Category: Help Net Security

The impact of the Great Resignation and the Great Reshuffle is still strongly felt across many industries, including cybersecurity. There is a talent gap: Companies are struggling to hire enough talent to fulfill their needs and goals. Widen the pool…

Read more →

Perygee has closed a $4.75 million seed investment led by Ballistic Ventures. The round also includes investment from cybersecurity angels Ray Rothrock, John Donovan, Ohad Finkelstein, Corey Thomas, and Bryson Bort, as well as BBG Ventures, which backs early-stage startups…

Read more →

Arnica has unveiled the general availability of its product and $7 Million in seed funding. The round was led by Joule Ventures and First Rays Venture Partners, with angel investment from industry leaders including Avi Shua, co-founder & CEO of…

Read more →

Valence Security is announcing its $25 million Series A round led by Microsoft’s M12 venture fund with participation from seed investor YL Ventures and additional investors including Porsche Ventures, Akamai Technologies, Alumni Ventures and Michael Fey, CEO of Island and…

Read more →

InterVision has teamed with Arctic Wolf to help proactively protect organizations against today’s cyberattacks. The Arctic Wolf Security Operations Cloud pairs the power, speed, and scale of a cloud-native platform with world-class security operations expertise that provides organizations with comprehensive…

Read more →

ExtraHop has unveiled a new integration between Reveal(x), its network detection and response (NDR) platform, and Splunk SOAR. Using the Reveal(x) integration, Splunk SOAR users now have expanded visibility with packet-level insights from IoT to the cloud including unmanaged devices,…

Read more →

In the world of insurance providers and policies, cyber insurance is a fairly new field. And many security teams are trying to wrap their heads around it. What is it and do they need it? And with what time will…

Read more →

33N Ventures is fundraising €150 million for investing in cybersecurity and infrastructure software companies across Europe, Israel, and the US. The fund will mostly target investments at Series A and B, with an average ticket size of around €10 million,…

Read more →

CloudSphere recently released the results of its EOL Management and Risk for IT Assets survey, which reveals the level of confidence individuals have regarding which end-of-life (EOL) or near-EOL applications pose a significant risk to businesses. In this Help Net…

Read more →

In this Help Net Security video, Robert Waitman, Privacy Director and Head of Privacy Research Program at Cisco, discusses the key findings of Cisco’s 2022 Consumer Privacy Survey. This year’s survey highlights the critical need for further transparency as consumers…

Read more →

Oxeye will demonstrate its Cloud Native Application Security solution at KubeCon 2022 in Detroit, Michigan, October 24-28. Located at booth SU74, Oxeye will show how the company’s platform combines static analysis with agentless runtime flow tracing and infrastructure analysis to…

Read more →

The OpenSSL Project team has announced that, on November 1, 2022, they will release OpenSSL version 3.0.7, which will fix a critical vulnerability in the popular open-source cryptographic library (but does not affect OpenSSL versions before 3.0). According to the…

Read more →

MyOpenVDP is a turnkey open-source solution allowing anyone to host their own vulnerability disclosure policy (VDP). Developed by YesWeHack, the web application is available on GitHub. How MyOpenVDP works Someone finds a vulnerability or a security bug on your website…

Read more →

ISARA revealed that it is dedicating the intellectual property behind its ISARA Catalyst Agile Digital Certificate Methodology — including four patents — to the public. Industry leaders, including Crypto4A, DigiCert, Entrust, ISARA, Keyfactor, PKI Solutions, Sectigo, and Venafi, are among…

Read more →

The Irish Reporting and Information Security Service’s (IRISSCERT) Conference on Cybercrime will be on the 10th of November 2022 in the Aviva stadium. This all-day conference will focus on providing attendees with an overview of the current cyber threats facing…

Read more →

The impact of the Great Resignation and the Great Reshuffle is still strongly felt across many industries, including cybersecurity. There is a talent gap: Companies are struggling to hire enough talent to fulfill their needs and goals. Widen the pool…

