Tag: Help Net Security

Deepwatch announced new service offerings and advances to the Deepwatch SecOps Platform to speed the detection and containment of threats across the enterprise. The launch of Deepwatch MXDR for Identity provides extended detection and response to evolving identity-based threats; Deepwatch…

Read more →

Logpoint has released a ChatGPT integration for Logpoint SOAR in a lab setting. It allows the users to experiment with the potential of the AI-driven chatbot and discover how the technology could apply in cybersecurity operations. “We’re excited to enable…

Read more →

According to the latest data, the number of ESXiArgs ransomware victims has surpassed 3,800, and CISA has published a recovery script for victim organizations. Fixing the mess The attacks started late last week and are still ongoing. Investigations point to…

Read more →

As 2023 goals become solidified, companies need to decide how they are prioritizing cybersecurity. It’s time to focus on what organizations can prioritize. In this Help Net Security video, Kevin Garrett, Senior Solutions Engineer at Censys, recommends three critical elements…

Read more →

Cisco customers can now access new risk-based capabilities across Cisco’s security portfolio to better protect hybrid work and multi-cloud environments. These advancements demonstrate progress towards realizing the full vision of the Cisco Security Cloud which will protect the integrity of…

Read more →

Everbridge has introduced a new AI-powered situational awareness tool enabling incident commanders and resolvers to gain deep visibility into IT service disruptions. Available as part of Everbridge’s Digital Operations solutions bundle, DigitalOps Insights powered by xMatters provides Operations/IT​, NOC/SOC​, Service…

Read more →

Neustar Security Services is launching UltraPlatform, a solution that leverages three Neustar Security Services’ offerings critical to protecting organizations’ online assets and infrastructure: an authoritative domain name system (DNS) service, protection against distributed denial-of-service (DDoS) attacks and a web application…

Read more →

Digital identities are rapidly becoming more widely used as organizations’ and governments’ digital transformation projects mature and users demand more remote accessibility for everything, from creating a bank account to applying for government services, according to iProov. To support this…

Read more →

If there’s one thing people will remember about AI advances in 2022, it’ll be the advent of sophisticated generative models: DALL.E 2, Stable Diffusion, Midjourney, ChatGPT. They all made headlines – and they will change the way we work and…

Read more →

Too many online store administrators are storing private backups in public folders and exposing database passwords, secret API keys, administrator URLs and customer data to attackers who know where to look. “Exposed secrets have been used to gain control of…

Read more →

Flawed encryption logic used in Cl0p (Clop) ransomware’s Linux (ELF) variant has allowed SentinelOne researchers to create and release a free decryptor. “The [Cl0p] Windows variant encrypts the generated RC4 key responsible for the file encryption using the asymmetric algorithm…

Read more →

Starting in April 2023, Amazon S3 will change the default security configuration for all new S3 buckets. For new buckets created after this date, S3 Block Public Access will be enabled, and S3 access control lists (ACLs) will be disabled.…

Read more →

Fortinet has released FortiSP5, the latest breakthrough in ASIC technology from Fortinet to propel major leaps forward in securing distributed network edges. Building on over 20 years of ASIC investment and innovation from Fortinet, FortiSP5 delivers secure computing power advantages…

Read more →

OPSWAT unveiled MetaDefender Kiosk K2100, a new, ultra-rugged mobile kiosk designed to keep critical networks secure in even the harshest conditions. “OPSWAT has a deep understanding of the challenges OT security teams face,” said Sid Snitkin, VP, Cybersecurity Services at…

Read more →

Cequence Security has enhanced the testing capabilities within its Unified API Protection Platform with the availability of API Security Testing. This API Security Testing framework encourages shift-left efforts by giving security and development teams the tools to quickly uncover and…

Read more →

51% of IT professionals predict that we are less than a year away from a successful cyberattack being credited to ChatGPT, and 71% believe that foreign states are likely to already be using the technology for malicious purposes against other…

