Category: Help Net Security

Zyxel Astra prevents unauthorized endpoint access

Zyxel Networks launched the Zyxel Astra, a new cloud-based endpoint security service that enables SMBs to secure remote users regardless of their location. Designed to address the unique network security challenges presented by hybrid work environments, Astra enables network administrators…

Forter acquires Immue to enhance bot detection capabilities

Forter acquires Immue to not only strengthen the company’s existing fraud management capabilities but add Immue’s domain-specific bot expertise. Bots are used by the most sophisticated fraud operations to monitor and automate purchases from merchant sites. In fact, it’s frequently…

Google ads increasingly pointing to malware

The FBI has recently warned the public about search engine ads pushing malware diguised as legitimate software – an old tactic that has lately resulted in too many malicious ads served to users searching for software, cracked software, drivers –…

Global instability increases cyber risk, says World Economic Forum

Geopolitical instability is exacerbating the risk of catastrophic cyberattacks, according to the Global Cybersecurity Outlook 2023 report from the World Economic Forum. The great threat Over 93% of cybersecurity experts and 86% of business leaders believe “a far-reaching, catastrophic cyber…

Varonis strengthens data security with least privilege automation

Varonis introduced least privilege automation for Microsoft 365, Google Drive, and Box — a new capability that continuously removes unnecessary data risk without human intervention. This innovation furthers Varonis’ mission to deliver effortless data security outcomes to customers. Unlike other…

Potential threats and sinister implications of ChatGPT

ChatGPT from OpenAI is a conversational chatbot recently released in preview mode for research purposes. It takes natural language as input and aims to solve problems, provide follow-up questions or even challenge assertions depending on your question. In this Help…

How data protection is evolving in a digital world

Companies are challenged with more complex hybrid IT environments. They are raising budgets to fend off cyberattacks and keep up as production environments continue to diversify across various clouds, according to Veeam Software. The result is that IT leaders feel…

Varonis unveils least privilege automation to improve data security

Varonis introduced least privilege automation for Microsoft 365, Google Drive, and Box — a new capability that continuously removes unnecessary data risk without human intervention. This innovation furthers Varonis’ mission to deliver effortless data security outcomes to customers. Unlike other…

Threats that will dominate headlines in 2023

In this Help Net Security video, MacKenzie Jackson, Developer Advocate at GitGuardian, offers his cybersecurity predictions for 2032. These include: Developers will be a priority target for hacking campaigns Doubling down on MFA bypass Source code security More efforts to…

Why encrypting emails isn’t as simple as it sounds

The quality of protected communications matters – a lot. If the sent material is highly sensitive and the legislation and/or policy demands high security, opportunistic encryption might not be enough. For organizations, deciding what email encryption solution to use is…

Post-quantum cybersecurity threats loom large

A new Zapata Computing report reveals a deepening commitment from enterprises that points to a maturing industry with widespread, global interest and increased urgency regarding post-quantum cybersecurity threats. The growing interest in quantum is translating into spending, demonstrated by 71%…

Vulnerabilities in cryptographic libraries found through modern fuzzing

Recently patched vulnerabilities in MatrixSSL and wolfSSL, two open-source TLS/SSL implementations / libraries for embedded environments, have emphasized the great potential of using fuzzing to uncover security holes in implementations of cryptographic protocols. CVE-2022-43974 and CVE-2022-42905 CVE-2022-43974 is a buffer…

7 security predictions for 2023

What will the security landscape in 2023 look like? Here’s my take. 1. Attackers’ tactics will evolve, and defense strategies will evolve with them With online platforms and social media fully integrated into our daily routine, phishing and social engineering…

How to protect yourself from bot-driven account fraud

Bots continue to evolve and thrive at the expense of companies. Kasada’s research shows revenue loss from bot-driven account fraud and web scraping continues to skyrocket, despite companies spending more on bot mitigation solutions every year. In this Help Net…

