read more →

Only 9% of organizations are taking an agile, holistic and mature approach to securing identities throughout their hybrid and multi-cloud environments, according to CyberArk. A critical path for cyber resilience The data-driven model identifies 9% of organizations as those with…

Read more →

ReasonLabs has launched a Dark Web Monitoring feature to its RAV Online Security solution, a web extension that provides real-time, 24/7 protection against a range of malicious online activity. The Dark Web Monitoring feature scans tens of thousands of combination…

Read more →

AttackIQ launched AttackIQ Ready!, a fully managed breach and attack simulation service that leverages years of advanced content and actionable reporting to improve organizations’ security posture and security program performance. The service was designed to simplify the execution of a…

Read more →

Intruder updates its cloud-based vulnerability management service, allowing organisations of all sizes to secure their APIs by automatically detecting vulnerabilities, gaps, security weaknesses, and misconfigurations that hackers can exploit. As more organisations build APIs to facilitate automation, attack surfaces are…

Read more →

OSC&R (Open Software Supply Chain Attack Reference) is an open framework for understanding and evaluating software supply chain security threats. It has received the endorsement of former U.S. NSA Director Admiral Mike Rogers, and is now available on GitHub. Spearheaded…

Read more →

Votiro has raised $11.5 million in a Series A funding round led by Harvest Lane Asset Management to accelerate its marketing and sales reach in North America. Votiro is revolutionizing file security and safety by expanding its disarming with enhanced…

Read more →

IBM and Wasabi Technologies are collaborating to drive data innovation across hybrid cloud environments. This collaboration aims to allow enterprises to run applications across any environment – on-premises, in the cloud or at the edge – and help enable users…

Read more →

Cynerio has formed a partnership with Sodexo to provide hospitals and healthcare systems with visibility into their IoMT footprint that allows for the immediate remediation of identified threats through step-by-step mitigation recommendations for each attack and risk. The Cynerio partnership…

Read more →

Certa, has unveiled its official partnership with ID-Pal. Using a blend of biometric, document, and database checks, ID-Pal’s solution will enable Certa customers to verify the identity of third-party contacts in real time, all seamlessly integrated and orchestrated into a…

Read more →

Attackers are exploiting a critical vulnerability (CVE-2022-47986) in the IBM Aspera Faspex centralized file transfer solution to breach organizations. About CVE-2022-47986 IBM Aspera Faspex is used by organizations to allow employees to quickly and securely exchange files with each other.…

Read more →

Suspected state-sponsored threat actors have trojanized the official Windows desktop app of the widely used 3CX softphone solution, a number of cybersecurity companies began warning on Wednesday. What is 3CX? 3CX is Voice over Internet Protocol (VoIP) private automatic branch…

Read more →

Organizations are leaving common attack paths exposed in their quest to combat emergent threats, according to Cymulate. The most concerning cyber threats The report delves into the efficacy of different security controls, the most concerning threats as tested by organizations…

Read more →

The release of a cybersecurity maturity assessment tool by the European Union Agency for Cybersecurity (ENISA) aims to provide Small and Medium Enterprises (SMEs) with a valuable resource for enhancing their security posture. As a significant driver for innovation and…

Read more →

In this Help Net Security interview, Tomasz Kowalski, CEO at Secfense emphasizes the significance of multi-factor authentication in the corporate landscape, highlights the use of microauthorizations to improve the security of protected applications, and much more. What is the importance…

Read more →

The journey towards digital transformation for organizations and governments has been fraught with difficulties, resulting in some users needing to catch up as more digital services are introduced. In this Help Net Security video, Jenn Markey, VP of Payments and…

Read more →

BreachLock has launched its API Penetration Testing Service, making API security testing more affordable compared to alternative pentesting providers. The company is best known for its human-led, AI-enabled Pen Testing as a Service (PTaaS) solution delivered via its client portal.…

Read more →

BigID announced native data privacy capabilities to automate and help fulfill California Privacy Rights Act (CPRA) requirements. The California Privacy Rights Act (CPRA) is an amendment to the California Consumer Privacy Act (CCPA) that went into effect on Jan 1,…

Read more →

LOKKER has released its LOKKER Web Privacy Risk Score, the assessment tool that provides businesses with a clear, numeric rating of their privacy risk across a global portfolio of websites, individual websites within that portfolio, and the individual web pages…

Read more →

H0lyGh0st, Magecart, and a slew of state-sponsored hacker groups are diversifying their tactics and shifting their focus to… you. That is, if you’re in charge of cybersecurity for a small-to-midsize enterprise (SME). Why? Bad actors know that SMEs typically have…

Read more →

As Europe’s enterprises return to normal following the COVID-19 pandemic’s impact, they are looking for innovative and cost-effective ways to combine mainframe dependability with the flexibility of the cloud, according to ISG. Mainframe modernization services market accelerates The report finds…

