Tag: Help Net Security

1Kosmos announced 1Kosmos 1Key for shared account login environments. With FIDO-compliant biometric authentication, 1Kosmos 1Key addresses the pressing need for security, accountability, and auditability in settings where multiple users access shared accounts, such as operational technology (OT) systems, hospitality services,…

Read more →

State-sponsored threat actors and cybercrime groups from North Korea, Iran, Russia, and China have been exploiting a zero-day Windows vulnerability with no fix in sight for the last eight years, researchers with Trend Micro’s Zero Day Initiative have warned on…

Read more →

Vanta announced a series of new features and capabilities to help security and GRC teams seamlessly collaborate across their organization and extended network. These releases—including team-based collaboration and granular user access, an integrated Vanta Exchange for vendor security reviews, enhanced…

Read more →

GitGuardian’s State of Secrets Sprawl 2025 report shows no progress in combating secrets sprawl, with 23.8 million secrets leaked on public GitHub repositories in 2024—a 25% year-over-year increase. Despite GitHub Push Protection’s efforts, secrets sprawl is accelerating, especially with generic…

Read more →

Elastic announced an expanded partnership with an integrated offering that includes Tines Workflow Automation and the Elastic Search AI Platform to simplify security and observability workflow automation. The partnership equips security teams with security orchestration, automation and response (SOAR) and…

Read more →

Cloudflare launched the Cloudforce One threat events platform to provide real-time intelligence on cyberattacks occurring across the Internet. Based on telemetry from Cloudflare’s massive global network, Cloudforce One’s threat events platform helps security teams get more done with the same…

Read more →

TXOne Networks announced Version 3.2 of its Stellar solution, further enhancing its capabilities from endpoint protection to more comprehensive detection and response in operational technology (OT) environments. Stellar simplifies the journey into threat hunting and detection while overcoming the limitations…

Read more →

Cytex launched AICenturion, a LLM Firewall with Data Loss Prevention (DLP) capabilities. GenAI’s risks intensify as LLMs prevent enterprises from directly controlling their processes and data handling. AICenturion provides the trust, risk and security management that enterprises need by enabling…

Read more →

Outseer announced its platform-native Behavioral Biometrics capability. The addition of platformized Behavioral Biometrics introduces another layer of defense that continuously analyzes user interactions to detect anomalies in real time. Building on its rich RSA heritage (formerly RSA Fraud & Risk…

Read more →

Keysight Technologies announces the expansion of its Keysight Vision Network Packet Brokers (NPBs), with the introduction of AI Insight Brokers. These enhanced NPBs are designed to improve the performance of AI-driven cybersecurity operations such as threat detection, incident response, and…

Read more →

Orion Security announced a $6 million Seed funding round led by Pico Partners and FXP with participation from Underscore VC and cybersecurity leaders including the founders of Perimeter 81 and the CISO of Elastic. Founded by CEO Nitay Milner, former…

Read more →

In this Help Net Security interview, William Booth, director, ATT&CK Evaluations at MITRE, discusses how CISOs can integrate regulatory compliance with proactive risk management, prioritize spending based on threat-informed assessments, and address overlooked vulnerabilities like shadow IT and software supply…

Read more →

Advanced Data Protection (ADP) secures iCloud data with end-to-end encryption. This ensures that no one, not even Apple, can access the encrypted data, which remains secure even in the event of a cloud breach. As of February 21, 2025, Apple…

Read more →

Dependency-Check is an open-source Software Composition Analysis (SCA) tool to identify publicly disclosed vulnerabilities within a project’s dependencies. The tool analyzes dependencies for Common Platform Enumeration (CPE) identifiers. When a match is found, the tool generates a report with links…

Read more →

Static Application Security Testing (SAST) found favor among security teams as an easy way to deploy security testing without really engaging developers. With the ability to analyze source code early in the software delivery lifecycle, SAST solutions offered a more…

Read more →

CyCognito announced new capabilities designed to improve both security operations automation and risk visibility. These new features speed security operations by making assets easier to identify and attribute to owners, as well as compare attack surface risk to peer organizations.…

Read more →

The contemporary SOC is transforming as it starts to realize the benefits of GenAI and utilize the manifestations of autonomous agentic AI, according to Tines. Additionally, the promise of security automation is coming to fruition. In theory and practice, security…

Read more →

Whistic announced the next generation of its Assessment Copilot, a third-party risk management (TPRM) solution that integrates AI into the vendor assessment process for a fully automated workflow. With this release, Whistic builds upon the initial release of Assessment Copilot…

Read more →

While still not widely distributed, a new Windows remote access trojan (RAT) dubbed StilachiRAT is a serious threat. “[The malware] demonstrates sophisticated techniques to evade detection, persist in the target environment, and exfiltrate sensitive data,” Microsoft threat analysts have warned…

Read more →

Google announced it has signed a definitive agreement to acquire Wiz for $32 billion, subject to closing adjustments, in an all-cash transaction. Once closed, Wiz will join Google Cloud. This acquisition represents an investment by Google Cloud to accelerate two…

Read more →