Zyxel Networks launched the Zyxel Astra, a new cloud-based endpoint security service that enables SMBs to secure remote users regardless of their location. Designed to address the unique network security challenges presented by hybrid work environments, Astra enables network administrators…
Category: Help Net Security
nsKnox raises $17 million to strengthen B2B payment security
nsKnox has unveiled a new funding round of $17 million, bringing its total funding to date to $35.6M. Two new investors, U.S.-based Internet & technology venture capital firm Link Ventures and Harel Insurance & Finance, took a significant part in…
Abacus Group acquires two cybersecurity consulting companies
Abacus Group acquired two boutique cybersecurity consulting companies, Gotham Security and its parent company, GoVanguard, both of which have unparalleled track records of excellence in the cyber arena. Gotham Security, as the new business will be known, will be a…
Forter acquires Immue to enhance bot detection capabilities
Forter acquires Immue to not only strengthen the company’s existing fraud management capabilities but add Immue’s domain-specific bot expertise. Bots are used by the most sophisticated fraud operations to monitor and automate purchases from merchant sites. In fact, it’s frequently…
Ivanti and Lookout extend partnership to secure the hybrid workforce
Ivanti and Lookout have extended their strategic partnership to now include Lookout Mobile Endpoint Security as part of the Ivanti Neurons automation platform. The combined solution, which also includes Ivanti Go and Ivanti Neurons for Modern Device Management, is a…
Vulnerable NetComm routers and a public PoC exploit (CVE-2022-4873, CVE-2022-4874)
Two vulnerabilities (CVE-2022-4873, CVE-2022-4874) found in three NetComm router models could be exploited to achieve remote code execution on vulnerable devices, and there’s a public PoC chaining them, CERT/CC has warned. The good news is that they’ve been fixed by…
Google ads increasingly pointing to malware
The FBI has recently warned the public about search engine ads pushing malware diguised as legitimate software – an old tactic that has lately resulted in too many malicious ads served to users searching for software, cracked software, drivers –…
Global instability increases cyber risk, says World Economic Forum
Geopolitical instability is exacerbating the risk of catastrophic cyberattacks, according to the Global Cybersecurity Outlook 2023 report from the World Economic Forum. The great threat Over 93% of cybersecurity experts and 86% of business leaders believe “a far-reaching, catastrophic cyber…
Varonis strengthens data security with least privilege automation
Varonis introduced least privilege automation for Microsoft 365, Google Drive, and Box — a new capability that continuously removes unnecessary data risk without human intervention. This innovation furthers Varonis’ mission to deliver effortless data security outcomes to customers. Unlike other…
Potential threats and sinister implications of ChatGPT
ChatGPT from OpenAI is a conversational chatbot recently released in preview mode for research purposes. It takes natural language as input and aims to solve problems, provide follow-up questions or even challenge assertions depending on your question. In this Help…
Cybersecurity in 2023: Russian escalation, Chinese espionage, Iranian “hacktivism”
In 2022, state-sponsored cyber activity has been drawn into sharp focus, ransomware continued to dominate as the primary threat facing organizations, and there have been several highly publicized incidents. Beyond the headlines, there have been some interesting shifts in both…
How data protection is evolving in a digital world
Companies are challenged with more complex hybrid IT environments. They are raising budgets to fend off cyberattacks and keep up as production environments continue to diversify across various clouds, according to Veeam Software. The result is that IT leaders feel…
DigiCert Trust Lifecycle Manager unifies CA-agnostic certificate management
DigiCert has released DigiCert Trust Lifecycle Manager, a digital trust solution unifying CA-agnostic certificate management and public key infrastructure (PKI) services. Trust Lifecycle Manager integrates with DigiCert’s public trust issuance for a full-stack solution governing seamless management of corporate digital…
Devo DeepTrace helps security teams investigate alerts and suspicious events
Devo Technology unveiled Devo DeepTrace, an autonomous alert investigation and threat hunting solution that uses attack-tracing artificial intelligence (AI) to advance how security teams identify attacks, investigate threats and secure their organizations. DeepTrace augments the work security analysts do by…
NS1 DNS Insights empowers network teams to troubleshoot misconfigurations
DNS Insights by NS1 unlocks improved reliability, real-time analysis, and cost control by collecting DNS and network metrics at the edge to empower networking professionals as they troubleshoot and optimize infrastructure at scale. DNS Insights arrives at a critical time…
