AppViewX and Utimaco have partnered to offer cloud-delivered secure certificate and key lifecycle management solutions. Together, the companies will provide comprehensive, robust, and scalable platforms for certificate lifecycle management automation and secure code signing. The integration of the AppViewX AVX…
Tag: Help Net Security
Photos: Black Hat USA 2024 Arsenal
At the Black Hat USA 2024 Arsenal by ToolsWatch, researchers showcase their latest cybersecurity open-source tools. Must read: 20 free cybersecurity tools you might have missed 15 open-source cybersecurity tools you’ll wish you’d known earlier 20 essential open-source cybersecurity tools…
Photos: Black Hat USA 2024 Startup City
Here’s a look inside Startup City at Black Hat USA 2024. The featured vendors are: BackBox, Cybral, DryRun Security, HackNotice, Heeler Security, Hushmesh, MobileHop, Nagomi Security, Ox Security, Plainsea, Raven, Scribe Security, Spyderbat, and Xygeni. The post Photos: Black Hat…
SSHamble: Open-source security testing of SSH services
runZero published new research on Secure Shell (SSH) exposures and unveiled a corresponding open-source tool, SSHamble. This tool helps security teams validate SSH implementations by testing for uncommon but dangerous misconfigurations and software bugs. Discovered weaknesses During their presentation at…
Traceeshark: Open-source plugin for Wireshark
Traceeshark is a plugin for Wireshark that enables security practitioners to quickly investigate security incidents. It enhances the capabilities of Aqua Tracee, an open-source runtime security and forensics tool, and allows users to analyze kernel-level event and behavioral detection alongside…
AI security 2024: Key insights for staying ahead of threats
In this Help Net Security interview, Kojin Oshiba, co-founder of Robust Intelligence, discusses his journey from academic research to addressing AI security challenges in the industry. Oshiba highlights vulnerabilities in technology systems and the proactive measures needed to mitigate risks,…
How network segmentation can strengthen visibility in OT networks
What role does the firewall play in the protection of operational technology (OT) networks and systems? Many would say that it’s the defensive mechanism to protect that environment from IT and the outside world. For the operators responsible for uptime…
Securing against GenAI weaponization
In this Help Net Security video, Aaron Fulkerson, CEO of Opaque, discusses how the weaponization of generative AI (GenAI) has made existing data privacy practices (like masking, anonymization, tokenization, etc.) obsolete. Fulkerson provides recommendations for companies to realize they must…
Download: CIS Critical Security Controls v8.1
Version 8.1 of the CIS Critical Security Controls (CIS Controls) is an iterative update to version 8.0. It offers prescriptive, prioritized, and simplified cybersecurity best practices that provide a clear path to improve your organization’s cyber defense program. CIS Controls…
Ransomware operators continue to innovate
Ransomware groups continue to refine their craft, building and scaling business models that resemble legitimate corporate enterprises, according to Rapid7. They market their services to prospective buyers, offer company insiders commissions in exchange for access, and run formal bug bounty…
CrowdStrike engages external experts, details causes of massive outage
CrowdStrike has published a technical root cause analysis of what went wrong when a content update pushed to its Falcon sensors borked over 8.5 million Windows machines around the world on July 19, and has confirmed that it has hired…
Veza introduces Access AI to streamline risk management and access control
Veza has released Access AI, a generative AI-powered solution to maintain the principle of least privilege at enterprise scale. With Access AI, security and identity teams can now use an AI-powered chat-like interface to understand who can take what action…
Elastic automates SIEM data onboarding with Automatic Import
Elastic is accelerating the adoption of AI-driven security analytics by automating SIEM data onboarding with Automatic Import. This new feature — the only one of its kind for a security analytics or SIEM solution — automates the development of custom…
Cequence Unified API Protection defends against attacks targeting AI applications
Cequence introduced advancements to its Unified API Protection (UAP) platform, specifically tailored to support the secure use of AI applications like Generative AI and Large Language Models (LLMs). Cequence’s solutions protect applications deployed in the cloud, on-premises, and hybrid environments,…
AppSOC launches new AI security capabilities for enhanced governance and protection
AppSOC has launched capabilities for safeguarding artificial intelligence (AI) applications and agents while providing the visibility and governance that enterprises need to leverage AI with confidence. Businesses across sectors are recognizing the immense potential of AI, but the rush to…