Read more →

All businesses seek profitable growth. The issue is that growth adds complexity. Organizations need new systems and more employees to support this larger footprint, thus expanding the number of potential points of failure. This means more financial and reputation risks…

Read more →

Tensions between two of the biggest producers of connected (IoT) devices are coming to a head, and will be changing the IoT landscape in 2023. In recent months, India and China have faced off over their disputed border in the…

Read more →

In this Help Net Security video, Christopher Hodson, CSO at Cyberhaven, talks about how CISOs have been investing in inflating their tech stack, but for what? No amount of acronyms will do any good if stuff is leaking from within.…

Read more →

Nozomi Networks and Industrial Defender have unveiled a strategic partnership to enhance the security of critical infrastructure and manufacturing facilities. The companies’ joint solution combines asset visibility and threat detection capabilities from Nozomi Networks with change and configuration monitoring from…

Read more →

U2opia licensed two technologies from the Department of Energy’s Oak Ridge National Laboratory that offer a new method for advanced cybersecurity monitoring in real time. “Identifying and quickly responding to attempted cybersecurity attacks is an urgent need across government and…

Read more →

Late last week, unknown attackers launched a widespread ransomware attack hitting VMware ESXi hypervisors via CVE-2021-21974, an easily exploitable vulnerability that allows them to run exploit code remotely, without prior authentication. Patches for CVE-2021-21974, a vulnerability in ESXi’s OpenSLP service,…

Read more →

Government agencies keep making new privacy rules while end users fall victim to malpractice and scams. Bill Tolson, VP of Compliance and eDiscovery at Archive360, has spent many years consulting with regulators and advising businesses on concrete steps to enhance…

Read more →

Everyone wants extraordinary online experiences without sacrificing the security of their personal information. Yet according to Ping Identity’s 2022 Consumer Survey, 77% of people feel they will never be in full control of their privacy online and still blindly accept…

Read more →

Although ransomware campaigns declined quarter over quarter in 2022, primarily due to the collapse of more experienced cybercriminal groups, IT leaders still consider them to be the most worrying cyber threats. “Aside from ransomware and the hybrid work model, in…

Read more →

Splashtop launched Splashtop Antivirus powered by Bitdefender, enabling MSPs and IT teams to protect their endpoints against threats with the benefit of a centralized management experience. The latest offering elevates Splashtop’s commitment to protecting users on multiple fronts, from securing…

Read more →

Resecurity has identified a new version of Nevada Ransomware which recently emerged on the Dark Web right before the start of 2023. The actors behind this new project have an affiliate platform first introduced on the RAMP underground community, which…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Mounting cybersecurity pressure is creating headaches in railway boardrooms In this Help Net Security interview, Dimitri van Zantvliet is the Cybersecurity Director/CISO of Dutch Railways,…

Read more →

Gigamon announced that Chaim Mazal has been named Chief Security Officer (CSO), joining the Gigamon executive leadership team and will report directly to President and CEO Shane Buckley. Mr. Mazal will be responsible for global security, information technology, network operations,…

Read more →

ExtraHop partners with Binary Defense to offer Reveal(x) 360, ExtraHop’s SaaS-based network detection and response (NDR) solution, as a managed service. As threats rapidly evolve, cybersecurity teams are finding themselves more strapped for resources than ever before, with shrinking budgets…

Read more →

MITRE released the Cyber Resiliency Engineering Framework (CREF) Navigator — a free, visualization tool that allows organizations to customize their cyber resiliency goals, objectives, techniques, as aligned with NIST SP 800-160, Volume 2 (Rev. 1), National Institute of Standards and…

Read more →

Deepwatch and Trace3 announced Trace3 Managed Detection and Response (MDR) Services powered by Deepwatch. Together, Deepwatch and Trace3 will deliver end-to-end solutions that enable clients to keep pace with the dynamic cyber threat landscape and deliver exceptional service and security…

Read more →

Drata has launched Audit Hub, a new tool to amplify customer-auditor collaboration and real-time audit correspondence. Integrating feedback directly from its Auditor Alliance, Drata designed Audit Hub to centralize key communication and audit needs in its own platform to further…

