Trellix released global research revealing the cost of siloed security, weak spots in protection, and lack of confidence amongst security operations teams. This Help Net Security video uncovers how unsustainable the situation is for cybersecurity professionals today. The post Cybersecurity…
Category: Help Net Security
Educational institutions must reverse their backward approach to cyber defense
As schools have become more digital, they’ve taken a somewhat backward approach to cybersecurity, historically moving slowly, and have weak cybersecurity controls and protocols. In this Help Net Security video, Raj Dodhiawala, CEO at Remediant, talks about how this situation…
New infosec products of the week: October 14, 2022
Here’s a look at the most interesting products from the past week, featuring releases from ABBYY, Digi International, Portnox, Stytch, and Thales. Digi SAFE secures live voice communication and data for public safety agencies The Digi SAFE connectivity solution is…
CircleCI’s self-hosted container runner enhances automation practices for software developers
CircleCI has launched new features and integrations to enhance security and automation practices for today’s software developers. The new self-hosted container runner is designed to provide more flexibility and security to help developers ease the burden of infrastructure management with…
Conceal collaborates with Spire Solutions to deliver zero trust solutions for the Middle East and Africa
Conceal and Spire Solutions signed a strategic partnership agreement for Spire to serve as the distributor for Conceal’s platform and ConcealBrowse solution in the Middle East and Africa regions. According to Gartner, increasing cyberattacks, threats to cyber-physical infrastructures, and the…
DataGrail raises $45 million to help companies protect consumer privacy
DataGrail has closed $45 million in Series C funding in an oversubscribed round that brings DataGrail’s total funding to $84.2 million. Third Point Ventures led the round, with participation from Thomson Reuters Ventures and Sixty Degree Capital as well as…
TXOne Networks partners with AFRY to protect vulnerable OT environments
TXOne Networks and AFRY join forces in protecting the OT (Operational Technology) systems of their joint industrial clients in the Nordics against all kinds or cyber-attacks. The combination of TXOne Networks’ comprehensive solutions and service portfolio for security inspection, endpoint…
Red Vector and Microsoft join forces to help organizations mitigate security risks
Red Vector and Microsoft have unveiled the integration of Fulcrum and Azure Active Directory to help organizations mitigate security risks. Red Vector’s customers can now add risky users identified by Azure Active Directory (Azure AD), now part of the Microsoft…
Researchers release PoC for Fortinet firewall flaw, exploitation attempts mount
Horizon3.ai researchers have released a PoC exploit for CVE-2022-40684, the authentication bypass vulnerability affecting Fortinet‘s firewalls and secure web gateways, and soon after exploitation attempts started rising. “[On Thursday], the Wordfence Threat Intelligence team began tracking exploit attempts targeting CVE-2022-40684…
Weakness in Microsoft Office 365 Message Encryption could expose email contents
WithSecure researchers are warning organizations of a security weakness in Microsoft Office 365 Message Encryption (OME) that could be exploited by attackers to obtain sensitive information. OME, which is used by organizations to send encrypted emails internally and externally, utilizes…
Cybersecurity pros opine on the future of security
Trellix released global research revealing the cost of siloed security, weak spots in protection, and lack of confidence amongst security operations teams. This Help Net Security video uncovers how unsustainable the situation is for cybersecurity professionals today. The post Cybersecurity…
Educational institutions must reverse their backward approach to cyber defense
As schools have become more digital, they’ve taken a somewhat backward approach to cybersecurity, historically moving slowly, and have weak cybersecurity controls and protocols. In this Help Net Security video, Raj Dodhiawala, CEO at Remediant, talks about how this situation…
New infosec products of the week: October 14, 2022
Here’s a look at the most interesting products from the past week, featuring releases from ABBYY, Digi International, Portnox, Stytch, and Thales. Digi SAFE secures live voice communication and data for public safety agencies The Digi SAFE connectivity solution is…
Alternative payment methods are creating new fraud risks
eCommerce fraud to merchants to exceed $48 billion / eCommerce merchants must step up their fraud prevention strategies A Juniper Research study found that the total cost of eCommerce fraud to merchants will exceed $48 billion globally in 2023, from…
Smart buildings may be your cybersecurity downfall