Roundcube flaws allow easy email account compromise (CVE-2024-42009, CVE-2024-42008)
Two cross-site scripting vulnerabilities (CVE-2024-42009, CVE-2024-42008) affecting Roundcube could be exploited by attackers to steal users’ emails and contacts, email password, and send emails from their account. About the vulnerabilities Roundcube is an open-source webmail software solution popular with European…
Flashpoint Ignite and Echosec deliver threat intelligence for enhanced protection
Flashpoint has released new features and capabilities to its flagship platform, Flashpoint Ignite, and Echosec, its comprehensive location intelligence solution. Those working in security and threat analysis are at the forefront of the constantly evolving threat landscape. However, each organization…
D3 enhances Smart SOAR Platform with Ace AI
D3 has announced the release of Ace AI, a collection of new capabilities for D3’s Smart SOAR platform that leverage the power of artificial intelligence to make security operations faster and more intuitive. In a security operations climate where excessive…
Cymulate AI Copilot validates security against real-time threats
Cymulate AI Copilot is a generative AI solution designed to deploy, test and tune security controls to evaluate their effectiveness against real-time threats. The solution offers a dynamic attack planner, among other AI-powered features, for greater insights into cybersecurity control…
Contrast Security ADR enables teams to identify vulnerabilities, detect threats, and stop attacks
Contrast Security introduced Application Detection and Response (ADR), which empowers security teams to identify vulnerabilities, detect threats, and stop attacks that target custom applications and APIs. Today’s layered “detection and response” security defenses have a gap. They provide visibility into…
OpenWrt dominates, but vulnerabilities persist in OT/IoT router firmware
Forescout has published a new report examining the current state of the software supply chain in OT/IoT routers. The study uncovered that OT and IoT cellular routers and those used in small offices and homes contain outdated software components associated…
RustScan: Open-source port scanner
RustScan is an open-source port scanner designed for speed and versatility. It combines a sleek interface with the power to adapt and improve over time. With RustScan’s Adaptive Learning, the tool continually optimizes its performance, making it the most efficient…
Sports venues must vet their vendors to maintain security
Sporting events generate a lot of consumer activity, from hotels and restaurants to retail. Large sporting events are held together by webs of connectivity that include vendors, sponsors, employees, and consumers. These networks connect ticketing, merchandising, venue access, live events…
Breaking down FCC’s proposal to strengthen BGP security
In this Help Net Security interview, Doug Madory, Director of Internet Analysis at Kentik, discusses the FCC’s proposal requiring major U.S. ISPs to implement RPKI Route Origin Validation (ROV), and addresses concerns about the impact on smaller ISPs and the…
Number of incidents affecting GitHub, Bitbucket, GitLab, and Jira continues to rise
Outages, human errors, cyberattacks, data breaches, ransomware, security vulnerabilities, and, as a result, data loss are the reality that DevSecOps teams have to face every few days, according to GitProtect.io. DevSecOps The possibility to integrate security in development processes has…
Ransomware gang targets IT workers with new RAT masquerading as IP scanner
Ransomware-as-a-service outfit Hunters International is wielding a new remote access trojan (RAT). “The malware, named SharpRhino due to its use of the C# programming language, is delivered through a typosquatting domain impersonating the legitimate tool Angry IP Scanner,” Quorum Cyber…
Ransomware gang targets IT workers with new RAT maquerading as IP scanner
Ransomware-as-a-service outfit Hunters International is wielding a new remote access trojan (RAT). “The malware, named SharpRhino due to its use of the C# programming language, is delivered through a typosquatting domain impersonating the legitimate tool Angry IP Scanner,” Quorum Cyber…
Stellar Cyber launches Multi-Layer AI platform to enhance threat detection
Stellar Cyber is introducing Multi-Layer AI, incorporating four distinct technologies — machine learning (ML), graph ML, generative AI, and hyper automation — into a single unified platform that reduces threat detection and response time. This new approach leverages AI at…
Researchers unearth MotW bypass technique used by threat actors for years
Threat actors have been abusing a bug in how Windows handles LNK files with non-standard target paths and internal structures to prevent in-built protections from stopping malicious payloads and trick users into running them. “We identified multiple samples in VirusTotal…