Read more →

SecurityScorecard launches two cyber threat intelligence solutions to deliver a full view of organizations’ global cyber risk exposure. These new offerings, Attack Surface Intelligence (ASI) and Cyber Risk Intelligence (CRI), provide security teams with contextual intelligence, summarized views, and enriched…

Read more →

Uptycs announced enhanced Kubernetes and container security capabilities. These new features provide threat detection for container runtime correlated with the Kubernetes control plane attacks alongside scanning of container images in registries for vulnerabilities, malware, credentials, secret keys, and other sensitive…

Read more →

Scribe Security launched evidence-based security trust hub, offering a true end-to-end software supply chain security. In recent years, software supply chains—both open-source and proprietary CI/CD pipelines— have become more attack-prone than ever before. In 2022, Gartner listed digital supply chains…

Read more →

Votiro launched RetroScan functionality, which produces threat analytics on the undetectable threats that Votiro eliminates. After Votiro removes all potentially malicious components from incoming files, the new RetroScan feature analyzes every file retrospectively over the last seven, fourteen, or twenty…

Read more →

Akamai announced a significant evolution of its DDoS protection platform (Prolexic) with a global rollout of new, fully software-defined scrubbing centers, which will extend its dedicated defense capacity to 20 Tbps and accelerate future product innovations. In the wake of…

Read more →

SkyKick releases Security Manager to help IT partners better protect customers in the cloud and accelerate growth by reducing the cost and complexity of delivering security services for their customers. As SMBs continue their shift to the cloud – accelerated…

Read more →

In the world of insurance providers and policies, cyber insurance is a fairly new field. And many security teams are trying to wrap their heads around it. What is it and do they need it? And with what time will…

Read more →

33N Ventures is fundraising €150 million for investing in cybersecurity and infrastructure software companies across Europe, Israel, and the US. The fund will mostly target investments at Series A and B, with an average ticket size of around €10 million,…

Read more →

CloudSphere recently released the results of its EOL Management and Risk for IT Assets survey, which reveals the level of confidence individuals have regarding which end-of-life (EOL) or near-EOL applications pose a significant risk to businesses. In this Help Net…

Read more →

In this Help Net Security video, Robert Waitman, Privacy Director and Head of Privacy Research Program at Cisco, discusses the key findings of Cisco’s 2022 Consumer Privacy Survey. This year’s survey highlights the critical need for further transparency as consumers…

Read more →

Loft Labs has integrated with the open source tool Argo CD (continuous delivery) to automate the deployment of services to virtual Kubernetes clusters. Now, virtual clusters created in Loft are automatically recognized in Argo CD including user permissions and access…

Read more →

GoSecure and Check Point partnership will enable GoSecure to add support for Check Point’s security products, expanding their open ecosystem of MDR/XDR technology partners. The new technology partnership with Check Point reinforces GoSecure’s commitment to optimizing clients’ investments in security…

Read more →

Australian private health insurance provider Medibank has revealed that the hack and data breach it discovered over two weeks ago has affected more customers than initially thought. “We have received a series of additional files from the criminal. We have…

Read more →

For the ninth time this year, Apple has released fixes for a zero-day vulnerability (CVE-2022-42827) exploited by attackers to compromise iPhones. About CVE-2022-42827 CVE-2022-42827 is an out-of-bounds write issue in the iOS and iPadOS kernel, which can be exploited to…

Read more →

In the first half of 2022, the amount of DDoS attacks increased by 75.6% compared to the second half of 2021, according to new Nexusguard research revealed in the company’s DDoS Statistical Report for 1HY 2022. In this Help Net…

Read more →

Open-source software has reached greater levels of security than ever before, but its increased adoption comes with new challenges. In this Help Net Security video, Josep Prat, Open Source Engineering Director at Aiven, illustrates how threat actors see greater use…

Read more →

Cyberattacks can cost lives — especially in the healthcare sector. Nearly a quarter of healthcare providers victimized by ransomware reported increased mortality rates following an attack, and 70% experienced longer hospital stays or procedure delays leading to poor patient outcomes.…