Varonis unveils least privilege automation to improve data security
Varonis introduced least privilege automation for Microsoft 365, Google Drive, and Box — a new capability that continuously removes unnecessary data risk without human intervention. This innovation furthers Varonis’ mission to deliver effortless data security outcomes to customers. Unlike other…
CloudSEK BeVigil app protects Android users from security risks
CloudSEK launched the BeVigil app to provide users with detailed information about the security and privacy practices of their mobile apps. With the BeVigil App, users can search for apps by name and view detailed information about the app’s security…
PoC for critical ManageEngine bug to be released, so get patching! (CVE-2022-47966)
If your enterprise is running ManageEngine products that were affected by CVE-2022-47966, check now whether they’ve been updated to a non-vulnerable version because Horizon3’s will be releasing technical details and a PoC exploit this week. GreyNoise has yet to detect…
How to succeed in cyber crisis management and avoid a Tower of Babel
Although cyberattacks have become more common, handling them remains extremely challenging for organizations. Even if things go well on the technical level, incident response (IR) is still a stressful and hectic process across the company; this is the reality of…
Training, endpoint management reduce remote working cybersecurity risks
33% of companies are not providing any cybersecurity awareness training to users who work remotely, according to Hornetsecurity. The study also revealed that nearly 74% of remote staff have access to critical data, which is creating more risk for companies…
Threats that will dominate headlines in 2023
In this Help Net Security video, MacKenzie Jackson, Developer Advocate at GitGuardian, offers his cybersecurity predictions for 2032. These include: Developers will be a priority target for hacking campaigns Doubling down on MFA bypass Source code security More efforts to…
CircleCI breach post-mortem: Attackers got in by stealing engineer’s session cookie
The attackers who pulled off the recent breach of continuous integration and continuous delivery (CI/CD) platform maker CircleCI got in by compromising an engineer’s laptop with malware, stealing their 2FA-backed SSO session cookie, and using it to impersonate the employee…
Cacti servers under attack by attackers exploiting CVE-2022-46169
If you’re running the Cacti network monitoring solution and you haven’t updated it since early December, now is the time to do it to foil attackers exploiting a critical command injection flaw (CVE-2022-46169). About Cacti and CVE-2022-46169 Cacti is an…
Passkeys, going passwordless, and the future of authentication
There are a variety of roadblocks associated with moving to passwordless authentication. Foremost is that people hate change. End users push back when you ask them to abandon the familiar password-based login page, while app owners resist changing them to…
Why encrypting emails isn’t as simple as it sounds
The quality of protected communications matters – a lot. If the sent material is highly sensitive and the legislation and/or policy demands high security, opportunistic encryption might not be enough. For organizations, deciding what email encryption solution to use is…
Post-quantum cybersecurity threats loom large
A new Zapata Computing report reveals a deepening commitment from enterprises that points to a maturing industry with widespread, global interest and increased urgency regarding post-quantum cybersecurity threats. The growing interest in quantum is translating into spending, demonstrated by 71%…
10 data security enhancements to consider as your employees return to the office
77% of IT decision makers across the United States and Canada believe their companies are likely to face a data breach within the next three years according to survey results released by Adastra. Survey respondents ranked data security as the…
Week in review: ChatGPT as an infosec assistant, Google offers help to EU cybersecurity startups
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Google is calling EU cybersecurity founders Google announced that the Google for Startups Growth Academy: Cybersecurity program now accepts applications from EU companies. Rackspace ransomware…
SpiderOak raises $16.4 million to protect space mission systems
SpiderOak has raised $16.4M in Series C round led by Empyrean Technology Solutions, a space technology platform backed by funds affiliated with Madison Dearborn Partners. The Series C round included additional investment from Method Capital, and OCA Ventures. The oversubscribed…
Crisis24 acquires Topo.ai to enhance global risk intelligence capabilities
Crisis24 acquires Topo.ai to further strengthen its support operations, offer a one-stop shop solution with plug and play capabilities, and ensure the highest levels of client satisfaction. Crisis24 provides unrivaled curated intelligence and sophisticated technologies to enable the world’s most…