Read more →

Australian software maker Atlassian has released patches for CVE-2023-22501, a critical authentication vulnerability in Jira Service Management Server and Data Center, and is urging users to upgrade quickly. “Installing a fixed version of Jira Service Management is the recommended way…

Read more →

How far is too far for a hacker? Earlier this year the Lockbit ransomware-as-a-service organization apologized and provided a free decryptor following a ransomware attack on a children’s hospital in Toronto—blaming a “rogue affiliate” for going against the rules and…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Arkose Labs, Hornetsecurity, HYCU, KELA, and Trulioo. Hornetsecurity unveils two tools to counter rise in phishing attacks and malicious links Hornetsecurity launched two new tools…

Read more →

83% of organizations experienced more than one data breach in 2022. However, 97% of respondents feel confident that they are well-equipped with the tools and processes needed to prevent and identify intrusions or breaches, according to Exabeam. “The findings indicate…

Read more →

Enterprises have a limited number of analysts running their security operations centers (SOCs) and are deploying multiple tools in an attempt to address their cloud security challenges, according to ManageEngine. According to Gartner, 85% of organizations will embrace cloud-first strategies…

Read more →

Pixalate has released new iCloud Private Relay (iCPR) IVT detection features in the Pixalate Analytics dashboard to help clients measure their exposure to iCPR traffic. Pixalate found 21% of US mobile and desktop Safari traffic in Q4 2022 was associated…

Read more →

Keepit has launched its backup and recovery solution for Power BI. With the release of Keepit for Power BI, Keepit is extending its data protection service for Microsoft’s cloud solutions. Power BI is the first of the Microsoft Power Platform…

Read more →

HYCU unveiled R-Cloud to allow Software as a Service (SaaS) companies and Independent Software Vendors (ISVs) to provide, in days, backup and recovery services for their SaaS offerings. R-Cloud is a low-code, purpose-built data protection development platform specifically designed to…

Read more →

Netwrix has released new multi-tenant, software-as-a-service (SaaS) auditing solution Netwrix 1Secure designed to meet the needs of MSPs. Its cloud architecture helps MSPs ensure the security and compliance of their clients’ systems and data from a single console. Netwrix 1Secure…

Read more →

Wasabi Technologies has introduced Wasabi Surveillance Cloud, a solution that enables organizations to offload video surveillance footage from their local storage environment directly to the cloud without ever running out of capacity. This ‘bottomless’ approach to video storage is vital…

Read more →

Gem Security has emerged from stealth, launching its Cloud TDIR (Threat Detection, Investigation and Response) platform and announcing $11 million in seed funding led by Team8. The adoption of cloud infrastructure is increasing and diversifying the attack surface for organizations.…

Read more →

Radiant Logic and Brainwave GRC address a broad set of identity use cases, and the acquisition accelerates the companies’ shared vision of an Identity Data Fabric that uses the science of data to ensure the right information is in place…

Read more →

NTT has added Palo Alto Networks Prisma SASE to its Managed Campus Networks portfolio. The new offering is a managed Secure Access Service Edge (SASE) solution that includes SD-WAN, cloud-delivered security, and enhanced automation and reporting. The end-to-end solution is…

Read more →

Tanium has appointed Dan Streetman to the role of CEO. Orion Hindawi, who is the co-founder and current CEO of Tanium, will assume the role of executive chairman. In this new role, Orion will continue to drive the strategic vision…

Read more →

Help Net Security is attending the Cybertech Tel Aviv 2023 conference and exhibition, which gathers cybersecurity experts, businesses and startups from around the world. Here are a few photos from the event, featured vendors include: DarkOwl, ThriveDX, Minerva Labs, Astrix…

Read more →

When it comes to attacks against application programming interfaces (APIs), the building blocks that provide access to many of our applications, the OWASP API Top Ten is seen as definitive – and rightly so. Compiled in 2019 based on a…