Read more →

Northwave has conducted scientific research into the psychological effects of a ransomware crisis on both organizations and individuals. The findings reveal the deep marks that a ransomware crisis leaves on all those affected. It also shows how their IT and…

Read more →

(ISC)² highlighted a stark increase in the shortage of cybersecurity professionals as it announced the findings of its 2022 (ISC)² Cybersecurity Workforce Study. The study reveals the global cybersecurity workforce is at an all-time high, with an estimated 4.7 million…

Read more →

ServiceNow has released Lightstep UQL (Unified Query Language) which will help companies extend visibility across Kubernetes applications. Using shift-left observability directly in code, DevOps teams help ensure Kubernetes applications are ‘born’ fully observable and proactively enforce consistency, maintainability, and reproducibility…

Read more →

GoCardless launched Protect+, an end-to-end fraud prevention solution that detects fraudulent activity and protects merchants from potential losses through enhanced payer verification, 24/7 fraud monitoring and chargeback challenges. With Protect+, merchants will be able to improve their overall percentage of…

Read more →

CyberCube launched a set of detailed Exposure Databases to enable (re)insurers and brokers to perform a wide array of benchmarking, sensitivity, and real-time analyses for cyber risks. The Exposure Databases provide a foundation for cyber risk model and include CyberCube’s…

Read more →

Jumio unveiled its extended Jumio KYX Platform, with an integrated orchestration hub benefiting from the company’s acquisition of 4Stop. The platform streamlines fraud and eKYC/AML compliance management with the intuitive one-stop orchestration hub, which brings together global data, risk signals,…

Read more →

Aware introduced its newest product, AwareID, combining multi-factor authentication and multi-modal biometrics into a single, low-code platform that is pre-configured for the most common use cases and is functional right from the start. “We know that the increased frequency of…

Read more →

Prove Identity launches Prove Auth, a next-generation solution for passwordless login and omnichannel authentication. Prove Auth enables companies to reduce reliance on passwords and one-time passcodes (OTPs) and empowers consumers to frictionlessly authenticate in all channels including phones, desktops and…

Read more →

Scale Computing and Mako Networks have joined forces to deliver intelligent, reliable, and simple-to-manage total edge solutions. The partnership enables a complete, secure, edge infrastructure that includes robust, reliable compute, and standards-compliant network devices (including PCI DSS), simplified enterprise edge…

Read more →

CYE announced its appointment of Ira Winkler as Field CISO, alongside the expansion of its rapidly growing sales team. Ira joins CYE to bolster its operations in the US as the company continues to expand during a period of hyper…

Read more →

Hornetsecurity launches a next-generation Security Awareness Training, to better equip employees to counter cyber-attacks, building on its international reputation as a cybersecurity leader. Cyber criminals are constantly innovating and attacks are on the rise: Hornetsecurity’s 2022 Ransomware Report found that…

Read more →

In this interview with Help Net Security, Yossi Appleboum, CEO at Sepio, talks about asset risk management challenges for different industries and where it’s heading. Cyberattacks show no signs of slowing down. What do organizations need to do to boost…

Read more →

cert-manager adds certificates and certificate issuers as resource types in Kubernetes clusters and simplifies the process of obtaining, renewing, and using those certificates. It can issue certificates from a variety of supported sources, including Let’s Encrypt, HashiCorp Vault, and Venafi…

Read more →

The Shadowserver Foundation fulfills a unique role in the cybersecurity ecosystem by supplying vital security information to Internet defenders and law enforcement at no cost. In this Help Net Security video, Piotr Kijewski, CEO at The Shadowserver Foundation, talks about…

Read more →

Social engineering – also known as human hacking – is an expression that encompasses a number of methods and vectors attackers use to manipulate targets into giving away or providing access to sensitive information, or generally performing actions that are…

Read more →

Socure has released its newest Sigma Synthetic Fraud model, a synthetic identity fraud detection solution that identifies manipulated and fabricated identities with precision. Core to the precision of Sigma Synthetic Fraud is the integration of two critical fraud-fighting features: powerful…