According to a recent eEnergy report, 30 per cent of all purchased energy in the UK is currently wasted in commercial buildings, warehouses and education facilities. Whilst that’s quite a shocking number, it is, unfortunately, no surprise, as the majority…
Tanium Benchmark allows IT teams to track the current state of endpoints
Tanium launched Tanium Benchmark, a solution that delivers real-time, holistic assessments of the security and operational risks associated with connected endpoints, empowering teams to prioritize efforts, collaborate effectively, and take risk-mitigation action while reducing IT costs and complexity. Benchmark, powered…
Malwarebytes MDR enables organizations to prioritize critical alerts and detect advanced malware attacks
Malwarebytes launched Malwarebytes Managed Detection and Response (MDR), which combines EDR technology and human-delivered security expertise to provide 24/7 threat hunting, monitoring, and response. Amid a shortage of skilled cybersecurity professionals, many organizations lack the time and expertise to monitor…
The dangers of orphaned data and what companies can do about it
Orphaned data is data that still sits on an organization’s network but was created and owned by a now deactivated employee. In this Help Net Security video, Carl D’Halluin, CTO at Datadobi, talks about how companies can eliminate the cost…
BAE Systems Viper MLV II reduces F-16 aircraft vulnerability to cyberattacks
BAE Systems has released the Viper Memory Loader Verifier II (MLV II), a new version of a maintenance capability that will reduce vulnerability to cyberattacks for F-16 aircraft. “Our first generation Viper MLV has 20 years of proven reliability and…
Zayo unveils Edge Network Solutions to support enterprises in the cloud
Zayo launched its Edge Network Solutions portfolio to help enterprises enhance the user journey from end user to cloud, enabling better network performance, security and reliability. “Multi-cloud network demand is the basis of Zayo’s Edge Network Solutions,” said Frank Cittadino,…
Digi SAFE secures live voice communication and data for public safety agencies
Digi International launched its Digi SAFE all-in-one connectivity solution for public safety and transportation agencies. The Digi SAFE connectivity solution is purpose-built, secure, and suited for widespread deployment by emergency services organizations of all sizes and budgets. At its core,…
Proofpoint Threat Protection Platform enhancements protect users from BEC and supply chain attacks
Proofpoint announced an array of new innovations across its Threat Protection Platform, enabling organizations to combat today’s most advanced and prevalent threats such as Business Email Compromise (BEC) and supply chain attacks. The enhancements provide organizations exceptional visibility into and…
DataGrail Risk Monitor delivers privacy risk assessments in real-time
DataGrail launched its new Risk Monitor product to help organizations overcome the challenges that accompany privacy risk assessments associated with third-party and internal systems. In particular, this product gives privacy leaders an automated way to complete and manage Data Protection…
Inseego collaborates with CyberReef to deliver 5G solutions that meet federal security regulations
Inseego and CyberReef have released a new offering that enables deployment of secure mobile access applications that meet and exceed network security compliance requirements, including the Children’s Internet Protection Act (CIPA) for education, the Health Insurance Portability and Accountability Act…
Material partners with Snowflake to boost data-driven security for Office 365 and Google Workspace
Material Security and Snowflake joint customers can now seamlessly merge Office 365 and Google Workspace data with existing security and business datasets in the Snowflake Data Cloud for smarter posture management, incident response, and threat detection. They can also benefit…
Code42 collaborates with Tines to accelerate response to insider risk events
Through a new partnership between Code42 and Tines, mutual customers gain the speed and scale to accelerate response to data leaks from insiders. Using the automation capabilities of Tines, customers can triage, contain and escalate high-risk file activities detected by…
IronVest emerges from stealth with $23 million to combat rising digital threats
IronVest has emerged from stealth mode and announced it has closed a $23 million seed funding round led by Accomplice, with participation from Trust Ventures, Ulysses, Joule Ventures, OurCrowd and a number of strategic angel investors. Data compromises, which often…
IBM Ventures invests in Cyolo to modernize authentication for digital businesses
Together IBM Ventures and Cyolo plan to collaborate and help modernize authentication for digital businesses. In today’s digital environment, organizations need to evolve their access and connectivity security to protect today’s distributed work environments. With 84% of organizations having experienced…