Conceal joins forces with Thousand Guards to improve web-browser security
Conceal has unveiled that it is expanding into the Spain, France, Italy, and Portugal MSSP markets through a strategic partnership with Thousand Guards. “Thousand Guards services are aimed at IT security managers and cybersecurity services companies that need to find…
SailPoint acquires SecZetta to help companies validate non-employee identities
With nearly half of today’s enterprises comprised of non-employees, organizations need to factor this growing group of identities into their approach to identity security. With SecZetta, SailPoint will be able to expand its capabilities to help companies gain better visibility…
Cloudflare and Microsoft expand partnership to strengthen zero trust security
Cloudflare has expanded its relationship with Microsoft to help customers easily deploy, automate, and enhance their organization’s zero trust security. Working from anywhere is more common than ever, and critical applications have moved to the cloud—no longer residing inside an…
Onapsis and Wipro help enterprises secure their SAP applications
Onapsis has formed a strategic collaboration with Wipro to drive digital transformation and business growth for customers. Enterprises embarking on their digital transformation journey are often faced with a complex SAP landscape and a limited understanding of how to secure…
Vulnerabilities in cryptographic libraries found through modern fuzzing
Recently patched vulnerabilities in MatrixSSL and wolfSSL, two open-source TLS/SSL implementations / libraries for embedded environments, have emphasized the great potential of using fuzzing to uncover security holes in implementations of cryptographic protocols. CVE-2022-43974 and CVE-2022-42905 CVE-2022-43974 is a buffer…
FortiOS flaw was exploited to compromise governmental targets (CVE-2022-42475)
A critical vulnerability in FortiOS SSL-VPN (CVE-2022-42475) that Fortinet has issued patches for in November 2022 has been exploited by attackers to compromise governmental or government-related targets, the company has shared. Fortinet says the attackers have advanced capabilities: they were…
7 security predictions for 2023
What will the security landscape in 2023 look like? Here’s my take. 1. Attackers’ tactics will evolve, and defense strategies will evolve with them With online platforms and social media fully integrated into our daily routine, phishing and social engineering…
70% of apps contain at least one security flaw after 5 years in production
Veracode revealed data that could save organizations time and money by helping developers minimize the introduction and accumulation of security flaws in their software. Their report found that flaw build-up over time is such that 32% of applications are found…
How to protect yourself from bot-driven account fraud
Bots continue to evolve and thrive at the expense of companies. Kasada’s research shows revenue loss from bot-driven account fraud and web scraping continues to skyrocket, despite companies spending more on bot mitigation solutions every year. In this Help Net…
Maximizing data value while keeping it secure
How can organizations create an environment that allows the broadest access across distributed warehouses, databases, object stores and data exchanges, while at the same time maintaining consistent data oversight? There’s no single template for enacting robust and effective data controls.…
PagerDuty Status Pages provide proactive customer communication during incidents
Status Pages allow PagerDuty customers to proactively communicate status updates with their customers while keeping both internal technical teams and customer service teams informed, as well. Intuitive, easy to use, and able to be set up in minutes, the new…
Ordr partners with GE HealthCare to secure clinical assets
Ordr has formed a collaboration with GE HealthCare to offer customers a solution leveraging Ordr’s platform for health systems. The solution addresses critical patient care challenges across three key stakeholder groups: biomedical and healthcare technology management (HTM) teams, giving them…
Cyberpion expands management team and appoints Marc Gaffan as CEO
Cyberpion has unveiled that Marc Gaffan has been named CEO, Doron Gill will serve as VP of Engineering, and Ido Samson joins as CRO. Co-founder Nethanel Gelernter is moving from CEO to CTO where he will focus on accelerating innovation…
Scott Harrell joins Infoblox as CEO
Infoblox has unveiled that Jesper Andersen has decided to retire as CEO and the Board of Directors has appointed Scott Harrell as the new President and CEO. Andersen will continue to serve on the Board and support Harrell through the…
Critical vulnerabilities in Siemens PLC devices could allow bypass of protected boot features (CVE-2022-38773)
Red Balloon Security disclosed multiple, critical architectural vulnerabilities in the Siemens SIMATIC and SIPLUS S7-1500 Series PLC that allow for bypass of all protected boot features. These vulnerabilities affect over 120 different models of the Siemens S7-1500 CPU product family.…