Hero AI by Swimlane enhances security with context-aware recommendations
Swimlane has introduced Hero AI innovations that transform traditional security operations, enabling security teams to tackle complex cases, alerts, and intelligence with unprecedented speed. Hero AI expands case summarization capabilities with context-aware recommendations, informed by cybersecurity frameworks and customers’ own…
SentinelOne unveils AI and cloud innovations on Singularity Platform
SentinelOne unveiled a series of new Purple AI, Cloud, Endpoint and Identity innovations to the company’s Singularity Platform. The new offerings and capabilities all leverage the industry’s most advanced generative AI technology, modern secure-by-design single-agent architecture, and most performant data…
Resecurity to introduce Context AI, a specialized generative AI framework
Resecurity (USA), a global leader in cybersecurity and risk management solutions serving major Fortune 500 companies and government agencies, has added new AI capabilities to its flagship Platform-as-a-Service (PaaS) offering, to accelerate its proprietary threat detection and response capabilities. The…
ITSM concerns when integrating new AI services
Let’s talk about a couple of recent horror stories. Late last year, a Chevrolet dealership deployed a chatbot powered by a large language model (LLM) on their homepage. This LLM, trained with detailed specifications of Chevrolet vehicles, was intended to…
Scaling data security solutions: What you need to know
In this Help Net Security interview, Bruno Kurtic, President and CEO at Bedrock Security, discusses the role of data visibility in enhancing cybersecurity. He explains that effective data visibility involves discovering, classifying, and contextualizing data, which helps organizations understand and…
Email attacks skyrocket 293%
Email attacks have surged by 293% in the first half of 2024 compared to the same period in 2023, according to Acronis. The number of ransomware detections was also on the rise, increasing 32% from Q4 2023 to Q1 2024.…
Whitepaper: Tools to tackle the multicloud environment
Implementing multicloud solutions is becoming increasingly paramount for organizations seeking to drive their business forward in the coming years. As a result, the role of cloud security is evolving. Cloud providers often use different security models with varying responsibilities and…
AI-fueled phishing scams raise alarm ahead of U.S. presidential election
Highlighting growth of phishing and digital scams targeting United States citizens, Bolster released a research that identified 24 separate nation-state threat actor groups attempting to exploit rising political tensions across the US to interfere with the 2024 presidential election. “We…
IBM Consulting Cybersecurity Assistant helps clients accelerate alert investigation
IBM generative AI capabilities to its managed Threat Detection and Response Services utilized by IBM Consulting analysts to advance and streamline security operations for clients. Built on IBM’s watsonx data and AI platform, the new IBM Consulting Cybersecurity Assistant is…
AppOmni unveils SaaS-aware ITDR capabilities
AppOmni announced a series of technology advances to deliver identity and threat detection (ITDR) capabilities to protect SaaS environments. The newest capabilities complement traditional ITDR and identity and access management (IAM) solutions from Identity Providers (IdPs) such as Okta, and…
Critical Apache OFBiz pre-auth RCE flaw fixed, update ASAP! (CVE-2024-38856)
CVE-2024-38856, an incorrect authorization vulnerability affecting all but the latest version of Apache OFBiz, may be exploited by remote, unauthenticated attackers to execute arbitrary code on vulnerable systems. About CVE-2024-38856 Apache OFBiz is an open-source framework for enterprise resource planning…
Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) released
A partnership of 28 industry leaders serving public and private organizations across the vendor and consumer community volunteered their time, effort, and experience to launch the first version of the Cyber Threat Intelligence Capability Maturity Model (CTI-CMM), designed as the…
Rapid7 releases Command Platform, unified attack defense and response
Rapid7 launched its Command Platform, a unified threat exposure, detection, and response platform. It allows customers to integrate their critical security data to provide a unified view of vulnerabilities, exposures, and threats from endpoint to cloud to close security gaps…
Chinese hackers compromised an ISP to deliver malicious software updates
APT StormBamboo compromised a undisclosed internet service provider (ISP) to poison DNS queries and thus deliver malware to target organizations, Volexity researchers have shared. Malware delivery via automatic software updates StormBamboo (aka Evasive Panda, aka StormCloud), a Chinese-speaking threat actor…