Maximizing data value while keeping it secure

How can organizations create an environment that allows the broadest access across distributed warehouses, databases, object stores and data exchanges, while at the same time maintaining consistent data oversight? There’s no single template for enacting robust and effective data controls.…

Ordr partners with GE HealthCare to secure clinical assets

Ordr has formed a collaboration with GE HealthCare to offer customers a solution leveraging Ordr’s platform for health systems. The solution addresses critical patient care challenges across three key stakeholder groups: biomedical and healthcare technology management (HTM) teams, giving them…

Scott Harrell joins Infoblox as CEO

Infoblox has unveiled that Jesper Andersen has decided to retire as CEO and the Board of Directors has appointed Scott Harrell as the new President and CEO. Andersen will continue to serve on the Board and support Harrell through the…

6 oversights that enable data breaches

Personal employee or customer data accounted for nearly 45% of all data stolen between July 2021 and June 2022, while companies’ source code and proprietary information accounted for a further 6.7% and 5.6% respectively, according to Imperva. More positively, the…

Why the atomized network is growing, and how to protect it

Security teams struggle to defend their dispersed networks because the technologies responsible for network security are being pushed towards obsolescence by evolutionary pressures. Strategies like EDR and MFA become less effective than intended, leaving organizations with unknown gaps that lead…

Cloudflare unveils several email security and data protection tools

Cloudflare announced several new zero trust email security solutions, compatible with any email provider, to protect employees from multichannel phishing attacks, prevent sensitive data being exfiltrated via email, and help businesses speed up and simplify deployments. Now, Cloudflare is providing…

Hitachi Vantara hires Monica Kumar as CMO

Hitachi Vantara has unveiled that Monica Kumar has assumed the role of Chief Marketing Officer (CMO) at the organization, effective immediately. She reports directly to CEO Gajen Kandiah. “Great companies are those who can find a way to articulate their…

Chris Cabrera joins Arkose Labs Board of Directors

Arkose Labs has announced that Chris Cabrera, founder and CEO of Xactly Corporation, has joined its Board of Directors effective Jan. 1, 2023. Cabrera is the company’s seventh board member, and represents the interest of common shareholders. Arkose Labs’ board…

Tufin appoints Raymond Brancato as CEO

Tufin has appointed Raymond Brancato as CEO, effective immediately. Raymond has more than 27 years of experience developing and executing go-to-market strategies in the technology industry and will be taking the lead role at the company to guide it through…

Cerberus Sentinel acquires RAN Security

Cerberus Sentinel has signed a definitive agreement for the acquisition of RAN Security. Under the terms of the agreement, RAN Security will become a wholly owned subsidiary of Cerberus Sentinel. The transaction is expected to close later in the year,…

Hack The Box raises $55 million to expand its business

Hack The Box announces a Series B investment round of $55 million led by Carlyle, alongside Paladin Capital Group, Osage University Partners, Marathon Venture Capital, Brighteye Ventures, and Endeavor Catalyst Fund. The new investment will accelerate Hack The Box’s growth…

Crypto audit of Threema revealed many vulnerabilities

Researchers have discovered cryptographic vulnerabilities in Swiss-based secure messaging application Threema that may have allowed attackers to do things like break authentication or recover users’ long-term private keys. The vulnerabilities have been fixed and Threema has since switched to a…

Google is calling EU cybersecurity founders

Google announced that the Google for Startups Growth Academy: Cybersecurity program now accepts applications from EU companies. The three-month program, announced last fall, will start in April and connect the finest of Google with the top European cybersecurity firms. From…

The most significant DDoS attacks in the past year

DDoS attacks are getting larger and more complex moving towards mobile networks and IoT, which are now used in cyberwarfare. In this Help Net Security video, Steve Winterfeld, Advisory CISO at Akamai, discusses the most powerful DDoS attacks in the…

NetSPI acquires nVisium to scale its offensive security solutions

NetSPI has acquired nVisium to further scale its offensive security solutions and address heightened demand for human-delivered penetration testing. nVisium will support NetSPI’s continued efforts to deliver strategic security testing solutions to enterprises. With the acquisition, NetSPI now has over…