Cisco won’t fix router flaws even though PoC exploit is available (CVE-2023-20025, CVE-2023-20026)
Cisco has acknowledged one critical (CVE-2023-20025) and two medium-severity (CVE-2023-20026, CVE-2023-20045) vulnerabilities affecting some of its Small Business series of routers, but won’t be fixing them as the devices “have entered the end-of-life process.” Proof-of-concept exploit code for CVE-2023-20025 and…
Global Risks Report: Understand the risk landscape in 2023 and beyond
For the past 17 years the World Economic Forum’s Global Risks Report has warned about deeply interconnected global risks. Conflict and geo-economic tensions have triggered a series of deeply interconnected global threats, according to the latest report. Serious long-term threats…
6 oversights that enable data breaches
Personal employee or customer data accounted for nearly 45% of all data stolen between July 2021 and June 2022, while companies’ source code and proprietary information accounted for a further 6.7% and 5.6% respectively, according to Imperva. More positively, the…
Why the atomized network is growing, and how to protect it
Security teams struggle to defend their dispersed networks because the technologies responsible for network security are being pushed towards obsolescence by evolutionary pressures. Strategies like EDR and MFA become less effective than intended, leaving organizations with unknown gaps that lead…
ChatGPT: The infosec assistant that is jack of all trades, master of none
ChatGPT from OpenAI is a conversational chatbot that was recently released in preview mode for research purposes. It takes natural language as an input and aims to solve problems, provide follow up questions or even challenge assertions depending on what…
FileCloud Zero Trust File Sharing helps organizations that work with sensitive data
FileCloud has added Zero Trust File Sharing, which will provide yet another layer of security to the content collaboration platform. Zero Trust File Sharing in FileCloud will enable users to collaborate securely, not just with other employees, but also with…
Cloudflare unveils several email security and data protection tools
Cloudflare announced several new zero trust email security solutions, compatible with any email provider, to protect employees from multichannel phishing attacks, prevent sensitive data being exfiltrated via email, and help businesses speed up and simplify deployments. Now, Cloudflare is providing…
ThriveDX and Exclusive Networks address the cybersecurity talent shortage in Europe
ThriveDX is launching a road tour across Europe from Jan. 11 to Feb. 23, 2023 to introduce the company’s human factor security solutions to Exclusive Networks’ ecosystem of more than 25,000 partners and to address the cybersecurity talent shortage, skills…
Bionic integrates with Wiz to provide customers with full cyber-risk coverage
Bionic has announced a product integration with Wiz to provide customers with an agentless way to unify and scale their cloud and application security posture in production. With this integration, DevSecOps teams now have complete visibility and context into which…
Hitachi Vantara hires Monica Kumar as CMO
Hitachi Vantara has unveiled that Monica Kumar has assumed the role of Chief Marketing Officer (CMO) at the organization, effective immediately. She reports directly to CEO Gajen Kandiah. “Great companies are those who can find a way to articulate their…
Chris Cabrera joins Arkose Labs Board of Directors
Arkose Labs has announced that Chris Cabrera, founder and CEO of Xactly Corporation, has joined its Board of Directors effective Jan. 1, 2023. Cabrera is the company’s seventh board member, and represents the interest of common shareholders. Arkose Labs’ board…
Tufin appoints Raymond Brancato as CEO
Tufin has appointed Raymond Brancato as CEO, effective immediately. Raymond has more than 27 years of experience developing and executing go-to-market strategies in the technology industry and will be taking the lead role at the company to guide it through…
Censinet raises $9 million to improve security for healthcare organizations
Censinet has raised $9 million in funding led by MemorialCare Innovation Fund including Rex Health Ventures and Ballad Ventures, bringing the Company’s total funding to more than $22 million. Existing investors LRVHealth, HLM Venture Partners, Schooner Capital, Excelerate Health Ventures,…
Cerberus Sentinel acquires RAN Security
Cerberus Sentinel has signed a definitive agreement for the acquisition of RAN Security. Under the terms of the agreement, RAN Security will become a wholly owned subsidiary of Cerberus Sentinel. The transaction is expected to close later in the year,…
Health3PT Council unites healthcare CISOs to solve third-party cyber risk
Amid heightened threats to the nation’s healthcare systems, more than 20 leading healthcare organizations have come together to identify effective, efficient, and new innovative approaches to reduce cyber risk across the healthcare industry’s third-party ecosystem. The Health 3rd Party Trust…
