Category: Help Net Security

The 80/20 rule, which was first introduced as Pareto’s principle in 1941 by American engineer Joseph Juran, suggests that 20 percent of your activities (in life, business, athletics, etc.) will account for 80 percent of your results. Simply put: work…

Read more →

If the number of women working in cybersecurity in the United States equalled that of men, the economic footprint of the U.S. cybersecurity industry would increase by $30.4 billion, according to Tessian. Furthermore, an additional $12.7 billion would be added…

Read more →

Cybercriminals are holding governments hostage more frequently, expanding their attack base, and asking for more money, according to a report released by Deloitte. The study explores the rising trend in ransomware attacks on state and local governments. It also discusses…

Read more →

ClearDATA, the leader in healthcare public cloud security, compliance and privacy, announced a new Software as a Service (SaaS) solution, ClearDATA Locate Mask, that enables healthcare organizations to leverage unstructured datasets containing PHI or PII by masking or redacting the…

Read more →

Hewlett Packard Enterprise (HPE) announced a breakthrough in the journey to true 5G adoption with the launch of HPE 5G Core Stack, an open, cloud-native 5G core network solution that accelerates the journey to new 5G revenue streams, seamlessly integrates…

Read more →

IDERA, a provider of powerful database productivity tools, announced an expanded portfolio of cloud-based database and workload management solutions for SQL Server. These solutions empower organizations to manage the performance and availability of cloud and traditional databases in a single…

Read more →

SailPoint Technologies Holdings, the leader in identity management, introduced identity governance for IaaS platforms, resources and workloads. As enterprises adopt a multi-cloud platform strategy across AWS, Azure and the Google Cloud Platform to keep pace with digital transformation, there is…

Read more →

The Open Group, the vendor-neutral technology consortium, and the University of L’Aquila announced a partnership with a consortium of leading European research organizations, technology developers, industrial software developers, and open source forge providers. Together, they have addressed the complexity of…

Read more →

Absolute, the leader in endpoint resilience, announced free access for many of its existing customers to Absolute’s patented Persistence technology in order for these customers to ‘persist,’ or proactively repair and reinstall their existing virtual private network (VPN) applications. By…

Read more →

Cygilant, provider of Cybersecurity-as-a-Service to mid-sized organizations, shared recent enhancements to its SOCVue platform that improve the speed, efficiency and accuracy of how the company collaborates and solves problems for customers. The SOCVue security operations and analytics platform enables quick…

Read more →

Neustar, a global information services and technology company and leader in identity resolution, announced significant enhancements to its market-leading IP address geolocation service, UltraGeoPoint, (formerly known as IP GeoPoint) to help customers meet regulatory compliance requirements, strengthen network security and…

Read more →

The Ethernet Alliance, a global consortium dedicated to the continued success and advancement of Ethernet technologies, announced a successful validation of multivendor interoperability across 10 Gigabit Ethernet (10GbE), 25GbE, 50GbE, 100GbE, 200GbE and 400GbE technologies and solutions from 17 Ethernet…

Read more →

Fear of coronavirus infections has resulted in organizations ruling out large meetings. Healthy individuals are in home-quarantine for weeks at a time, even though they are not necessarily thought to carry the virus. This large number of individuals complying with…

Read more →

Yesterday, when Microsoft released its regular Patch Tuesday fixes, Cisco Talos and Fortinet inadvertently(?) also published information about CVE-2020-0796, a “wormable” vulnerability in the Microsoft Server Message Block (SMB) protocol that has yet to be fixed. Cisco Talos has since…

Read more →

Cybercriminals are likely to leverage the global anxiety around the coronavirus outbreak to execute ransomware attacks against businesses, according to RiskIQ. After extensive analysis of past ransomware attacks during global epidemics and current phishing campaigns leveraging the coronavirus, threat actors…

Read more →

Firefox and Chrome have recently begun supporting external DNS resolvers in the cloud. The use of these DNS services bypasses controls that enterprise IT organizations put in place to prevent end users from visiting unauthorized Internet destinations. Compounding the issue…