Red Sift acquires Hardenize to enhance its email security solutions
Red Sift acquired Hardenize to improve its existing security solutions and protect customers’ internet assets and infrastructure, offering a complete digital resilience solution. The integration of Hardenize’s unique ASM capabilities enables the Red Sift platform to gain a comprehensive view…
Cisco partners with Microsoft to improve hybrid work experience
Cisco and Microsoft announced a new partnership that will provide customers with more choice. In the first half of 2023, Cisco and Microsoft will soon offer the ability to run Microsoft Teams natively on Cisco Room and Desk devices Certified…
Searchlight Security and Alias join forces to enhance security assessments using dark web intelligence
Searchlight Security partners with cybersecurity consultancy Alias to enhance its security assessment offering with bespoke threat intelligence from the deep and dark web. As a premier cybersecurity services provider, it is vital for Alias to understand what an attacker knows…
Fear of cybercriminals drives cybersecurity improvements
Fortifying cybersecurity defenses remains a work in progress for many organizations, who acknowledge their shortcomings but have yet to commit the necessary resources to the effort, according to new research from CompTIA. This Help Net Security video uncovers how cybersecurity…
Portnox introduces IoT fingerprinting and profiling solution to address rising IoT security threats
Portnox released a cloud-native IoT security solution to help mid-market and enterprise businesses address rising Internet of Things (IoT) security threats. Now available via the Portnox Cloud, Portnox’s new IoT fingerprinting and profiling capabilities empower organizations to identify, authenticate, authorize,…
Cost-effective steps healthcare CISOs can take to mitigate damaging attacks
Cybersecurity measures are increasingly failing to close gaps, and the healthcare industry, in particular, has become a high-dollar target due to limited budgets and quick ransom pay-offs. In this Help Net Security video, Maureen Kaplan, Chief Revenue Officer at SilverSky,…
What you should look for in an MDR relationship
The managed IT services market is growing both in size and importance, as more organizations decide it makes fiscal and operational sense to outsource key functions. This is true even for critical security-oriented tasks, due to both environmental and organizational…
Here’s 5 of the world’s riskiest connected devices
Forescout’s research team analyzed 19 million connected devices deployed across five different industries, to find the riskiest device groups: smart buildings, medical devices, networking equipment, and IP cameras, VoIP, and video conferencing systems. Using the dataset and scoring methodology, where…
Consumers want more transparency on how companies manage their data
Cisco published its 2022 Consumer Privacy Survey, an annual global review of consumers’ perceptions and behaviors on data privacy, highlighting the critical need for further transparency as consumers say their top priority is for organizations to be more transparent on…
New RSA Conference CEO talks about delivering value
Kylie Wright-Ford was recently named CEO of RSA Conference LLC. She joins RSAC with an extensive track record of building communities for business professionals, having served in leadership roles at leading organizations, such as World 50 and GLG. In this…
SilverSky Lightning MDR and nLighten platform strengthen overall cyber protection for enterprises
SilverSky released SilverSky Lightning MDR product portfolio including its new Extended Detection & Response (XDR) service based on the nLighten platform. The launch significantly enhances cyberthreat fighting and brings further efficiencies for the company’s fast-growing customer base. Developed during an…
Skybox Security introduces SaaS solution for Security Policy and Vulnerability Management
Skybox Security announced the next generation of its Security Posture Management Platform – including a Software-as-a-Service (SaaS) solution for Security Policy and Vulnerability Management. Propelling its global customer base into the next era of proactive cybersecurity, major innovations advance its…
ControlMap Trust Portal creates compliance alignment across departments and teams
ControlMap has launched the Trust Portal — an interface for users to share valuable security information, data, and status with customers. With this new feature, ControlMap supports its mission to help organizations boost their revenue and win new opportunities, especially…
Immuta platform enhancements boost data security across key cloud platforms
Immuta has released its latest product enhancements and integrations designed to deliver data security and monitoring across key cloud platforms at scale. These new features include native integration with Google BigQuery, expanded integrations with Snowflake, including external OAuth support, audit…