Simeio acquires PMG to protect digital identities

Simeio’s acquisition of PathMaker Group (PMG) is a key strategic move that complements Simeio’s organic strategy of expanding into new industries and talent pools and adding new capabilities around identity orchestration and automation. The acquisition also strengthens Simeio’s presence in…

Microsoft plugs actively exploited zero-day hole (CVE-2023-21674)

To mark the January 2023 Patch Tuesday, Microsoft has released patches for 98 CVE-numbered vulnerabilities, including one exploited in the wild (CVE-2023-21674) and one (CVE-2023-21549) that’s been publicly disclosed. Both allow attackers to elevate privileges on the vulnerable machine. Vulnerabilities…

You must build a security team. Where do you start?

Security veteran Chris Deibler, the new VP of Security at DataGrail, has been brought in to build the company’s security team to support its growth. A former Director of Security Engineering at Shopify and Director of Security at Twitch, he…

How to gain security consciousness through cost

In this Help Net Security video, Karthik Kannan, CEO at Anvilogic, talks about predictions for the cybersecurity world in 2023 and how to gain security consciousness through cost. The post How to gain security consciousness through cost appeared first on…

4 identity security trends to watch in 2023

While many of the tried and true best security hygiene practices remain, we’ll face new and complex business challenges related to how we work, the systems we use, threats and compliance issues we face. Although often overlooked, a strong identity…

Zyxel releases XMG1930 series of switches for SMBs

Zyxel Networks has launched the XMG1930 series switches that provide SMBs, system integrators, managed service providers, and small internet service providers with a solution to support the increasing bandwidth requirements driven by advanced business applications. Upgrade network speeds without re-cabling…

DataGrail names Chris Deibler as VP of Security

DataGrail announced that Chris Deibler, formerly of Shopify, Twitch, and Box, has been named DataGrail’s VP of Security. Deibler will oversee the building out of the security team for DataGrail as it transitions into its next phase of growth. The…

Appgate appoints Leo Taddeo as CEO and President

Appgate has unveiled that its board of directors has appointed Leo Taddeo as the company’s new Chief Executive Officer and President, effective January 4, 2023. With 25 years of executive federal and commercial experience, Taddeo had been serving as Appgate’s…

How to improve your incident response plan for 2023

You may already have an IR plan but regardless of how thorough you might feel it is at this moment, the evolving cyber threat landscape and shifting circumstances within your organization demand regular changes and improvements. What are the attack…

Why FIDO and passwordless authentication is the future

In this Help Net Security video, Jason Kent, Director at Open Seas, explains why FIDO and passwordless authentication is the future. He dives deep into the technical reasons and explains why physical FIDO authentication is safer than other software/app/SMS solutions.…

Trend Micro establishes new subsidiary for 5G cybersecurity

Trend Micro has established CTOne, a new Trend Micro subsidiary focused on advancing 5G network security and beyond. The group’s intellectual capital and leadership come from Trend Micro’s culture of innovation and is the latest incubation project to launch as…

Cloud-native application adoption puts pressure on appsec teams

Oxeye revealed five predictions expected to shape enterprise security spending in 2023. The predictions follow industry-wide research, which shows the industry is shifting away from legacy software infrastructure and standardizing on cloud-native applications – resulting in the need for new…

Digital forensics incident readiness

Digital forensics is used to find, examine and analyze digital evidence that can serve in criminal investigations, but also in incident response, investigations of data breaches, to unearth insider threats, etc. Colm Gallagher, Forensics Director, CommSec Communications & Security, talks…

LogRhythm platform enhancements enable analysts to detect threats

LogRhythm has unveiled a series of expanded capabilities and integrations for its security operations solutions. The updates propel LogRhythm’s ability to be a force multiplier for overwhelmed security teams who are expected to confidently, effectively, and efficiently defend against cyberattacks.…