Read more →

Scam robocalls and phishing emails disguised as banks continue to trick consumers to put their personal information at risk, and tax season is no exception. Increase in potential threats During this time of the year consumers need to be aware…

Read more →

Organizations face major infrastructure and security challenges in supporting multi-cloud and edge deployments, according to a Volterra survey of more than 400 IT executives. The survey reveals that multi-cloud deployments are being driven primarily by a need to maximize availability…

Read more →

Arista Networks announced an optical line system in an OSFP (Octal Small Form-factor Pluggable) module form factor. The Arista OSFP-LS addresses the needs of Tier2 Cloud and Internet Service Providers for high bandwidth links that are easy to deploy and…

Read more →

Siren, the leading Elasticsearch-based investigative intelligence platform, announced the release of Siren 10.4. The latest version of Siren introduces a major breakthrough in big data graph analysis, the capability of finding the “shortest” paths across connected records that are inside…

Read more →

Everbridge, the global leader in critical event management (CEM), announced that the company has unveiled new CEM capabilities across the Internet of Things (IoT) for corporate, government and healthcare organizations to protect their people, assets, operations, supply chain and brand…

Read more →

SnapLogic, provider of the #1 Intelligent Integration Platform, announced that Dentsu Aegis Network, the global marketing service group, has deployed SnapLogic’s leading cloud integration platform to bring together the dozens of different business applications and IT systems across its multiple…

Read more →

NetApp, the leader in cloud data services, announced that it acquired Talon Storage, a leader in next generation software-defined storage solutions enabling global enterprises to centralize and consolidate IT storage infrastructure to the public clouds. The combination of NetApp Cloud…

Read more →

Malwarebytes, a leading advanced endpoint detection and remediation solution provider, announced that it has hired Adam Hyder as its new Senior Vice President of Engineering. In this role Hyder will drive Malwarebytes’ product development, innovation strategy, technical vision, and cloud…

Read more →

It’s March 2020 Patch Tuesday and Microsoft has dropped fixes for 115 CVE-numbered flaws: 26 are critical, 88 important, and one of moderate severity. The good news is that none of them under active attack. For the time being, Adobe…

Read more →

Someone has been trojanizing a wide variety of hacking tools to compromise the machines of hackers who want to use the tools for free, Cybereason researcher Amit Serper has revealed. “We have found a widespread hacking campaign that uses the…

Read more →

Is your organization using ManageEngine Desktop Central? If the answer is yes, make sure you’ve upgraded to version 10.0.474 or risk falling prey to attackers who are actively exploiting a recently disclosed RCE flaw (CVE-2020-10189) in its software. Active exploitation…

Read more →

Like it or not, cybercrime is big business these days. A casual glance at the news at any given time will typically reveal several new breaches, usually involving eye-watering amounts of personal or sensitive information stolen. As such, any executive…

Read more →

In this podcast recorded at RSA Conference 2020, Todd Weller, Chief Strategy Officer at Bandura Cyber, discusses the modern threat intelligence landscape and the company’s platform. The Bandura Cyber Threat Intelligence Protection Platform: Aggregates IP and domain threat intelligence from…

Read more →

A vulnerability (CVE-2020-8597) in the Point-to-Point Protocol Daemon (pppd) software, which comes installed on many Linux-based and Unix-like operating systems and networking devices, can be exploited by unauthenticated attackers to achieve code execution on – and takeover of – a…

Read more →

An IT startup has developed a novel blockchain-based approach for secure linking of databases, called ChainifyDB. “Our software resembles keyhole surgery. With a barely noticeable procedure we enhance existing database infrastructures with blockchain-based security features. Our software is seamlessly compatible…

Read more →

This 17-page e-book examines the increasing pressures faced by cybersecurity teams, risks of ineffective alert triage and new automation capabilities that dramatically improve the efficiency of security operations. With automated incident response and security orchestration, your team can: Respond to…