The role of AI in cybersecurity operations
Security operation centers (SOCs) need to be better equipped to manage the sheer scale of data to monitor and the increasing sophistication of threats. SOC analysts face a daunting task: sifting through thousands of alerts every day – most of…
How to start your cybersecurity career: Expert tips and guidance
As businesses strive to protect their data and privacy, the demand for skilled cybersecurity professionals continues to grow. This article provides expert advice to help you navigate the early stages of your cybersecurity career, offering practical tips and insights. Brian…
MISP: Open-source threat intelligence and sharing platform
MISP is an open-source threat intelligence and sharing platform for collecting, storing, distributing, and sharing cybersecurity indicators and threats related to incident and malware analysis. MISP is designed by and for cybersecurity, ICT professionals, and malware reversers to support their…
AI expected to improve IT/OT network management
Once a peripheral concern, OT security has become a mandatory focus for organizations worldwide, according to Cisco’s report. The report provides a comprehensive look at the challenges and opportunities as organizations strive to build a secure and efficient industrial networking…
How life sciences companies use AI to fill the cybersecurity skills gap
In this Help Net Security video, Beth Miller, Field CISO at Code42, highlights a significant trend: 73% of life sciences companies turn to AI to address the cybersecurity skills gap, surpassing adoption rates in other industries. Underresourced security teams face…
New Veeam Data Cloud release delivers Microsoft 365 backup and recovery
Veeam Software announced the next generation of Veeam Data Cloud for Microsoft 365 with the new capabilities offered by Microsoft 365 Backup Storage. Veeam Data Cloud, built on Microsoft Azure, provides backup-as-a-service (BaaS) for Microsoft 365, enabling data resilience and…
Votiro introduces enhanced data privacy features and integrations
Votiro expanded the privacy toolsets and integrations within its DDR platform. New features include the ability to mask privacy data within documents in real-time, continuous monitoring and reporting on where unstructured data travels throughout an organization, alerts around potential compliance…
Binary Defense releases MDR Plus managed security solution
Binary Defense released of MDR Plus, a managed security solution for companies looking to improve their security program and increase technology diversification. MDR Plus focuses on delivering security outcomes through Binary Defense’s BD Platform. This solution integrates real-time detection and…
Week in review: VMware ESXi zero-day exploited, SMS Stealer malware targeting Android users
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Why a strong patch management strategy is essential for reducing business risk In this Help Net Security interview, Eran Livne, Senior Director of Product Management,…
Securonix unveils Cyber Data Fabric and Noise Canceling SIEM in EON suite
Securonix unveiled two new capabilities within the Securonix EON suite of AI-Reinforced capabilities: Cyber Data Fabric and Noise Canceling SIEM. These innovations bolster the Unified Defense SIEM solution empowering CyberOps teams to better respond to and counter the rise in…
Organizations fail to log 44% of cyber attacks, major exposure gaps remain
40% of tested environments allowed attack paths that lead to domain admin access, according to Picus Security. Achieving domain admin access is particularly concerning because it is the highest level of access within an organization’s IT infrastructure, and is like…
Record-breaking $75 million ransom paid to cybercrime group
Ransomware attacks have reached new heights of ambition and audacity over the past year, marked by a notable surge in extortion attacks, according to a Zscaler. The findings from the report uncovered a record-breaking ransom payment of $75 million to…
Open-source project enables Raspberry Pi Bluetooth Wi-Fi network configuration
Remote.It released its open-source project to enable Raspberry Pi Bluetooth (BLE) Wi-Fi network configuration. The project allows a computer or mobile device to easily transfer a Wi-Fi configuration via Bluetooth, the same way users set up smart devices around the…
New infosec products of the week: August 2, 2024
Here’s a look at the most interesting products from the past week, featuring releases from: Adaptive Shield, Fortanix, Clutch Security, Nucleus Security, Wing Security and Synack. Adaptive Shield unveils ITDR platform for SaaS Adaptive Shield has unveiled its Identity Threat…
Cado platform enhances SOC efficiency with AI-driven workflow automation
Cado Security has unveiled that the Cado platform now enables customers to dramatically streamline the effectiveness of their SOC using end-to-end workflow investigation automation capabilities. Through the infusion of AI-guided investigations and data rich insights, Cado Security is arming SOC…