Read more →

98 percent of organizations have vendor relationships with at least one third-party that has experienced a breach in the last two years, according to SecurityScorecard and The Cyentia Institute. The study also found that 50 percent of organizations have indirect…

Read more →

71% of business executives worry about accidental internal staff error as one of the top threats facing their companies, almost on par with concern about outside attackers (75%), according to EisnerAmper. An additional 23% said they worry about malicious intent…

Read more →

Companies are challenged with more complex hybrid IT environments. They are raising budgets to fend off cyberattacks and keep up as production environments continue to diversify across various clouds, according to Veeam Software. While organizations of all sizes now embrace…

Read more →

InterVision has launched new offerings: Managed Cloud Services (MCS) for AWS and Azure cloud environments and Penetration Testing as a Service (PTaaS) powered by RedSpy365. Both services offer enhanced and expanded cybersecurity designed to address current business and resilience concerns.…

Read more →

Hornetsecurity launched two new tools – the QR Code Analyzer and Secure Links – to combat growing cyber threats. These launches come in response to a rise in fake QR codes and the ongoing threat of phishing, which represents 40%…

Read more →

Neustar Security Services has introduced UltraDDR (DNS Detection and Response), a recursive DNS-based protection service aimed at combatting network breaches, ransomware attacks, phishing and supply chain compromise, while enforcing enterprise acceptable use policies for its users. UltraDDR provides a Protective…

Read more →

Certa’s workflow automation services, combined with Sayari’s integrated business intelligence and ownership data, enable a solution for enterprise businesses to onboard, assess risk, and monitor third parties through the duration of their lifecycle. Certa’s no-code capabilities allow users to dynamically…

Read more →

Zscaler has unveiled Zscaler Resilience, incorporating a new set of capabilities that extend the resilience of Zscaler’s architecture and operations and maintain interconnections between users and devices to critical cloud-based applications. Building upon 15 years of SaaS security, these SSE…

Read more →

Sentra has completed a $30 million Series A funding round led by Standard Investments with participation from Munich Re Ventures (MRV), Moore Strategic Ventures, Xerox Ventures and INT3 as well as existing investors Bessemer Venture Partners and Zeev Ventures. The…

Read more →

Dremio and Privacera have unveiled their latest integration, expanding advanced data governance and security capabilities for customers building modern data applications on top of data lakehouses. As data lakehouses are gaining more popularity, it is increasingly important to manage and…

Read more →

SAP and Red Hat have expanded partnership to increase SAP’s use of and support for Red Hat Enterprise Linux. This collaboration aims to enhance intelligent business operations, support cloud transformation across industries and drive holistic IT innovation. Building on the…

Read more →

As CEO of RedSeal, Gregory Enriquez will lead RedSeal into its next phase of growth with on-premises and cloud network security for government agencies and enterprise companies. RedSeal’s technology gives security and management teams the most holistic understanding of their…

Read more →

Dragos has appointed Kurt Gaudette as VP of Global Threat Intelligence to lead the company’s team of adversary hunters, threat analysts, research engineers and analytic developers. After transitioning from the military, Gaudette served as part of the U.S. Department of…

Read more →

Cisco has released patches for a high-severity vulnerability (CVE-2023-20076) found in some of its industrial routers, gateways and enterprise wireless access points, which may allow attackers to insert malicious code that can’t be deleted by simply rebooting the device or…

Read more →

Help Net Security is in Israel this week for Cybertech Tel Aviv 2023, talking to the key players from the cybersecurity industry and businesses from a wide range of sectors, who gathered to exchange knowledge, to network, and learn about…

Read more →

Cybertech Tel Aviv 2023 is under way at the Tel Aviv Expo. The conference and exhibition gathers cybersecurity experts, businesses and startups from around the world, and Help Net Security is there to take it all in. Here are a…

Read more →

Anti-money laundering (AML) policies are getting stronger as countries crack down on any opportunity criminals might have to take advantage of services and resources to further their activity. The US has the Bank Secrecy Act, the Patriot Act, and Anti-Money…