Read more →

ZimperiumZimperium, the global leader in mobile threat defense (MTD), announced a first-of-its-kind complete Mobile Application Protection Suite (MAPS), a comprehensive solution that helps organizations protect their mobile apps throughout their entire life cycle. “Until now, organizations trying to secure their…

Read more →

Telia Carrier launched its advanced SD-WAN service, an end-to-end networking solution that provides superior visibility, agility and control beyond the traditional WAN perimeter. Based on Cisco SD-WAN powered by Viptela, it is the only SD-WAN service in the world where…

Read more →

Echoworx, the industry leader in message encryption, unveiled enhancements to its OneWorld cloud-based security platform with the addition of user-centric two-factor authentication (2FA), enabling enterprises of all sizes to adopt best-in-class security protocols while improving user experience. “Enterprises, customers and…

Read more →

Trustwave announced the Trustwave Fusion platform, the company’s cloud-native platform that serves as the cornerstone for its products, managed security services and other cybersecurity offerings, in Germany. The platform delivers powerful threat detection and response capabilities to address a constantly…

Read more →

Global Cloud Xchange, the leading provider of global managed next-generation networks, and Sparkle, the first international service provider in Italy and among the top ten global operators, announced the extension of their partnership by adding new spectrum capacity over the…

Read more →

Deutsche Telekom and NetMotion have entered into a strategic partnership that will bring the software company’s enterprise-grade solutions to the carrier’s business customers in Germany and beyond. The launch of “Mobile Optimization Pro,” powered by NetMotion, further expands Deutsche Telekom’s…

Read more →

WatchGuard Technologies, a leading global provider of network security and intelligence, secure Wi-Fi and multi-factor authentication, announced that it has entered into a definitive agreement to acquire Panda Security, a leading global provider in advanced endpoint protection. Once the integration…

Read more →

The HPE Container Platform is the industry’s first enterprise-grade container platform designed to support both cloud-native and non-cloud-native applications using 100 percent open source Kubernetes – running on bare-metal or virtual machines (VMs), in the data center, on any public…

Read more →

Scammers and other criminals are always quick to take advantage of crises, and this latest – centered around the spread of the deadly Covid-19 coronavirus around the world – is no exception. With the Western world conducting a considerable chunk…

Read more →

With the number of data records breached in 2019 surpassing four billion, fraud prevention and regulatory compliance are, inevitably, top priorities for financial institutions (FIs). A recent report from Javelin, for example, found that FIs are significantly more focused on…

Read more →

In January, Microsoft reported its fiscal 2020 second quarter results. Among the company’s many impressive accomplishments is a 62% growth (yeay-over-year) of its Azure cloud service. This secures the company’s spot as a dominant player in the cloud space for…

Read more →

The future of business relies on being digital – but all software deployed needs to be secure and protect privacy. Yet, responsible cybersecurity gets in the way of what any company really wants to do: innovate fast, stay ahead of…

Read more →

An approach to network security that will enhance the effectiveness and timeliness of protection against adversarial intrusion and evasion strategies, has been identified by the Army’s corporate laboratory researchers in collaboration with the University of California, Riverside. Networked devices and…

Read more →

Passwords remain the dominant method of authentication and top cause of data breaches, according to MobileIron. A new report also highlighted the importance of a zero trust security strategy that provides context-aware, conditional access to a device or user. EMA…

Read more →

A10 Networks announced the availability of its Domain Name System (DNS) over HTTPS (DoH) capability in the Thunder Convergent Firewall (CFW). This native capability enables service providers to offer DoH services to their subscribers. It helps organizations who run DNS…

Read more →

Aruba, a Hewlett Packard Enterprise company, announced that its full family of high performance indoor Wi-Fi 6 access points (APs) – including the Aruba 500 Series, 510 Series, 530 Series and 550 Series APs – have achieved Wi-Fi CERTIFIED 6…

Read more →

Accenture has acquired Context Information Security, a leading cyber defense consultancy, previously owned by parent company Babcock International Group. Financial terms were not disclosed. Founded in 1998 and headquartered in London, Context is one of the most recognizable and respected…