Synack PTaaS platform offers complete security testing suite
Synack has unveiled additional capabilities of its Penetration Testing as a Service (PTaaS) platform that deliver a comprehensive security testing experience. The Synack platform now covers all customers’ security testing needs, from attack surface discovery and analytics to penetration testing…
Wing Security unveils custom SaaS Threat Intelligence for direct dashboard integration
Wing Security launched its new tailored SaaS Threat Intelligence, providing organizations with personalized detection and response capabilities directly integrated into their SaaS security dashboard. The threat intelligence feature delivers timely, prioritized threat event information with recommendations and automated remediation plans…
Nucleus Vulnerability Intelligence Platform enhances threat assessment and remediation speed
Nucleus Security has launched its Nucleus Vulnerability Intelligence Platform. Nucleus Vulnerability Intelligence Platform enables enterprises to aggregate, analyze, and act on insights from government, open-source, and premium threat intelligence feeds while reducing manual effort, accelerating threat assessment, and promoting proactive…
Why CISOs face greater personal liability
In this Help Net Security interview, Christos Tulumba, CISO at Veritas Technologies, discusses the key factors contributing to increased personal liability risks for CISOs. These risks are driven by heightened cybersecurity threats, evolving regulations, and increased public awareness of security…
Threat intelligence: A blessing and a curse?
Access to timely and accurate threat intelligence is now core to security operations for many organizations. Today, it seems that security teams are blessed with an abundance of data and intelligence feeds to choose from. However, selecting the right information…
Practical strategies to mitigate risk and secure SAP environments
Large companies use ERP applications to manage business processes, including payroll and financial planning. This is precisely why bad actors are taking a renewed interest in these legacy systems – and succeeding. In this Help Net Security video, JP Perez-Etchegoyen,…
Airlines are flying blind on third-party risks
The aviation industry has traditionally focused on physical security threats, but recent revelations about risks on Boeing‘s supply chain have spotlighted the critical need to measure and mitigate supply chain risk, according to SecurityScorecard. The report comes as regulatory bodies…
Infosec products of the month: July 2024
Here’s a look at the most interesting products from the past month, featuring releases from: AttackIQ, AuditBoard, Black Kite, BlueVoyant, Druva, GitGuardian, Invicti Security, IT-Harvest, LogRhythm, LOKKER, NordVPN, Pentera, Permit.io, Prompt Security, Quantum Xchange, Regula, Rezonate, Scythe, Secure Code Warrior,…
SMS Stealer malware targeting Android users: Over 105,000 samples identified
Zimperium’s zLabs team has uncovered a new and widespread threat dubbed SMS Stealer. Detected during routine malware analysis, this malicious software has been found in over 105,000 samples, affecting more than 600 global brands. SMS Stealer’s extensive reach poses significant…
Microsoft: DDoS defense error amplified attack on Azure, leading to outage
A DDoS attack that started on Tuesday has made a number of Microsoft Azure and Microsoft 365 services temporarily inaccessible, the company has confirmed. Microsoft’s mitigation statement on the Azure status history page Microsoft Azure, 365 outage triggered by DDoS…
Clutch Security launches to transform management of NHIs
Clutch Security emerged from stealth and unveiled its Universal Non-Human Identity (NHI) Security Platform. The company also announced a $8.5 million funding round led by Lightspeed Venture Partners, with participation from Merlin Ventures, and notable angel investors. Clutch’s mission is…
Fortanix expands Key Insight to enhance cryptographic security across hybrid environments
Fortanix announced a major expansion to the Key Insight solution, allowing organizations to discover, assess, and remediate their fragmented cryptographic security risks proactively. Key Insight can now scan on-premises services such as databases, storage, etc., making it the solution to…
Cycode unveils Cycode AI to enhance ASPM platform with advanced security features
Cycode has unveiled Cycode AI, a suite of AI-powered features that are now embedded in the company’s Complete ASPM platform. This integration empowers security teams and developers to increase productivity, accelerate velocity, and gain visibility into risk-prone gaps across the…
Innovative approach promises faster bug fixes