Read more →

Involta has introduced Disaster Recovery as a Service (DRaaS+), a new, three-tiered model designed to deliver the right service level for securing essential business systems and data. DRaaS+ allows Involta clients to choose their experience from a low-touch, infrastructure delivery-only…

Read more →

77% of CIOs say their role has been elevated due to the state of the economy and they expect this visibility within the organization to continue, according to Foundry. “The CIO role is constantly evolving, and economic conditions have put…

Read more →

IT departments continue to face immense pressure to get vulnerability and patch management right as threat actors use new and old methods to exploit network endpoints. But are we ready for what’s next? As vulnerabilities continue to increase, what strategies…

Read more →

ThreatSpike Red helps organisations of all sizes to close the cybersecurity gap by providing continuous unlimited testing and scanning of applications and websites to identify vulnerabilities. The new managed service is giving customers full visibility over cost, and makes advanced…

Read more →

OTAVA launched Security as a Service (SECaaS) for businesses that need external resources or added expertise to maintain a comprehensive cybersecurity practice. OTAVA’s purpose-built Security as a Service solutions cut through the noise of automated alerting and protect against all…

Read more →

Trulioo continues to evolve its identity verification capabilities by combining a full suite of global person and business verification solutions with no-code workflow building, low-code integrations and more, all in one platform. With one contract Trulioo customers can access personally…

Read more →

GroupSense’s VIP Monitoring service assesses and monitors high-profile individuals, executive identities, and their extended personal networks to detect exposure and threats, helping to prevent identity theft, fraud, ransomware and other cyber-attacks. Most enterprises use DRPS to protect their brand; however,…

Read more →

Rising threats to vehicles and industrial operational technology (OT) have led a growing number of enterprises worldwide to invest in advanced technologies and services to better secure their assets, according to an ISG research report. The report finds that cybersecurity…

Read more →

BOXX Insurance has unveiled a US$14.4 million Series B funding round, bringing the total amount raised from investors to US$24.5 million in the last 16 months. The latest investment was led by Zurich Insurance Company (Zurich). BOXX also unveiled that…

Read more →

Red Hat and Oracle have unveiled a multi-stage alliance to offer customers a greater choice of operating systems to run on Oracle Cloud Infrastructure (OCI). The strategic collaboration starts with Red Hat Enterprise Linux running on OCI as a supported…

Read more →

Malicious third-party OAuth apps with an evident “Publisher identity verified” badge have been used by unknown attackers to target organizations in the UK and Ireland, Microsoft has shared. The attacks were first spotted by Proofpoint researchers in early December 2022,…

Read more →

QNAP Systems has fixed a critical vulnerability (CVE-2022-27596) affecting QNAP network-attached storage (NAS) devices, which could be exploited by remote attackers to inject malicious code into a vulnerable system. Luckily for QNAP NAS owners, there’s no mention of it being…

Read more →

49% of organizations have sufficient budget to fully meet their current cybersecurity needs, and 11% can, at best, protect only their most critical assets, according to a survey by the Neustar International Security Council. Despite the rapidly changing threat landscape,…

Read more →

In this Help Net Security video, Kurtis Minder, CEO of GroupSense, discusses President Biden’s National Cybersecurity Strategy, designed to take the nation’s cybersecurity posture to the next level. While the strategy promises to make it much easier for government agencies…

Read more →

New solution brings together full stack of CA-agnostic certificate lifecycle management, PKI services and tightly integrated public trust issuance. We rarely consciously think about the fact that, in this Information Age, many aspects of our private and work lives are…

Read more →

Utility infrastructure is in dire need of modernization. In many parts of the world, the infrastructure delivering power and water to consumers is not ready to withstand natural disasters and rising energy demands. Integrating real-time data analytics into the decision-making…

Read more →

ShardSecure has forged a strategic technology alliance with Entrust to provide cloud data protection to a growing market of enterprise companies and medium-sized businesses. The ShardSecure-Entrust partnership, part of the Entrust Ready Technology Partner Program, ensures that data in cloud…