Read more →

Here’s an overview of some of last week’s most interesting news, articles and podcasts: March 2020 Patch Tuesday forecast: Let’s put the madness behind us Did you survive the madness of February 2020 Patch Tuesday and its aftermath? We saw…

Read more →

UK ISP and telecom provider Virgin Media has confirmed on Thursday that one of its unsecured marketing databases had been accessed by on at least one occasion without permission (though the extent of the access is still unknown). The database,…

Read more →

Microsoft has released PowerShell 7, the latest major update to its popular task automation tool and configuration management framework that can be used on various operating systems. What is PowerShell? PowerShell was initially a Windows component, but was open-sourced in…

Read more →

Did you survive the madness of February 2020 Patch Tuesday and its aftermath? We saw Windows 7 and Server 2008 finally move into extended security support and then Microsoft pulled a rare, standalone Windows 10 security patch following some unexpected…

Read more →

Embedding cybersecurity into our enterprises remains a difficult problem to solve. Year after year, billions of dollars are spent on building checks and controls, but the rate of attacks and breaches has only accelerated. No one seems to be immune.…

Read more →

Hackers are using hidden mobile apps, third-party login and counterfeit gaming videos to target consumers, according to McAfee. Worldwide detections of LeifAccess, 2019 Last year, hackers targeted consumers with a wide variety of methods, from backdoors to mining cryptocurrencies. Hackers…

Read more →

More than 50 percent of security and IT leaders agree that they are very concerned about the security of corporate endpoints given the prevalence of sophisticated attack vectors like ransomware, disruptionware, phishing and more, according to a survey from RSA…

Read more →

More than half of all healthcare vendors have experienced a data breach that exposed protected health information (PHI), and it’s a costly problem that points to broken third-party risk assessment processes, according to data released by the Ponemon Institute and…

Read more →

HITRUST, a leading data protection, standards development, and certification organization, announces the general availability of the HITRUST Shared Responsibility Program and Matrix Version 1.0. The Matrix is the first ever common model for communicating and assigning security and privacy responsibility…

Read more →

Western Digital is enabling small and medium-sized enterprises (SMEs) to easily transition to NVMe storage and dramatically improve application performance with a new addition to its portfolio of data center NVMe SSDs: the first enterprise-class NVMe SSD in the WD…

Read more →

Titus, the expert in data classification and a Blackstone portfolio company, introduced Titus Illuminate 2020, the latest release of the company’s flagship solution for identifying and classifying unstructured data at rest. Titus Illuminate 2020 seamlessly integrates with Titus Accelerator for…

Read more →

Neustar, a global information services and technology company and leader in identity resolution, has announced it has completed the major upgrade and enhancement of its UltraDNS capabilities, ensuring it remains one of the fastest and most robust always-available DNS providers…

Read more →

Checkmarx, a global leader in software security solutions for DevOps, announced that Ron Kormanek, vice president of North America sales, has been appointed to the company’s executive management team as it continues to drive rapid customer adoption and set the…

Read more →

Cyber criminals have been trying out a new approach for delivering malware: fake alerts about outdated security certificates, complete with an “Install (Recommended)” button pointing to the malware. The malware peddlers behind this scheme are obviously counting on users not…

Read more →

Cybercriminals were able to register malicious generic top-level domains (gTLDs) and subdomains imitating legitimate, prominent sites due to Verisign and several IaaS services allowing the use of specific characters that look very much like Latin letters, according to Matt Hamilton,…

Read more →

79% of enterprises want better integrated security and governance for their data in the cloud, a survey from AtScale reveals. “As more enterprises embrace cloud transformation, IT and data teams face increased pressure to harness the power of data and…

Read more →

There will be 8.3 billion mobile broadband subscriptions by the end of 2024, which translates to 95 percent of all subscriptions by then, according to the SMU Office of Research & Tech Transfer. Total mobile data traffic will reach 131…

