Tag: Help Net Security

Palo Alto Networks has fixed a high-severity authentication bypass vulnerability (CVE-2025-0108) in the management web interface of its next-gen firewalls, a proof-of-concept exploit (PoC) for which has been made public. “Palo Alto Networks is not aware of any malicious exploitation…

Read more →

Salvador Tech introduced a Edge-Recovery Platform, a leap forward in comprehensive cyber resilience in the Operational Technology (OT) and Industrial Control Systems (ICS) landscape. This new platform will deliver a solution that enables instant recovery for manufacturers and critical infrastructure…

Read more →

More than three million employee-linked corporate accounts were compromised between 2022 and 2024 across Fortune 500 companies, according to Enzoic. This surge is fueled by the widespread use of corporate email addresses for personal accounts and the growing threat of…

Read more →

The United Kingdom government has secretly requested that Apple build a backdoor into its iCloud service, granting the government unrestricted access to users’ private data. This revelation deeply concerns me – it is a blatant overreach that threatens privacy, security…

Read more →

IT leaders are grappling with increasingly complex database environments. According to a new survey from Redgate, key concerns include protecting sensitive data, navigating regulatory compliance, and managing the rise of multi-database platforms. 38% of IT teams are concerned about data…

Read more →

Splunk’s latest CISO Report reveals critical insights into cybersecurity priorities, threat trends, and strategies for resilience. In this Help Net Security video, Kirsty Paine, Field CTO & Strategic Advisor at Splunk, discusses the key findings and what they mean for…

Read more →

Socure announced its new RiskOS platform. RiskOS builds on Socure’s strategic acquisition of Effectiv by integrating its sophisticated orchestration and decisioning engine with Socure’s identity verification and fraud prevention solutions powered by its identity graph. As fraud continues to cost businesses hundreds…

Read more →

Netwrix released the new component of Netwrix Privilege Secure, which simplifies secure remote access for distributed workforces and third-party vendors.  The new add-on reduces the attack surface by eliminating traditional VPN dependencies through granular, identity-based access control. It enables employees to…

Read more →

Encryption Consulting announced significant updates to its CodeSign Secure platform, a comprehensive code-signing solution designed to address the challenges of software security in modern development environments. As organizations prioritize software integrity, authenticity, and compliance, the complexities of managing secure code-signing…

Read more →

Thales launched OneWelcome FIDO Key Lifecycle Management, a new solution to help large organizations successfully deploy and manage FIDO security passkeys at scale. OneWelcome FIDO Key Lifecycle Management combines an interoperable management platform with Thales hardware FIDO security keys (passkeys)…

Read more →

Thales has announced the launch of OneWelcome FIDO Key Lifecycle Management, a new solution to help large organizations successfully deploy and manage FIDO security passkeys at scale. OneWelcome FIDO Key Lifecycle Management combines an interoperable management platform with Thales hardware…

Read more →

Armor unveiled Nexus, a platform designed to provide transparency, proactive risk reduction, and intelligent support for large, complex organizations to ensure an adaptable, comprehensive, and unified cybersecurity strategy. With Nexus, Armor Defense reinforces its commitment of being the trusted security…

Read more →

EchoMark launched its new API. The API seamlessly integrates EchoMark’s watermarking and leak detection capabilities directly into workflows and applications, protecting sensitive information without disrupting current operations. EchoMark is the only company to watermark plain text. Having pioneered forensic watermarking…

Read more →

SysReptor is a customizable open-source penetration testing reporting platform built for pentesters, red teamers, and cybersecurity professionals. You can optimize your workflow by simplifying, automating, and personalizing your reports. “SysReptor is an easy-to-use tool for pentesters and simplifies pentest reporting.…

Read more →

Organizations’ increasing reliance on third-party software and services has created an environment with more vulnerabilities and harder-to-detect risks. Attackers know they can increase efficiency and profitability by compromising the supply chain and are focusing their efforts accordingly. The commoditization of…

Read more →

The breaches and ransomware attacks of 2024 highlighted systemic vulnerabilities, demonstrating how third-party and fourth-party dependencies amplify risks across industries, according to a Black Kite report. Researchers revealed how silent breaches underscore the risk posed by unseen vulnerabilities in third-party…

Read more →

While 4 out of 5 CEOs recognize AI’s potential, many worry gaps in their understanding will impact strategic decisions, risking missed opportunities and falling behind competitors, according to Cisco. Yet, CEOs are not standing still. With support from IT leaders…

Read more →

February 2025 Patch Tuesday is here, and Microsoft has delivered fixes for 56 vulnerabilities, including two zero-days – CVE-2025-21418 and CVE-2025-21391 – under active exploitation. CVE-2025-21418 and CVE-2025-21391 CVE-2025-21418 is a vulnerability in the Windows Ancillary Function Driver (AFD.sys), which…

Read more →

Industrial Defender announced its latest platform, Industrial Defender 8.0. This release introduces a completely redesigned risk dashboard, helping critical infrastructure and industrial operators manage security and compliance risks by assessing and prioritizing them with enhanced intelligence and risk scoring. Industrial…

Read more →

The Thai police has arrested four individuals suspected of being the leaders of the 8Base ransomware group and of stealing approximately $16 million from 1,000+ victims they targeted with the Phobos ransomware. “Officers from Cyber Crime Investigation Bureau, led by…

Read more →