Tag: Help Net Security

PlainID introduced Policy Management for Agentic AI. Securing the future with a solution that brings identity-aware, policy-based access control to the next generation of AI systems. As organizations adopt AI and LLM-based systems, they are ingesting and processing vast amounts…

Read more →

Radiant Logic announced its new Identity Observability features as part of the RadiantOne platform. As identity remains the dominant attack vector for cybercriminals, the latest enhancements to the RadiantOne platform deliver real-time visibility and context into the entire Identity and…

Read more →

BalkanID has unveiled its self-service Identity Governance and Administration (IGA) Lite Platform, offering flexibility and transparent pricing. Consisting of three streamlined modules: User Access Reviews (UAR) Lite, IAM Risk Analyzer Lite, and Lifecycle Management Lite, BalkanID’s IGA Lite is the…

Read more →

A threat actor wielding the DragonForce ransomware has compromised an unnamed managed service provider (MSP) and pushed the malware onto its client organizations via SimpleHelp, a legitimate remote monitoring and management (RMM) tool. “Sophos MDR has medium confidence the threat…

Read more →

LogicGate is elevating its Risk Cloud platform with a new Operational Risk Management (ORM) Solution designed to allow organizations to prioritize risks based on process criticality and financial impact. By helping minimize operational disruptions, such as failed internal processes, inadequate…

Read more →

Across the enterprise, artificial intelligence has crept into core functions – not through massive digital transformation programs, but through quiet, incremental adoption. Legal departments are summarizing contracts. HR is rewording sensitive employee communications. Compliance teams are experimenting with due diligence…

Read more →

Phishing has become the go-to method for attackers looking to get past security controls and access sensitive environments in Europe, according to Netskope. Users are now constantly dealing with phishing attempts, which have become so common and credible that even…

Read more →

Woodpecker is an open-source tool that automates red teaming, making advanced security testing easier and more accessible. It helps teams find and fix security weaknesses in AI systems, Kubernetes environments, and APIs before attackers can exploit them. Key features of…

Read more →

This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Vuls: Open-source agentless vulnerability scanner Vuls is an open-source tool that helps users find and manage security vulnerabilities. It was created to…

Read more →

The Dutch intelligence and security services have identified a new Russia-affiliated threat group that has been breaching government organizations and commercial entities in Europe and North America, and they dubbed it Laundry Bear. “Compared to some other Russian threat actors…

Read more →

A new MCP server, faster than any other on the market, is launching today from groundcover, the eBPF-driven observability platform. Developers can now enhance their AI-driven workflows with deep system context, powered by groundcover’s granular access to logs, metrics, and…

Read more →

Vulnerabilities in open source software developed and used in-house by NASA could be exploited to breach their systems, claims Leon Juranić, security researcher and founder of cybersecurity startup ThreatLeap. The vulnerabilities Juranić, whose AppSec credentials include founding and leading DefenseCode,…

Read more →

In this Help Net Security interview, Michael Metzler, Vice President Horizontal Management Cybersecurity for Digital Industries at Siemens, discusses the cybersecurity implications of deploying AI agents in industrial environments. He talks about the risks that come with AI agents making…

Read more →

Enterprises typically “modernize” access patterns for an application by enabling industry standard protocols like OIDC or SAML to provide single sign-on (SSO) for legacy apps via a cloud identity provider (IDP). That’s a major step towards better user experience, improved…

Read more →

Security teams can no longer afford to treat third-party security as a compliance checkbox, according to SecurityScorecard. Traditional vendor risk assessments, conducted annually or quarterly, are too slow to detect active threats. 35.5% of all breaches in 2024 were third-party…

Read more →

Is the remote IT worker you recently hired really who he says he is? Fake IT workers are slipping into companies around the world, gaining access to sensitive data. Recently, more of these schemes have been linked to North Korea.…

Read more →

Application Security Engineer, SDO AppSec Amazon | EMEA | Hybrid – View job details As an Application Security Engineer, SDO AppSec, you will be responsible for creating, updating, and maintaining threat models across a diverse range of software projects. Part…

Read more →

A wave of layoffs has swept through the tech industry, leaving IT teams in a rush to revoke all access those employees may have had. Additionally, 54% of tech hiring managers say their companies are likely to conduct layoffs within…

Read more →

LlamaFirewall is a system-level security framework for LLM-powered applications, built with a modular design to support layered, adaptive defense. It is designed to mitigate a wide spectrum of AI agent security risks including jailbreaking and indirect prompt injection, goal hijacking,…

Read more →

NIST has introduced a new way to estimate which software vulnerabilities have likely been exploited, and it’s calling on the cybersecurity community to help improve and validate the method. The new metric, “Likely Exploited Vulnerabilities” (LEV), aims to close a…

Read more →