Gigamon GigaVUE 6.0 provides IT teams with actionable network-level intelligence
Gigamon has released expansive set of new capabilities to the Gigamon Hawk Deep Observability Pipeline. GigaVUE 6.0, the software powering Gigamon Hawk, democratizes security delivery across networking, security, and cloud operations teams while reducing cross-platform cost and complexity. Gigamon Hawk…
Venafi Control Plane for Machine Identities enables users to reduce security risk
Venafi unveiled the Venafi Control Plane for Machine Identities, unifying machine identity management across all identity types: in data centers, cloud, hybrid environments and at the edge. The Venafi Control Plane enables customers to accelerate digital transformation, increase development speed,…
Portnox unveils IoT fingerprinting and profiling solution to address rising IoT security threats
Portnox released a cloud-native IoT security solution to help mid-market and enterprise businesses address rising Internet of Things (IoT) security threats. Now available via the Portnox Cloud, Portnox’s new IoT fingerprinting and profiling capabilities empower organizations to identify, authenticate, authorize,…
Keysight Vision 400 Series Network Packet Brokers eliminate blind spots in high-speed networks
Keysight Technologies has released new Vision 400 Series Network Packet Brokers to deliver visibility in high-speed 400G hybrid networks. Networks are gaining speed and complexity to support hybrid IT networks and multi-cloud business deployments for applications such as 5G, remote…
ServiceNow integrates Infobip solutions to enhance customer experience
Infobip has integrated with ServiceNow to provide enhanced messaging capabilities for ServiceNow customers. The integration improves the customer experience by using two-way messaging for customer support, resulting in faster response times, consistent messaging, and increased customer satisfaction. Business messaging continues…
Safe Security and Intuitive.Cloud join forces to provide visibility into enterprise-wide cyber risk
Safe Security joins forces with Intuitive.Cloud (Intuitive). Intuitive’s new offering, a cyber risk quantification and management solution for its global enterprise customers, will deliver the SAFE CRQM platform to U.S.-based customers. Regulatory and government pressure is forcing Boards and C-Suites…
Accenture and Google Cloud expand collaboration to develop new solutions using data and AI
Accenture and Google Cloud have expanded their global partnership through a renewed commitment to growing their respective talent, increasing their joint capabilities, developing new solutions using data and AI, and providing enhanced support to help clients build a strong digital…
PlainID joins Identity Defined Security Alliance to help organizations reduce risk
PlainID is now a member of the Identity Defined Security Alliance (IDSA), a vendor-neutral resource for organizations focused on securing digital identities to reduce the risk of an identity-related breach. “Joining IDSA was a perfect fit for PlainID,” said Tom…
Appgate partners with Illumio to reduce risk across hybrid infrastructure
Appgate and Illumio have announced the integrated Zero Trust Network Access (ZTNA) and Zero Trust Segmentation (ZTS) solution that protects network connectivity and stops breaches from spreading across hybrid infrastructures and applications to make organizations more resilient to cyberattacks. The…
GitLab and Google Cloud launch Cloud Seed to accelerate cloud adoption
GitLab launched Cloud Seed in partnership with Google Cloud. Cloud Seed is a new capability within GitLab that simplifies the developer experience for procuring and consuming cloud services. Cloud Seed allows GitLab and Google Cloud customers to migrate to the…
Immersive Labs raises $66 million and expands its management team
Immersive Labs raised $66 million in capital to continue its growth and investment in its Cyber Workforce Resilience platform. Ten Eleven Ventures led the latest raise supporting the company’s efforts to help organizations around the world assess, build, and prove…
Stairwell raises $45 million to secure organizations against emerging malware threats
Stairwell announced a $45M Series B capitalization. The funding round was led by Section 32, with additional investments from Sequoia Capital, Accel, Lux Capital, Gradient Ventures, and angel investors Eric Schmidt and Michael Ovitz. This brings Stairwell’s total funding to…
F5 appoints Marianne Budnik to Board of Directors
Marianne Budnik has joined F5’s board of directors, effective immediately. She is an accomplished leader, with extensive marketing and cybersecurity expertise, as well as more than 25 years’ operating experience in the technology sector. “Marianne’s leadership in high-growth cybersecurity, networking…
Splunk adds Richard P. Wallace and David Tunnell to Board of Directors