Hack The Box raises $55 million to expand its business
Hack The Box announces a Series B investment round of $55 million led by Carlyle, alongside Paladin Capital Group, Osage University Partners, Marathon Venture Capital, Brighteye Ventures, and Endeavor Catalyst Fund. The new investment will accelerate Hack The Box’s growth…
Crypto audit of Threema revealed many vulnerabilities
Researchers have discovered cryptographic vulnerabilities in Swiss-based secure messaging application Threema that may have allowed attackers to do things like break authentication or recover users’ long-term private keys. The vulnerabilities have been fixed and Threema has since switched to a…
Google is calling EU cybersecurity founders
Google announced that the Google for Startups Growth Academy: Cybersecurity program now accepts applications from EU companies. The three-month program, announced last fall, will start in April and connect the finest of Google with the top European cybersecurity firms. From…
The most significant DDoS attacks in the past year
DDoS attacks are getting larger and more complex moving towards mobile networks and IoT, which are now used in cyberwarfare. In this Help Net Security video, Steve Winterfeld, Advisory CISO at Akamai, discusses the most powerful DDoS attacks in the…
4 key shifts in the breach and attack simulation (BAS) market
The increase in the number of attack surfaces along with the rise in cybercriminal sophistication is generating technical debt for security operations centers (SOCs), many of which are understaffed and unable to dedicate time to effectively manage the growing number…
Organizations are adopting SSE technology to secure hybrid work
With 88% of organizations supporting a hybrid or remote work model, it’s clear that the way people work has changed. Organizations are realizing that the means in which secure access is achieved must also adapt, according to Axis Security. SSE…
Attackers abuse business-critical cloud apps to deliver malware
Over 400 distinct cloud applications delivered malware in 2022, nearly triple the amount seen in the prior year, and 30% of all cloud malware downloads in 2022 originated from Microsoft OneDrive, according to Netskope. Cloud applications are widely used by…
Cloudflare Magic WAN Connector helps organizations increase their operational agility
Cloudflare announced Magic WAN Connector, the open source software-defined software package that makes it easier for businesses to connect and secure their network with Cloudflare. With Magic WAN Connector, Cloudflare One is now a true integrated SASE security and networking…
Waterfall Security Solutions partners with Yokogawa to improve industrial security
Waterfall Security Solutions announced a collaboration agreement with Yokogawa, a provider of industrial automation and test and measurement solutions. This new collaboration will make Waterfall’s Unidirectional Gateway cybersecurity products and technologies available to Yokogawa’s customers globally. In a world where…
Schneider Electric collaborates with BitSight to enhance OT exposure detection
Schneider Electric partners with BitSight to develop a global Operational Technology (OT) Risk Identification and Threat Intelligence capability. In recent years, both opportunistic and advanced cyber threat actors have shown increased willingness to target industrial and operational sites. Schneider Electric…
42Crunch integrates with Microsoft to provide enterprises with end-to-end API protection
42Crunch has joined the Microsoft Intelligent Security Association (MISA), a group of security technology providers who have integrated their solutions with Microsoft’s security technology products to better defend against a world of increasing threats. 42Crunch has integrated with Microsoft Sentinel…
NetSPI acquires nVisium to scale its offensive security solutions
NetSPI has acquired nVisium to further scale its offensive security solutions and address heightened demand for human-delivered penetration testing. nVisium will support NetSPI’s continued efforts to deliver strategic security testing solutions to enterprises. With the acquisition, NetSPI now has over…
Simeio acquires PMG to protect digital identities
Simeio’s acquisition of PathMaker Group (PMG) is a key strategic move that complements Simeio’s organic strategy of expanding into new industries and talent pools and adding new capabilities around identity orchestration and automation. The acquisition also strengthens Simeio’s presence in…
Microsoft plugs actively exploited zero-day hole (CVE-2023-21674)
To mark the January 2023 Patch Tuesday, Microsoft has released patches for 98 CVE-numbered vulnerabilities, including one exploited in the wild (CVE-2023-21674) and one (CVE-2023-21549) that’s been publicly disclosed. Both allow attackers to elevate privileges on the vulnerable machine. Vulnerabilities…
You must build a security team. Where do you start?