Read more →

As of January 2020, nearly 1 million (933,973) domains have published DMARC records — an increase of 70% compared to last year, and more than 180% growth in the last two years. In addition, 80% of all inboxes worldwide do…

Read more →

In today’s perilous cyber world, companies must carefully check their vendors’ cyber posture, and the initial vetting of any third party typically begins with a comprehensive security questionnaire. But these can be a headache, because many questionnaires include hundreds of…

Read more →

Keysight Technologies, a leading technology company that helps enterprises, service providers and governments accelerate innovation to connect and secure the world, announced the release of the UHD100T32 100 Gigabit Ethernet (GE) test system, the industry’s first test system purpose-built to…

Read more →

BetterUp, the market leader and pioneer of mobile, personalized coaching for professionals, announced two new product innovations – Identify AI and Coaching Clouds – to help organizations deliver more effective, hyper-personalized coaching at scale to any employee at any level…

Read more →

Radisys, a global leader of open telecom solutions, announced the deployment of the Radisys Engage portfolio of digital engagement and AI-based real-time media applications on Open Network Edge Services Software (OpenNESS), an open source multi-access edge compute (MEC) platform initiative…

Read more →

Security incidents are only growing in number—according to ISACA’s 2019 State of Cybersecurity survey report, part 2, 46 percent of respondents believe that their enterprises are experiencing an increase in attacks relative to last year. In light of this, incident…

Read more →

SentryOne announces new editions of SQL Sentry, the company’s top-rated database performance monitoring product, to help companies select the monitoring solution that best fits their needs. The new editions include support for monitoring SQL Server and related systems running on…

Read more →

Infoblox, the leader in Secure Cloud-Managed Network Services, announced new updates to its Network Identity Operating System (NIOS) platform, adding the ability to monitor NIOS via the cloud-based BloxOne platform, as well as improving performance and simplifying network monitoring for…

Read more →

Swimlane, a leader in security orchestration, automation and response (SOAR), announced it has been granted US Patent 10,552,615, “Threat Response Systems and Methods,” by the United States Patent and Trademark Office (USPTO). The patent validates Swimlane’s dynamic approach to using…

Read more →

Appsian, the leader in ERP data security, announced the SAP integration certification of their data security and compliance platform for SAP ERP Central Component (SAP ECC) and SAP S/4HANA. By integrating attribute-based access controls (ABAC), fine-grained data security solutions and…

Read more →

Jazz Networks, an award-winning insider threat security company, announced Joel Brunson has joined as CEO of Federal business. Brunson brings world-class leadership in business growth and proven expertise in the federal government sector. “In receiving the highest accolade in the…

Read more →

Starting with 20:00 UTC (3:00pm US EST), today (March 4), the non-profit certificate authority Let’s Encrypt will begin it’s effort to revoke a little over 3 million TLS/SSL certificates that it issued while a bug affected its CA software. Preliminary…

Read more →

Cybercriminals continued a barrage of attacks in 2019, spurred on by botnets of infected IoT devices and by attacker interest in the Eternal Blue vulnerability. A report from F-Secure documents a steep increase in attack traffic in 2019 that was…

Read more →

Zero trust is a comprehensive security framework that requires everyone—and every service account—to authenticate identity before entering the corporate network. Every app and every device, as well as all the data they contain, must also be verified for each session.…

Read more →

During 2019, financially motivated cybercrime activity occurred on a nearly continuous basis, according to a CrowdStrike report. There was an increase in incidents of ransomware, maturation of the tactics used, and increasing ransom demands from eCrime actors. Increasingly these actors…

Read more →

Online payment fraud attempts increased by 73 percent in 2019, according to a report from Sift. Additional findings in the report reveal that cybercriminals are using mobile devices more than desktops or laptops to commit payment fraud. In fact, though…

Read more →

Billions of personal data records are up for sale on the Dark Web as data breaches continue to occur at an alarming rate. According to Risk Based Security’s 2019 Midyear Data Breach report, there was a 54% increase in data…