Splunk has unveiled that Richard P. Wallace and David Tunnell have been appointed to the Splunk Board of Directors, effective immediately. “I’m pleased to welcome Rick and David as our newest additions to the Splunk Board,” said Graham Smith, Chair…
Vista Equity Partners acquires KnowBe4 for $4.6 billion in cash
KnowBe4 has entered into a definitive agreement to be acquired by Vista Equity Partners in an all-cash transaction valued at approximately $4.6 billion on an equity value basis. “As a trusted partner to enterprise software companies around the world, we…
Vista Equity Partners announces to acquire KnowBe4 in $4.6 billion deal
KnowBe4 announced that it has entered into a definitive agreement to be acquired by Vista Equity Partners in an all-cash transaction valued at approximately $4.6 billion on an equity value basis. “As a trusted partner to enterprise software companies around…
Why paying the ransom is a mistake
New research from Databarracks reveals 44% of organizations that suffered a ransomware attack, paid the ransom. 34% recovered from backups, while 22% used ransomware decryption tools. The findings come from the Databarracks 2022 Data Health Check. This Help Net Security…
Constellation: Open-source, runtime-encrypted Kubernetes
Confidential Computing is a hardware-based technology that shields computer workloads from their environments and keeps data encrypted during processing. In this Help Net Security video, Felix Schuster, CEO at Edgeless Systems, talks about the open-source release of Constellation. Constellation allows…
How to improve employees’ cybersecurity behavior
We already have cybersecurity behaviors we learned from elsewhere, especially those who have grown up with technology. Initially, cybersecurity starts from home and school, and it is very hard nowadays to exist without some sort of online presence. When it…
For most companies ransomware is the scariest of all cyberattacks
SonicWall released the 2022 SonicWall Threat Mindset Survey which found that 66% of customers are more concerned about cyberattacks in 2022, with the main threat being focused on financially motivated attacks like ransomware. “No one is safe from cyberattacks —…
Are your cybersecurity investments making you less resilient?
In the past decade, digital transformation has become a buzzword in nearly every industry. Organizations have scaled down workforces in favor of automation, moved their servers and networks off-premises, and transferred their data to the cloud, but mostly kept to…
Don’t lose control of your smart thermostat this winter
Winter is coming and the energy crisis is upon us. With rocketing prices and dwindling supply, much of the western world is bracing for three cold months beset by restrictions. Despite the coming hardship, connected devices offer a glimmer of…
ABBYY Proof of Identity simplifies document-centric digital onboarding
ABBYY is solving the billion-dollar identity fraud problem facing consumers and businesses with an all-in-one solution that offers instant identity proofing and affirmation anytime, anywhere. No more standing in line or manually completing cumbersome online forms, ABBYY Proof of Identity…
PKI Spotlight updates help PKI admins catch CRL publishing errors
PKI Solutions announced its latest update of PKI Spotlight. PKI Spotlight is a PKI management solution that provides organizations with real-time monitoring and alerts of availabilities, configurations, and security of all their PKI and Hardware Security Module (HSM) environments. This…
Stytch Strong CAPTCHA protects users from bots and CAPTCHA farms
Stytch announced Strong CAPTCHA, the first product in a suite of security products to reduce online fraud and risk. The product solves the massive problem of CAPTCHA fraud that hurts consumers and damages the brands of online retailers, financial services…
Resistant AI and ComplyAdvantage launch AI-driven solution to combat financial crime
Resistant AI and ComplyAdvantage launched their solution for fighting financial crime across the U.S. and Europe. Financial crime is a multi-trillion-dollar problem. According to the United Nations, the estimated amount of money laundered globally in one year is 2 –…
Stellar Cyber Open XDR now available on Oracle Cloud Marketplace
Stellar Cyber has achieved Powered by Oracle Cloud Expertise for its SaaS security operations platform, which is available on Oracle Cloud Marketplace. The Stellar Cyber Open XDR Platform includes XDR (eXtended Detection and Response) and other valuable capabilities needed for…
Exterro Smart Data Inventory detects all regulations triggered by a processing activity
Exterro introduced Exterro Smart Data Inventory, a new solution designed to help organizations build, monitor and maintain a defensible privacy program based on a single intelligent and dynamic data inventory across record types, assets, 3rd parties and processing activities. In…
Kami Vision unveils Smart Detect AI models to reduce unnecessary alerts