Read more →

Sonatype unveiled its eighth annual State of the Software Supply Chain Report which, in addition to a massive surge in open source supply, demand, and malicious attacks, found that 96% of open source Java downloads with known-vulnerabilities could have been…

Read more →

Driven by customer demand, the Rafay Technical Alliance Program accelerates the ongoing innovation effort between Rafay and strategic partners to deliver enhanced value to mutual customers. Kubernetes adoption within enterprises is frequently stalled by the overwhelming number of software addons…

Read more →

Syntellis Performance Solutions has unveiled enhancements to Axiom Enterprise Decision Support (EDS). The new features will better support the increasingly complex data and reporting needs of large healthcare organizations with near real-time insights for faster decision-making and an improved user…

Read more →

Dremio has unveiled its support for DML operations (insert, update & delete) on Apache Iceberg tables and for time travel for in-place querying of historical data. These features enable key data lakehouse use cases that were previously only available in…

Read more →

Cisco has published a heads-up for admins of Cisco Identity Services Engine solutions, about two vulnerabilities (CVE-2022-20822, CVE-2022-20959) that could be exploited to read and delete files on an affected device, and to execute arbitrary script or access sensitive information.…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Medibank hack turned into a data breach: The attackers are demanding money Medibank, Australia’s largest private health provider, has confirmed that last week’s “cyber incident”…

Read more →

New Relic has introduced the public preview of New Relic Vulnerability Management to empower organizations to manage their security posture and risk as a core part of their observability strategy. This new offering helps engineering teams eliminate data and team…

Read more →

Student Freedom Initiative and Cisco have expanded their partnership to bolster cybersecurity infrastructure at Historically Black Colleges and Universities (HBCUs) by adding three prominent Certified Minority Business Enterprises (MBEs)—Procellis Technology, Sology Solutions, and IPC Consulting—to the cybersecurity implementation team. This…

Read more →

Visibility is always a priority, but it’s vital when responding to an incident. Time is always working against incident responders. Looking through rows of text data and making connections between them and the suspicious activity under investigation is time spent…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from AwareGO, Code42, Corelight, EnigmaSoft, Exabeam, Mandiant, and RSA. Code42 enhances Incydr Risk Indicators to help users protect and classify sensitive data Code42 has enhanced its…

Read more →

Trilio‘s Continuous Restore offers faster levels of replication, restoration and migration of Kubernetes data and metadata from any cloud or storage platform to another, providing near-instantaneous recovery times for cloud-native applications. Entirely distribution-, cloud- and storage-agnostic, Trilio’s Continuous Restore enables…

Read more →

Red Hat has released Red Hat Enterprise Linux for Workstations on AWS, a cloud-based, virtual workstation built on the hardened innovation foundation of Red Hat Enterprise Linux. Accessible via an Amazon-provided NICE DCV client or standard web browsers, the service…

Read more →

Signifyd has launched Fearless Payments for payment providers, a suite of solutions that empowers payment service providers (PSPs) to increase authorization rates while lowering their operating costs and providing their customers with a full financial guarantee against all types of…

Read more →

SynSaber has added a new Dynamic Pipeline feature to the company’s platform, providing customers with improved scalability and flexibility. Building upon the product launched in February 2022, this update includes a set of features and capabilities to collect, analyze, and…

Read more →

AtScale has appointed John Langton as the company’s new vice president of worldwide engineering. In this role, John will run global engineering and R&D for AtScale, managing teams in the Bay Area, Boston, Sofia (Bulgaria) and in remote locations. This…

Read more →

IronNet was named the newest Gold member of the Space Information Sharing and Analysis Center (ISAC). Space ISAC members lead the global space community to identify and respond to threats and mitigating risks to the space mission. “Space is the…

Read more →

Cisco has published a heads-up for admins of Cisco Identity Services Engine solutions, about two vulnerabilities (CVE-2022-20822, CVE-2022-20959) that could be exploited to read and delete files on an affected device, and to execute arbitrary script or access sensitive information.…