Read more →

QuSecure has unveiled that the company, in collaboration with Accenture, has accomplished the first successful multi-orbit data communications test secured with post-quantum cryptography (PQC), which refers to cryptographic methods that are secure against an attack by a quantum computer. This…

Read more →

Netskope has unveiled new integrations with Zoom Video Communications (Zoom) that connect Netskope’s Borderless SD-WAN and SaaS Security Posture Management (SSPM) with Zoom UCaaS to deliver connectivity and security solutions for effective user collaboration. Through these Netskope integrations, organizations using…

Read more →

NanoLock Security and ISTARI have formed a strategic collaboration to deliver NanoLock’s industrial product suite to ISTARI’s worldwide clients as part of their global strategy. The partnership will enable ISTARI’s clients, which include large enterprises in critical infrastructure sectors such…

Read more →

Versa Networks has named Dan Maier, a former executive from GreyNoise, Anomali and Zscaler, as its new Chief Marketing Officer. In his role as CMO, Mr. Maier will lead Versa’s global marketing organization, including market strategy and positioning, branding, public…

Read more →

Right-Hand Cybersecurity has unveiled its successful $5M Series A led by former PayPal executive Jack Selby and his firm AZ-VC. With the successful close of its Series A round, Right-Hand will expand its operations across the US and Asia-Pacific while…

Read more →

Spera has revealed $10 million in seed funding led by YL Ventures, with participation from notable security and go-to-market leaders, prominent angel investors and serial entrepreneurs from leading enterprises including Google, Palo Alto Networks, Akamai, Zendesk, Zscaler and others. Founded…

Read more →

Anomali and Canon IT Solutions have announced the availability of the Canon IT Solutions “Threat Intelligence Platform,” a security operations service that operationalizes threat intelligence to better detect and respond to attacks. Utilizing Anomali ThreatStream, the service provides small and…

Read more →

Microsoft has unveiled Security Copilot, an AI-powered analysis tool that aims to simplify, augment and accelerate security operations (SecOps) professionals’ work. Using Microsoft Security Copilot Security Copilot takes the form of a prompt bar through which security operation center (SOC)…

Read more →

In an economic climate putting immense pressure on business leaders to prove ROI and team efficiency – a new report from Immersive Labs looks into the lack of confidence cyber leaders have in their team’s preparation and abilities to combat…

Read more →

In this Help Net Security interview, Michael Jabbara, the VP and Global Head of Fraud Services at Visa, delves into digital skimming attacks, highlighting their common causes, and provides insights into what measures merchants can take to prevent them. He…

Read more →

A New York law firm has agreed to pay $200,000 in penalties to the state because it failed to protect the private and electronic health information of approximately 114,000 patients. How did the data theft happen? Heidell, Pittoni, Murphy and…

Read more →

Microsoft has introduced Microsoft Incident Response Retainer, allowing customers to pre-pay and count on help from Microsoft incident responders before, during and after a cybersecurity crisis. Cybersecurity challenges faced by organizations Organizations are facing numerous cyber attacks that can negatively…

Read more →

IT professionals are frustrated due to the rise in network update velocity and tech stack sprawl, lack of support from leadership, and disagreements and concerns about the approach to resolving network issues, according to BackBox. Network and security device updates…

Read more →

HackNotice is offering additional tailored protection via its new service, HackNotice Actions. Further empowering employees, HackNotice Actions reaches out to any company where a person’s PII or other data has been compromised, and asks for a full report on or…

Read more →

Protegrity has launched the Protegrity Borderless Data Solution to enable easy, secure and compliant cross-border data flows for large global enterprises. The new solution brings together a suite of data security tools designed to help the world’s largest banks, retailers…

Read more →

NTT has launched its Managed Detection and Response (MDR) security service to help companies achieve business performance objectives through improved cyber resilience. The cloud-native, analytics-driven offering combines human and machine expertise with leading technologies and threat intelligence to reduce the…

Read more →

Netwrix has released new versions for five products since September 2022 and launched a new SaaS-based auditing solution tailored for MSPs. Netwrix keeps enhancing its portfolio to help identify, protect, detect, respond, and recover from cyber threats aimed at any…

Read more →

Signifyd has achieved Platinum Partner status in the Adobe Technology Partner Program for Experience Cloud, making it fraud protection solution in the tier to offer complete and guaranteed chargeback protection to brands leveraging Adobe’s suite of commerce solutions. Signifyd’s ascent…

Read more →

Endace and Niagara Networks announced a partnership that combines Endace’s scalable, always-on packet capture with Niagara Networks’ complete visibility solutions. The combination of the two technologies gives NetOps and SecOps teams the confidence to investigate and resolve even the most…

Read more →