Tag: Help Net Security

Symbiotic Security launched Symbiotic Security version 1 that ensures code security keeps pace with development speed, by using AI to secure code in real-time through remediation and training integrated within their workflows. Symbiotic Security v1 empowers developers to write secure…

Read more →

Ebryx launched LLMSec — a suite of specialized security services designed to protect Large Language Models (LLMs) and autonomous AI agents in production environments. The new risk landscape for AI builders From OpenAI-based copilots to autonomous agents built with LangChain…

Read more →

In this Help Net Security interview, Jason Lord, CTO at AutoRABIT, discusses the cybersecurity risks posed by AI agents integrated into real-world systems. Issues like hallucinations, prompt injections, and embedded biases can turn these systems into vulnerable targets. Lord calls…

Read more →

In this Help Net Security video, Alexis Ober, Threat Intel Analyst at Fortra, discusses the threat actor group PlugValley, which is now offering AI-powered vishing-as-a-service. Rather than requiring technical skills or large budgets, PlugValley’s service lets any cybercriminal launch vishing…

Read more →

Microsoft reported a record 1,360 vulnerabilities in 2024, according to the latest BeyondTrust Microsoft Vulnerabilities Report. The volume marks an 11% increase from the previous record in 2022 and fits within a broader post-pandemic trend: more vulnerabilities, more products, and…

Read more →

Hands-On Industrial Internet of Things is a practical guide designed specifically for professionals building and securing industrial IoT (IIoT) systems. About the authors Giacomo Veneri brings deep expertise in telecommunications and AI, shaped by over 25 years in IoT and…

Read more →

Entrust announced the Entrust Cryptographic Security Platform, a unified, end-to-end cryptographic security management solution for keys, secrets, and certificates. Cyberattacks on data security and identity systems are exploding in scale and sophistication. Traditional approaches to securing data and identities aren’t…

Read more →

APT29 (aka Cozy Bear, aka Midnight Blizzard) is, once again, targeting European diplomats with fake invitations to wine-tasting events, Check Point researchers have shared. Cozy Bear uses wine-tastings and dinners as a lure In early 2024, Zscaler flagged a low-volume…

Read more →

Cyware has added Compromised Credential Management to the Cyware Intel Packaged Solution, a pre-configured threat intelligence program-in-a-box that enables security teams to operationalize threat intelligence faster by eliminating complex integrations and configurations. Built on Cyware Intel Exchange and pre-bundled with…

Read more →

The future of the Common Vulnerabilities and Exposures (CVE) program hangs in the balance: MITRE, the not-for-profit US organization that runs it, could lose the US federal funding that helps them maintain it. But others have been waiting in the…

Read more →

Cato Networks introduced GenAI security controls for Cato CASB (Cloud Access Security Broker). Cato CASB, a native feature in the Cato SASE Cloud Platform, is now enhanced with new capabilities for GenAI applications including a shadow AI dashboard and policy engine. With…

Read more →

NEC introduces Identity Cloud Service (ICS), a new identity verification solution to deliver streamlined, secure and cost-effective access management. Based on NEC’s biometric technology, ICS provides verification and search capabilities for corporations and global enterprises, financial services, hospitality, e-commerce, government…

Read more →

For CISOs, mergers and acquisitions (M&A) bring both potential and risk. These deals can drive growth, but they also open the door to serious cybersecurity threats that may derail the transaction. Strong due diligence, smart risk planning, and a shared…

Read more →

AI readiness in cybersecurity involves more than just possessing the latest tools and technologies; it is a strategic necessity. Many companies could encounter serious repercussions, such as increased volumes of advanced cyber threats, if they fail to exploit AI due…

Read more →

MITRE’s Attack Flow project aims to translate complex cyber operations into a structured language. By describing how adversaries sequence and combine offensive techniques to reach their objectives, Attack Flow offers defenders, analysts, and decision-makers a tool to see the bigger…

Read more →

By now, most CISOs agree: passwords are the weakest link in the authentication chain. They’re easy to guess, hard to manage, and constantly reused. Even the most complex password policies don’t stop phishing or credential stuffing. That’s why passwordless authentication…

Read more →

Despite being present on virtually every employee’s browser, extensions are rarely monitored by security teams or controlled by IT, according to LayerX. Most extensions have access to sensitive data 99% of enterprise users have at least one extension installed in…

Read more →

American car rental company Hertz has suffered a data breach linked to last year’s exploitation of Cleo zero-day vulnerabilities by a ransomware gang. The breach resulted in information of an unknown number of customers of Hertz and Hertz’s subsidiaries Dollar…

Read more →

PlexTrac launched PlexTrac for CTEM, expanding the platform’s capabilities with a proactive and continuous threat exposure management solution designed to help security teams centralize security data, prioritize risk based on business impact, and automate validation and remediation workflows. PlexTrac for…

Read more →

DataDome announced major advancements to its platform and partner ecosystem that put businesses back in control of how AI agents access and interact with their digital assets. These innovations come at a pivotal moment, as enterprises grapple with the rapid…

Read more →