Read more →

Medibank, Australia’s largest private health provider, has confirmed that last week’s “cyber incident” has resulted in a data breach. “Medibank has been contacted by a criminal claiming to have stolen 200GB of data,” the company said. “The criminal has provided…

Read more →

Visibility is always a priority, but it’s vital when responding to an incident. Time is always working against incident responders. Looking through rows of text data and making connections between them and the suspicious activity under investigation is time spent…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from AwareGO, Code42, Corelight, EnigmaSoft, Exabeam, Mandiant, and RSA. Code42 enhances Incydr Risk Indicators to help users protect and classify sensitive data Code42 has enhanced its…

Read more →

RSA introduced RSA Mobile Lock, a new defense in the war for mobile security and an immediate resolution for one of the weakest points in every organization’s security stance: their users. RSA Mobile Lock detects critical threats on mobile devices…

Read more →

Web companies are most likely to lose your data, a study shows. The study, conducted by VPN Overview, analysed major data breaches that have been registered since 2004 to discover which industry is most prone to losing data. Online companies…

Read more →

PhishLabs by HelpSystems has identified attackers leveraging a weakness in Google’s ad service to carry out phishing campaigns on financial institutions. In this Help Net Security video, Kevin Cryan, Director of Operational Intelligence at PhishLabs, talks about how this type…

Read more →

Software supply chain risk has grown to be a significant concern for organizations as cyber attackers look to take advantage of the accelerating digitalization that has seen many enterprises significantly increase their reliance on cloud-based solutions and services, as well…

Read more →

Traefik Labs has announced its new cloud service that enables networking best practices in minutes and helps eliminate the complexity of managing Kubernetes and Docker networking at scale. Cloud native emerged in 2015, the same year Traefik Proxy was open…

Read more →

Codenotary has revealed that the Trustcenter v3.0 adds a pervasive search capability to find software artifacts that may present problems, along with their change history including the runtime of a container. Until now, organizations with millions or billions of artifacts…

Read more →

SolarWinds has launched SolarWinds Observability, a fully-integrated, cloud-native SaaS offering that provides unified and comprehensive visibility for distributed, hybrid, and multi-cloud IT environments. SolarWinds Observability enables customers to accelerate digital transformation through powerful machine learning (ML) and artificial intelligence (AI)…

Read more →

MetricStream has unveiled its latest product release, focused on accelerating GRC program performance. The purpose-built low-code/no-code platform empowers customers to easily personalize and configure products to their needs. New APIs help connect MetricStream with external systems and enrich GRC insights…

Read more →

Code42 has enhanced its Incydr Risk Indicators (IRIs) within the Code42 Incydr product to detect and label file downloads from corporate systems. By understanding the source system from which a file came, security analysts can better prioritize what data exfiltration…

Read more →

Veritas Technologies has advanced its Autonomous Data Management strategy with the launch of Veritas Alta, a cloud data management platform that helps enterprises transition mission-critical workloads to the cloud. Veritas Alta harnesses the benefits of the cloud to reduce costs,…

Read more →

To further address the increasing cybersecurity threat landscape, Presidio has revealed a new cybersecurity Active Response Solution Set to help clients be prepared for a ransomware event with assessments, preparedness, active response, and recovery. Ransomware is one of the largest…

Read more →

IBM is extending its portfolio of data resilience solutions with the introduction of the IBM Diamondback Tape Library, a high-density archival storage solution that is physically air-gapped to help protect against ransomware and other cyber threats in hybrid cloud environments.…

Read more →

As a DirectDefense and Halcyon partnership result, DirectDefense will now offer the Halcyon Anti-Ransomware & Endpoint Resilience Platform as part of its Managed Detection and Response (“MDR”) offerings. “Ransomware is on the rise and threat actor groups are becoming increasingly…

Read more →

Votiro has unveiled its integration with Box’s Content Cloud to prevent ransomware and other evasive file-borne threats from entering users’ content collaboration applications and environments. Users can seamlessly connect Votiro Cloud to Box to provide an essential layer of security…