Read more →

A Zero Trust Networking Access (ZTNA) security posture is quickly becoming an industry standard worldwide. More than 85% of organizations across the globe have allocated a moderate or, in some cases, a significant year-over-year increase in budget for Zero Trust…

Read more →

KELA launched a new and consolidated cyber intelligence platform, consisting of a new intuitive user interface and four complementary modules: Threat Landscape, Monitor, Hunt, and Tactical Intelligence. The platform provides real, actionable intelligence to support various security teams across an…

Read more →

The expansion of potential cyber threats has increased due to the integration of connected devices, the Internet of Things (IoT), and the convergence of IT and OT in railway operations. In this Help Net Security interview, Dimitri van Zantvliet is…

Read more →

ESET researchers have discovered yet another wiper malware used to target Ukrainian organizations. Dubbed SwiftSlicer, it is thought to be wielded by the Sandworm APT. Simultaneously, the Ukranian CERT has confirmed that the attackers who recently aimed to disrupting the…

Read more →

Critical vulnerabilities discovered in OpenEMR can be chained to gain code execution on a server running a vulnerable version of the popular open-source electronic health record system. Discovered, privately reported and now publicly documented by researcher Dennis Brinkrolf, the vulnerabilities…

Read more →

Arkose Labs has launched a new SMS Toll Fraud online ROI calculator that enables CISOs to estimate the cost savings associated with stopping SMS Toll Fraud, a serious operational and financial threat to enterprises. SMS Toll Fraud, also known as…

Read more →

Insider threats are a top concern at organizations of all kinds; only 3% of respondents surveyed are not concerned with insider risk, according to Gurucul. With responses from more than 325 cybersecurity professionals, the report explores the latest trends and…

Read more →

SynSaber recently released its second Industrial Control Systems (ICS) Vulnerabilities & CVEs Report. In this Help Net Security video, Ronnie Fabela, CTO at SynSaber, talks about the key findings: For the CVEs reported in the second half of 2022, 35%…

Read more →

The expansion of potential cyber threats has increased due to the integration of connected devices, the Internet of Things (IoT), and the convergence of IT and OT in railway operations. In this Help Net Security interview, Dimitri van Zantvliet is…

Read more →

It is the immediate natural reaction of most organizations to cut costs during an economic downturn. But the economy will return and cutting back too far can be damaging in the long term. Complex situations such as a global recession…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: BSidesZG 2023: Strengthening the infosec community in Croatia’s capital In March 2023, Zagreb will be added to the (already long) list of cities where information…

Read more →

Mirantis has acquired Shipa to add automated application discovery, operations, security, and observability to the Lens Kubernetes Platform. Lens helps eliminate Kubernetes complexity – accelerating mainstream developer adoption – and empowers users to easily manage, develop, debug, monitor, and troubleshoot…

Read more →

OneSpan has agreed to acquire ProvenDB to provide a trust model for high assurance contracts and documents. ProvenDB will extend the capabilities of OneSpan’s Transaction Cloud Platform to both public and private blockchains and serve as a modern technological foundation…

Read more →

Ransomware has lately been the primary method of monetization for threat actors. Still, research has revealed a slight decrease in ransomware attacks and ransomware payments this past year, suggesting cybercriminals are evolving their strategies. Threat actors have been leveraging more…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Perimeter 81, SpyCloud, ThreatConnect, Venafi, and Wallarm. SpyCloud Compass identifies infected devices accessing critical workforce apps SpyCloud Compass enables organizations to reduce their risk of…

Read more →

Enterprises are going all-in on cloud storage, with average stored capacity in the public cloud expected to reach 43% of their total storage footprint by 2024, and the vast majority (84%) are increasing their budgets to make that a reality,…

Read more →

80% of organizations increased their use of open source software over the last 12 months, according to Perforce Software and the Open Source Initiative. Four out of five companies rely on OSS for a wide range of business-critical applications including…

Read more →