Kami Vision announces the release of Smart Detect now available on nearly all Kami Home security products. The new Smart Detect AI models provide homeowners with greater control over their home security systems to monitor their indoor and outdoor premises…
Endor Labs emerges from stealth with $25 million to protect software supply chains
Endor Labs officially came out of stealth, launching the company with a Dependency Lifecycle Management Platform that helps development and security teams maximize software reuse by safely evaluating, maintaining, and updating dependencies. The average enterprise has more than 40,000 open…
Secureworks launches Taegis XDR and MXDR in Japan to help organizations reduce cyber risk
Secureworks has announced that its extended detection and response (XDR) platform Taegis will be generally available in Japan from November 1, 2022. Secureworks Taegis XDR and Taegis ManagedXDR will enable organizations in Japan to augment their overall cybersecurity posture and…
Cyware hires three industry experts to increase its marketing programs
Cyware has appointed Willy Leichter as Vice President of Marketing, Jeff Bell as Director of Demand Generation, and Mark Bermingham as Director of Product Marketing. In their new roles, Willy, Jeff, and Mark will expand the company’s marketing capabilities. In…
Andrew Rubin joins Armorblox Board of Directors
Armorblox announced the appointment of Andrew Rubin to its board of directors. Rubin, who currently serves as the Chief Executive Officer of Illumio, joins Armorblox in its efforts to protect organizations against email-based, sophisticated and targeted cyberthreats. “Andrew is a…
IDIQ names Michael Scheumack as CMO
IDIQ has named Michael Scheumack to the role of chief marketing officer to be responsible for leading and managing initiatives in both performance and traditional marketing. With more than 20 years of experience in marketing and technology along with more…
Microsoft patches Windows flaw exploited in the wild (CVE-2022-41033)
October 2022 Patch Tuesday is here, with fixes for 85 CVE-numbered vulnerabilities, including CVE-2022-41033, a vulnerability in Windows COM+ Event System Service that has been found being exploited in the wild. But, first and foremost, it should be noted that…
Thoma Bravo acquires ForgeRock for $2.3 billion
ForgeRock announced that it has entered into a definitive agreement to be acquired by Thoma Bravo, a software investment firm, for $23.25 per share, in an all-cash transaction valued at approximately $2.3 billion. The offer represents a premium of approximately…
Auth bypass bug in FortiOS, FortiProxy is exploited in the wild (CVE-2022-40684)
After privately warning customers last week that they need to patch or mitigate CVE-2022-40684, a critical vulnerability affecting FortiOS, FortiProxy, and FortiSwitchManager, Fortinet has finally confirmed that it “is aware of an instance where this vulnerability was exploited.” But their…
2FA is over. Long live 3FA!
In the past few months, we’ve seen an unprecedented number of identity theft attacks targeting accounts protected by two-factor authentication (2FA), challenging the perception that existing 2FA solutions provide adequate protection against identity theft attacks. The recent Uber breach is…
How government organizations can stay steps ahead of attackers
Attacks against governments are nothing new. They have been an interesting target since they have existed, for the mere reason that not everyone agrees on how things are run. In this Help Net Security video, David Masson, Director of Enterprise…
NetSPI’s blockchain penetration testing service helps organizations protect blockchain solutions
NetSPI announced its new deployment-inclusive blockchain penetration testing service. The company will provide a comprehensive, full-spectrum evaluation of blockchain-based deployments to enterprises by utilizing its decades of penetration testing expertise, coupled with its understanding of the architecture’s unique security concerns.…
An introduction to Kali Linux
Kali Linux is a specialized Linux distribution developed by Offensive Security, designed for experienced Linux users who need a customized platform for penetration testing. Kali Linux also comes with several hundred specialized tools for carrying out penetration testing, security research,…
Cybercriminals are having it easy with phishing-as-a-service
In this interview for Help Net Security, Immanuel Chavoya, Threat Detection Expert at SonicWall, talks about phishing-as-a-service (PaaS), the risks it can pose to organization, and what to do to tackle this threat. Phishing-as-a-service has become a growing threat to…
Castle Shield Typhos 3.0 provides users with end-to-end encrypted audio/video capabilities
Castle Shield Holdings announces a major upgrade to its secure messaging app, Typhos. Version 3.0 of Typhos, now includes audio/video calls and audio conference capabilities with end-to-end encryption by default. In addition to secure audio/video communications, Typhos based on the…
EDR is not a silver bullet