Read more →

Cynet has launched its newly optimized Global Partner Program, which offers channel sales organizations the ability to increase profitability on their Cynet business. The updated program includes new pricing, discounts and resources aimed at streamlining the partner journey to reduce…

Read more →

Everbridge has appointed Sheila Carpenter as Chief Information Officer (CIO), responsible for leading the company’s global information technology (IT) efforts, including corporate IT infrastructure, technology systems, and enterprise architecture. Sheila reports to Chief Executive Officer Dave Wagner, and will oversee…

Read more →

Hex-Rays has been acquired by a consortium of investors led by Smartfin, and including co-investors SFPIM and SRIW. Ilfak Guilfanov, the founder of Hex-Rays and architect of the technology platform, also reinvests a substantial amount in the new structure. Founded…

Read more →

(ISC)² has signed a Memorandum of Understanding (MOU) with the Korea Internet & Security Agency (KISA) to strenghten cybersecurity professional development in emerging economies. The collaboration will leverage the expertise of both organizations to nurture the global cybersecurity workforce in…

Read more →

Organizations around the globe struggle to identify their IT assets hosted in a multicloud environment, on premise or managed by numerous third parties. The lack of visibility prevents the cybersecurity teams from protecting their corporate IT infrastructure and data, inevitably…

Read more →

As data breaches’ financial and reputational costs continue to reach new heights, cybersecurity should be on top of mind for leadership across every industry. Recent Proofpoint research found that 65% of board members believe their organization is at risk of…

Read more →

Third-party risk assessments are often described as time-consuming, repetitive, overwhelming, and outdated. Think about it: organizations, on average, have over 5,000 third parties, meaning they may feel the need to conduct over 5,000 risk assessments. In the old school method,…

Read more →

Axio released its 2022 State of Ransomware Preparedness research report, revealing that although notable improvements have been made since Axio’s 2021 report, organizational ransomware preparedness continues to be insufficient to keep pace with new attack vectors. The report reveals that…

Read more →

More than 9 in 10 financial sectors accept that open banking is vital to their organization. The demand for fast, hassle-free, and personalized banking and financial services among customers is driving the rapid adoption of open banking. However, nearly 50%…

Read more →

The growing number and diversity of connected devices in every industry present new challenges for organizations to understand and manage the risks they are exposed to. In this Help Net Security video, Daniel Dos Santos, Head of Security Research at…

Read more →

Styra introduced a comprehensive set of policy bundle management capabilities to Styra Declarative Authorization Service (DAS). These new bundle management features are essential for meeting software supply chain security requirements and benefit customers seeking to optimize ever growing IT resource…

Read more →

Cybellum has launched a new Product Incident Response module to help Product Security Incident Response Teams (PSIRT) to monitor and investigate threats related to devices that are already in operational use in the field. Enhanced workflow automation gives PSIRT team…

Read more →

Cyral is putting an end to massive data leaks with the release of a new version of its platform. In addition to user interface (UI) updates, the platform enables customers to run risk-based data governance, an approach to database security…

Read more →

Corelight has expanded its Cloud Security Solutions suite with a software-as-a-service (SaaS) solution for Amazon Web Services (AWS). With Corelight Cloud Sensor SaaS for AWS, security teams can achieve uniform network visibility for incident response and threat hunting capabilities to…

Read more →

Sophos has launched new third-party security technology compatibilities with Sophos Managed Detection and Response (MDR) to better detect and remediate attacks across diverse customer and operating environments. The service now integrates telemetry from third-party endpoint, firewall, cloud, identity, email, and…

Read more →

EnigmaSoft Limited is offering SpyHunter Pro, a brand new enhanced, and feature-packed premium anti-malware product that builds on EnigmaSoft’s expertise in cyber security and developing anti-malware products. SpyHunter Pro is a Windows anti-malware application that combines SpyHunter’s effective system guards…

Read more →

Cado Security launches its new open source community tool, Cado varc, allowing security analysts to collect a snapshot of volatile data, adding critical context to incident investigations. By enabling security professionals to drastically simplify the collection and analysis of volatile…

Read more →