Security veteran Chris Deibler, the new VP of Security at DataGrail, has been brought in to build the company’s security team to support its growth. A former Director of Security Engineering at Shopify and Director of Security at Twitch, he…
How to gain security consciousness through cost
In this Help Net Security video, Karthik Kannan, CEO at Anvilogic, talks about predictions for the cybersecurity world in 2023 and how to gain security consciousness through cost. The post How to gain security consciousness through cost appeared first on…
4 identity security trends to watch in 2023
While many of the tried and true best security hygiene practices remain, we’ll face new and complex business challenges related to how we work, the systems we use, threats and compliance issues we face. Although often overlooked, a strong identity…
Guide: How virtual CISOs can efficiently extend their services into compliance readiness
Compliance services are emerging as one of the hottest areas of cybersecurity. While compliance used to be mainly the province of large enterprises, times have changed, and it is now a day-to-day concern for a growing number of small and…
Cloudflare Digital Experience Monitoring measures and analyzes mission critical apps and services
Cloudflare has released Cloudflare Digital Experience Monitoring, an all in one dashboard that helps CIOs understand how critical applications and Internet services are performing across their entire corporate network. Cloudflare Digital Experience Monitoring, part of Cloudflare’s Zero Trust platform, will…
Zyxel releases XMG1930 series of switches for SMBs
Zyxel Networks has launched the XMG1930 series switches that provide SMBs, system integrators, managed service providers, and small internet service providers with a solution to support the increasing bandwidth requirements driven by advanced business applications. Upgrade network speeds without re-cabling…
DataGrail names Chris Deibler as VP of Security
DataGrail announced that Chris Deibler, formerly of Shopify, Twitch, and Box, has been named DataGrail’s VP of Security. Deibler will oversee the building out of the security team for DataGrail as it transitions into its next phase of growth. The…
Appgate appoints Leo Taddeo as CEO and President
Appgate has unveiled that its board of directors has appointed Leo Taddeo as the company’s new Chief Executive Officer and President, effective January 4, 2023. With 25 years of executive federal and commercial experience, Taddeo had been serving as Appgate’s…
Rackspace ransomware attack was executed by using previously unknown security exploit
The MS Exchange exploit chain recently revealed by Crowdstrike researchers is how the Play ransomware gang breached the Rackspace Hosted Exchange email environment, the company confirmed last week. The exploit chains CVE-2022-41082, a RCE flaw, and CVE-2022-41080, a privilege escalation…
Codenotary extends immudb to store SOC and SIEM data with cryptographic verification
immudb has a connector to store events and data gathered by Security Operations Center (SOC) and Security Information and Event Management (SIEM) tools from Splunk, Elastic, plus IBM QRadar XDR and Microsoft Sentinel. “It’s important to store logs and events…
It’s official: Digital trust really matters to everyone online
The new trust Business has always relied upon a foundation of trust. Before we did business we looked our potential business partner in the eye, shook their hand and got a sense of their trustworthiness. But trust today is based…
How to improve your incident response plan for 2023
You may already have an IR plan but regardless of how thorough you might feel it is at this moment, the evolving cyber threat landscape and shifting circumstances within your organization demand regular changes and improvements. What are the attack…
Why FIDO and passwordless authentication is the future
In this Help Net Security video, Jason Kent, Director at Open Seas, explains why FIDO and passwordless authentication is the future. He dives deep into the technical reasons and explains why physical FIDO authentication is safer than other software/app/SMS solutions.…
Trend Micro establishes new subsidiary for 5G cybersecurity