Modern software applications usually consist of numerous files and several million lines of code. Due to the sheer quantity, finding and correcting faults, known as debugging, is difficult. In many software companies, developers still search for faults manually, which takes…
Lineaje secures $20 million in funding to address software supply chain issues
Lineaje has unveiled a landmark $20 million Series A funding round led by Prosperity7 Ventures, Neotribe, and Hitachi Ventures, alongside existing investor Tenable Ventures. This significant investment underscores the escalating global demand for robust software supply chain security solutions, recognizing…
Devo Technology launches data orchestration and SOC enhancements
Devo Technology is launching data orchestration, a data analytics cloud, and security operations center (SOC) workflow enhancements, offering security teams data control, cost optimizations, and efficient automation. Security teams are grappling with the vast amounts of data they need to…
Cohesity unveils enhanced GenAI capabilities for faster threat detection and recovery
Cohesity extended its first-mover advantage in GenAI detection and recovery capabilities with the addition of significant new enhancements to the Cohesity Data Cloud. These improvements allow customers to use Cohesity’s built-in AI capabilities to rapidly detect, investigate, and address potential…
Proficio launches ProBAS service to help organizations better prepare and respond to cyber attacks
Proficio has announced the roll out of its ProBAS Breach and Attack Simulation service. By rigorously testing an organization’s security defenses, ProBAS ensures they can prevent compromise events and detect attacks throughout the entire threat detection and response process. From…
What CISOs need to keep CEOs (and themselves) out of jail
Former Uber CISO Joe Sullivan, who was convicted for attempting to cover up a data breach Uber suffered in 2016, recently posited that in the very near future, CEOs might find themselves held directly responsible for cybersecurity breaches. Considering the…
Leveraging dynamic configuration for seamless and compliant software changes
In this Help Net Security interview, Konrad Niemiec, CEO and Founder of Lekko, discusses the benefits of dynamic configuration in preventing system outages and enabling faster response times during incidents. Niemiec explains how dynamic configuration evolves feature flagging, supports operational…
Cybersecurity jobs available right now: July 31, 2024
Cloud Security Architect Precisely | United Kingdom | Remote – View job details As a Cloud Security Architect, you will be responsible for the design and architecture of Precisely’s cloud security posture. Determine security requirements by evaluating business and product…
Secretive: Open-source app for storing and managing SSH keys in the Secure Enclave
Secretive is an open-source, user-friendly app designed to store and manage SSH keys within the Secure Enclave. Typically, SSH keys are stored on disk with appropriate permissions, which is usually sufficient. However, it’s not overly difficult for malicious users or…
Average data breach cost jumps to $4.88 million, collateral damage increased
IBM released its annual Cost of a Data Breach Report revealing the global average cost of a data breach reached $4.88 million in 2024, as breaches grow more disruptive and further expand demands on cyber teams. Breach costs increased 10%…
Adaptive Shield unveils ITDR platform for SaaS
Adaptive Shield has unveiled its Identity Threat Detection & Response (ITDR) platform for SaaS environments. The recent Snowflake breach served as a wake-up call for the SaaS industry. On May 27, a threat group announced the sale of 560 million…
VMware ESXi auth bypass zero-day exploited by ransomware operators (CVE-2024-37085)
Ransomware operators have been leveraging CVE-2024-37085, an authentication bypass vulnerability affecting Active Directory domain-joined VMware ESXi hypervisors, to gain full administrative access to them and encrypt their file system. VMware owner Broadcom has released a fix for CVE-2024-37085 on June…
Review: Action1 – Simple and powerful patch management
Although endpoint anti-malware and other security controls are now standard at the operating system level, keeping all endpoint software up-to-date and secure remains an open issue for many organizations. Patch management is not yet a commodity, and substantial improvements can…
Coding practices: The role of secure programming languages
Safety and quality are not features that can be added through testing — they must be integral to the design. Opting for a safer or more secure language or language subset during implementation can eliminate entire categories of vulnerabilities. The…
Securing remote access to mission-critical OT assets
In this Help Net Security interview, Grant Geyer, Chief Strategy Officer at Claroty, discusses the prevalent vulnerabilities in Windows-based engineering workstations (EWS) and human-machine interfaces (HMI) within OT environments. Geyer also addresses the challenges and solutions for securing remote access…