Old lore held that shooting a werewolf, vampire, or even just your average nasty villain with a silver bullet was a sure-fire takedown: one hit, no more bad guy. As cybersecurity professionals, we understand – much like folks in the…
RemotePC mobile access allows users to access their remote computers from any iOS or Android device
RemotePC is offering mobile remote access for all users, letting them access their remote desktop from their iOS or Android devices and manage the computer from anywhere. Having the ability to access a computer from a mobile device can be…
Allurity acquires CSIS Security Group to expand its services into new markets
Allurity has acquired the leading Danish service provider CSIS Security Group A/S (“CSIS”), taking yet another leap towards its goal of becoming Europe’s preferred provider of tech-enabled cybersecurity services. Founded in 2003, CSIS has built a solid reputation for innovation,…
ALTR promotes James Beecham to CEO
ALTR announced that company Co-founder and Chief Technology Officer James Beecham has been promoted to Chief Executive Officer. In this role, Beecham will leverage his technical acumen and passion for the industry and the business to lead the company’s next…
Unpatched Zimbra RCE bug exploited by attackers (CVE-2022-41352)
A still unpatched vulnerability (CVE-2022-41352) in Zimbra Collaboration is being exploited by attackers to achieve remote code execution on vulnerable servers. About the vulnerability Zimbra Collaboration (formerly Zimbra Collaboration Suite) is cloud-hosted collaboration software suite that also includes an email…
Critical vm2 sandbox escape flaw uncovered, patch ASAP! (CVE-2022-36067)
Oxeye researchers discovered a severe vm2 vulnerability (CVE-2022-36067) that has received the maximum CVSS score of 10.0. Called SandBreak, this new vulnerability requires R&D leaders, AppSec engineers, and security professionals to ensure they immediately patch the vm2 sandbox if they…
Security and privacy features in macOS Ventura
Apple announced additional security and privacy features for its newest operating system – macOS Ventura. In this Help Net Security video, you’ll learn about new security and privacy features in macOS Ventura. Some of those features are: Passkeys Rapid Security…
Purpose-based access control: Putting data access requests into context
Access control is the heart of data protection. Striking the right balance between easy access and tight security isn’t easy, but getting it right is how you maintain business agility while still meeting regulatory and fiduciary data protection responsibilities. Role-based…
Microsoft Teams: A channel for sensitive business information sharing that needs better backup
Hornetsecurity has found an urgent need for greater backup for Microsoft Teams with 45% of users sending confidential and critical information frequently via the platform. Research commissioned by the company highlights the often-overlooked need for Teams backup and security, as…
Lack of transparency, systemic risks weaken national cybersecurity preparedness
What is critical infrastructure? If you ask 5 different people, you may receive 5 different answers. The term critical infrastructure has lost much of its meaning as a differentiator of private entities and currently defines sectors from energy to commercial…
Increasing network visibility is critical to improving security posture
IT leaders around the world share a ubiquitous appetite for greater network visibility. The findings of a Forrester Consulting study underscore a convergence in security with networking, which IT decision-makers now view as the missing strategy that will improve security…
Board members should make CISOs their strategic partners
Proofpoint released their Cybersecurity: The 2022 Board Perspective report, which explores board of directors’ perceptions about their key challenges and risks. Cybersecurity is dominant on their agendas. Seventy-seven percent of participants agree cybersecurity is a top priority for their board…
Blackpoint Cyber launches product updates to help partners stay ahead of cyberthreats
Blackpoint Cyber has released multiple product launches and updates this fall, as they look ahead to Q4 2022. As the industry trend towards product ecosystems grows, Blackpoint is driven to provide innovative and efficacious solutions. An adapted version of the…
Veracode launches Container Security offering to meet the needs of cloud-native DevOps teams
Veracode has enhanced its Continuous Software Security Platform to include container security. This early access program for Veracode Container Security is now underway for existing customers. The new Veracode Container Security offering, designed to meet the needs of cloud-native software…
Week in review: 7 cybersecurity audiobooks to read, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: MS Exchange zero-days: The calm before the storm? CVE-2022-41040 and CVE-2022-41082, the two exploited MS Exchange zero-days that still have no official fix, have been…