Trend Micro has established CTOne, a new Trend Micro subsidiary focused on advancing 5G network security and beyond. The group’s intellectual capital and leadership come from Trend Micro’s culture of innovation and is the latest incubation project to launch as…
January 2023 Patch Tuesday forecast: Procrastinate at your own risk
The start of a new year means it’s time to start working towards achieving your annual resolutions. Based on the headlines from the December news media, perhaps the most important point is don’t procrastinate! We should all have some sort…
Cloud-native application adoption puts pressure on appsec teams
Oxeye revealed five predictions expected to shape enterprise security spending in 2023. The predictions follow industry-wide research, which shows the industry is shifting away from legacy software infrastructure and standardizing on cloud-native applications – resulting in the need for new…
Digital forensics incident readiness
Digital forensics is used to find, examine and analyze digital evidence that can serve in criminal investigations, but also in incident response, investigations of data breaches, to unearth insider threats, etc. Colm Gallagher, Forensics Director, CommSec Communications & Security, talks…
What to consider when budgeting for 2023’s OT cybersecurity needs and wants
Regardless of what 2023 holds in store for the economy, your organization’s financial commitment to supporting OT cybersecurity efforts is being decided now. In the public sector, much of the funding needed to secure critical infrastructure has already been allocated.…
Box for Salesforce updates help businesses secure work from anywhere
Box has released new enhancements to the Box for Salesforce integration on Salesforce AppExchange, that helps businesses connect teams to their content so they can work securely from anywhere. “With hundreds of apps used in the average enterprise, we know…
LogRhythm platform enhancements enable analysts to detect threats
LogRhythm has unveiled a series of expanded capabilities and integrations for its security operations solutions. The updates propel LogRhythm’s ability to be a force multiplier for overwhelmed security teams who are expected to confidently, effectively, and efficiently defend against cyberattacks.…
Valeo and C2A Security partner to improve security for customers and modern vehicles
Valeo and C2A Security have unveiled a strategic collaboration to enhance Valeo’s cybersecurity offerings on their products in development and continuous operations. The new partnership addresses the industry’s need for streamlined and efficient cybersecurity. As cars become more software-centric and…
GuardKnox and Wind River join forces to bring new vehicle features to market
GuardKnox is collaborating with Wind River to enable developers to build secure containerized applications for software-defined vehicles of the future. The combination of GuardKnox’s SOA (Service Oriented Architecture) core framework and corresponding tools suite with Wind River’s VxWorks real-time operating…
Keysight collaborates with Qualcomm to accelerate 5G non-terrestrial network communication
Keysight Technologies has collaborated with Qualcomm Technologies to establish an end-to-end 5G non-terrestrial network (NTN) connection. Based on this successful demonstration of call signaling and data transfer using orbit trajectory emulation, Keysight and Qualcomm Technologies aim to accelerate 5G NTN…
Things to know and do before you switch from VPN to ZTNA
Will your organization fall apart if you don’t switch from a VPN to a zero trust network access (ZTNA) solution in the near future? I’m here to tell you it won’t. The reality of VPN vs. ZTNA For a while…
Data backup is no longer just about operational fallback
Data backup has traditionally been in the operational domain of IT, while security teams have been responsible for threats to data from attacks. As these attacks have become more sophisticated, backups have come under threat and vendors have had to…
The DevSecOps approach to cloud native threat detection and response
Every SOC on the planet is grappling with the challenges of integrating detection techniques and response processes for public cloud computing. This presentation by Rich Mogull, SVP Cloud Security at FireMon, delves into the details with a framework for modernizing…