Insecure file-sharing practices in healthcare put patient privacy at risk
Healthcare organizations continue to put their business and patients at risk of exposing their most sensitive data, according to Metomic. 25% of publicly shared files owned by healthcare organizations contain Personally Identifiable Information (PII). 68% of private files that have…
Some good may come out of the CrowdStrike outage
Estimated financial losses due to the recent massive IT outage triggered by the faulty CrowdStrike update are counted in billions, but the unfortunate incident is having several positive effects, as well. Some silver linings As CrowdStrike was forced to explain,…
Critical Acronis Cyber Infrastructure vulnerability exploited in the wild (CVE-2023-45249)
CVE-2023-45249, a critical vulnerability affecting older versions of Acronis Cyber Infrastructure, is being exploited by attackers. About Acronis Cyber Infrastructure Acronis is a privately held Swiss cybersecurity and data protection technology company. Acronis Cyber Infrastructure (ACI) is an IT infrastructure…
eBook: 20 tips for secure cloud migration
More organizations rely on cloud platforms to reap the benefits of scalability, flexibility, availability, and reduced costs. However, cloud environments come with security challenges and vulnerabilities. The Thales 2020 Data Threat Report indicates that 49% of global respondents experienced a…
Microsoft 365 users targeted by phishers abusing Microsoft Forms
There has been an uptick in phishing campaigns leveraging Microsoft Forms this month, aiming to trick targets into sharing their Microsoft 365 login credentials. A malicious Microsoft form (Source: Perception Point) Malicious forms leading to phishing pages impersonating Microsoft 365…
Enhancing threat detection for GenAI workloads with cloud attack emulation
Cloud GenAI workloads inherit pre-existing cloud security challenges, and security teams must proactively evolve innovative security countermeasures, including threat detection mechanisms. Traditional cloud threat detection Threat detection systems are designed to allow early detection of potential security breaches; usually, these…
Cirrus: Open-source Google Cloud forensic collection
Cirrus is an open-source Python-based tool designed to streamline Google Cloud forensic evidence collection. It can streamline environment access and evidence collection in investigations involving Google Workspace and GCP. The tool simplifies incident response activities and enhances an organization’s security…
The cost of cybersecurity burnout: Impact on performance and well-being
This article includes excerpts from recent reports we covered, providing statistics and insights into the levels of stress and burnout experienced by cybersecurity professionals. Most cybersecurity pros took time off due to mental health issues Hack The Box | Building…
Why a strong patch management strategy is essential for reducing business risk
In this Help Net Security interview, Eran Livne, Senior Director of Product Management, Endpoint Remediation at Qualys and Thomas Scheffler, Security Operations Manager of Cintas Corporation, discuss their experiences with automated patch management. Scheffler details how Cintas transitioned from manual…
The gap between business confidence and cyber resiliency
In this Help Net Security video, Jim Liddle, Nasuni’s Chief Innovation Officer, discusses the findings of its new 2024 industry research report, The Era of Hybrid Cloud Storage. Key takeaways: Cloud strategies are at the forefront of enterprise success. Enterprises…
Whitepaper: DevSecOps Blueprint
In the DevSecOps Blueprint whitepaper, GitGuardian outlines a robust foundation for building an automated and technology-driven DevSecOps Program that addresses every aspect of the SDLC. Learn how your organization can embed security at every layer: the tools and technologies, the…
Week in review: CrowdStrike-triggered outage insights, recovery, and measuring cybersecurity ROI
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft releases tool to speed up recovery of systems borked by CrowdStrike update By now, most people are aware of – or have been personally…
Ledger Flex: Secure self-custody with E Ink touchscreen display
Ledger today launched Ledger Flex, featuring secure E Ink touchscreen displays powered by Ledger’s Secure OS. It’s available to purchase for $249, shipping immediately. The Ledger Flex features a high-resolution, 2.8” display that provides clarity when signing transactions or approving…
Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
Progress Software has fixed a critical vulnerability (CVE-2024-6327) in its Telerik Report Server solution and is urging users to upgrade as soon as possible. About CVE-2024-6327 (and CVE-2024-6096) Telerik Report Server is an enterprise solution for storing, creating, managing and…