Read more →

HID Global, a worldwide leader in trusted identity solutions, announced the launch of HID Signo, its signature line of readers that creates a new industry benchmark for the most adaptable, interoperable and secure approach to access control. The new readers…

Read more →

Keysight Technologies, a leading technology company that helps enterprises, service providers and governments accelerate innovation to connect and secure the world, launched the Keysight N9021B MXA X-Series Signal Analyzer which provides design validation and manufacturing engineers with superior phase noise…

Read more →

Keysight Technologies, a leading technology company that helps enterprises, service providers and governments accelerate innovation to connect and secure the world, introduced new benchmarking and troubleshooting tools that enable device makers and mobile operators to automate testing and reporting across…

Read more →

Kingston Digital, the Flash memory affiliate of Kingston Technology Company, a world leader in memory products and technology solutions, announced the availability of DC1000M, a new U.2 data center NVMe PCIe SSD. DC1000M is designed to support a wide range…

Read more →

SnapLogic, provider of the #1 Intelligent Integration Platform, and system integration and data analytics services firm Rojo Consultancy, announced an expanded partnership and new pre-built intelligent connectors to make it faster and easier to integrate SAP applications and data sources…

Read more →

Trend Micro, a global leader in cybersecurity solutions, announced new initiatives designed to enhance collaboration with global law enforcement and developing nations through cybersecurity outreach, support and training. “As the eyes of the world turn to Japan for major international…

Read more →

Datto, the leading global provider of cloud-based software and technology solutions delivered through managed service providers (MSPs), announced that John F. Abbot has joined its executive management team as Chief Financial Officer (CFO), effective March 2, 2020. He is based…

Read more →

The U.S. Department of Justice’s Cybersecurity Unit has released guidelines for organizations that want to gather cyber threat intelligence from dark web forums/markets but, at the same time, want to stay on the right side of the (U.S. federal criminal)…

Read more →

Passwords have been around since ancient times and they now serve as the primary method for authenticating a user during the login process. Individuals are expected to use unique username and password combinations to access dozens of protected resources every…

Read more →

In this podcast recorded at RSA Conference 2020, we’re joined by the ThreatQuotient team talking about a threat-centric approach to security operations, the evolution of threat intelligence and the issues surrounding it. Our guests are: Chris Jacob, VP of Threat…

Read more →

While corporations today are more knowledgeable about security threats and prepared to respond to data breaches, there are key areas in which progress declined in 2019, according to a study conducted by the Ponemon Institute. Prepare beyond your data breach…

Read more →

Ultrasonic waves don’t make a sound, but they can still activate Siri on your cellphone and have it make calls, take images or read the contents of a text to a stranger. All without the phone owner’s knowledge. Ning Zhang,…

Read more →

At a certain point, almost every organization reaches the conclusion that there is a need to move past the standard AV and firewall stack in order to protect their environment. The Advanced Threat Protection Beyond the AV guide guides security…

Read more →

Jetico, long-trusted pioneer in data encryption, announced support for Mac computers with a T2 security chip. With this update, BestCrypt Volume Encryption – Enterprise Edition becomes the industry’s most comprehensive enterprise encryption software for Windows and macOS. “Native OS encryption…

Read more →

Securonix, a leader in Next-Gen SIEM, announced that multiple Securonix Security Operations & Analytics Platform products have been approved for Network Security Management of the Department of Homeland Security’s Continuous Diagnostics and Mitigation (CDM) program’s Approved Products List. The CDM…

Read more →

Here’s an overview of some of last week’s most interesting news and articles: RSA Conference 2020 coverage Check out our microsite for related news, photos, product releases, and more. Healthcare industry at greatest risk of data breach The healthcare industry…

Read more →

Data-security and privacy pioneer Dathena announced the appointment of veteran software engineer Lylian Kieffer as its new Chief Technology Officer. Kieffer will lead Dathena’s engineering department, overseeing development and technical operations as the deep-tech leader expands its global offerings and…

Read more →