Category: Help Net Security

In this Help Net Security video, André Ferraz, CEO at Incognia, talks about the impact of location-based fraud, which is more prevalent than one would imagine, and it impacts different industries in many different ways. Fraudsters simply don’t want to…

Read more →

Apple has always touted the security and privacy capabilities of their devices. Being responsible for both the hardware and the associated OS has allowed Apple to create a closed-end approach to shield users against some common attacks. But it’s possible…

Read more →

Orca Security released the 2022 State of the Public Cloud Security Report, which provides important insights into the current state of public cloud security and where the most critical security gaps are found. One of the report’s key findings is…

Read more →

Gurucul announced the results of a Black Hat USA 2022 security professionals survey with respondents indicating that insider threats were the most difficult type of attack for SOC analysts to detect, and that behavioral analytics was the most common piece…

Read more →

Group-IB has noted a fivefold increase in the number of domains used for crypto giveaway scams that involve fake YouTube streams in the first half of 2022. In addition to Vitalik Buterin, Elon Musk, and other crypto celebs, scammers started…

Read more →

Phosphorus has joined forces with EverSec Group. The cybersecurity solutions provider and security advisor to many of the world’s largest brand names will act as a value-added reseller (VAR) for Phosphorus in the U.S. market. The new partnership will see…

Read more →

Ravin’s automated vehicle inspection tool enables non-professionals, like insurance customers, to capture the condition of a vehicle accurately. It leverages advanced computer vision and deep learning to analyze car damage and generate a 360-degree condition report or repair estimate. When…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Thousands of QNAP NAS devices hit by DeadBolt ransomware (CVE-2022-27593) QNAP Systems has provided more information about the latest DeadBolt ransomware campaign targeting users of…

Read more →

Keysight Technologies has launched PathWave Advanced Design System (ADS) 2023 for high-speed digital (HSD) design with new Memory Designer capabilities for modeling and simulation of next-generation interface standards such as Double Data Rate 5 (DDR5). As data center throughput climbs,…

Read more →

Cofense has shared the recent advancements of two key team members: Tonia Dudley was promoted to Vice President, Chief Information Security Officer, and Josh Bartolomie was promoted to Vice President, Global Threat Services. Both Dudley and Bartolomie have held positions…

Read more →

RapidAPI has launched Poly API Marketplace. Poly is a global outfitter of professional-grade audio and video technology. The newly formed hub is a single platform powered by RapidAPI for third-party software developers to find, connect to, and manage APIs across…

Read more →

Postman has released Postman v10, offering new features around API governance and security, as well as expanded capabilities in collaboration and integration—and higher productivity. Postman continues to deliver on its core themes of productivity, quality, and governance while bringing to…

Read more →

Code42 Software has unveiled that its Incydr product fully supports all major Desktop-as-a-Service (DaaS) and Virtual Desktop Infrastructure (VDI) environments. The Code42 Incydr product detects when valuable and sensitive files are moved to untrusted locations, including personal email and cloud…

Read more →

Tanium has unveiled the first of several powerful integrations between Microsoft and the Tanium XEM platform. The integration marks the latest expansion in a relationship that includes Tanium’s membership in the Microsoft Intelligent Security Association (MISA) and its availability in…

Read more →

Uber has been hacked, again – this time by an 18-year-old (allegedly). According to The New York Times, the breach happened on Thursday. The hacker claims to have gotten in by social-engineering an Uber employee: Apparently there was an internal…

Read more →

With international tensions heightened as we enter month eight of the war between Russia and Ukraine, it’s clear that a new era of intensifying state-sponsored attacks is upon us, especially those targeting public sector agencies and services. The Cybersecurity and…

Read more →

Security and compliance challenges are a significant barrier to most organizations’ innovation strategies, according to CloudBees. The survey also reveals agreement among C-suite executives that a shift left security strategy is a burden on dev teams. 76% of C-suite executives…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Kingston Digital, Avetta, D3 Security, novoShield, and Socure. Kingston Digital releases IronKey Keypad 200 to deliver FIPS 140-3 Level 3 security for data Kingston Digital…

Read more →

OneSpan has launched its secure Virtual Room cloud service which enables organizations to deliver live, high-touch assistance to their customers in a high-assurance virtual environment. This customer engagement solution gives organizations the ability to balance identity security, authentication, and e-signature…

Read more →

A recent survey by Gartner found that 75% of organizations are pursuing security vendor consolidation in 2022, up from 29% in 2020. “Security and risk management leaders are increasingly dissatisfied with the operational inefficiencies and the lack of integration of…

Read more →

Scality announced the results of an independent survey of IT decision makers across France, Germany, the UK, and the US about their data sovereignty strategies. 98% of organizations already have policies in place or have plans to implement them. To…

Read more →

Arrcus has released Arrcus FlexMCN that CSPs, co-location providers and telcos can leverage to deliver multi-cloud connectivity as a managed service to enterprises. FlexMCN, built on Arrcus’ ACE platform, is available in an array of form factors – in containers,…

Read more →

Akuity.io has released the Akuity Platform, a fully-managed SaaS service for simpler, safer and faster Kubernetes application delivery, using Argo. Kubernetes, Argo and GitOps are essential to application delivery, though operational complexities remain a challenge. The new Akuity Platform is…

Read more →

Juniper Networks has released Apstra Freeform, the newest expansion to its multivendor data center automation and assurance platform. This capability allows Juniper’s enterprise, service provider and cloud provider customers to manage and automate their data center operations regardless of topology…

Read more →

Arista Networks has unveiled innovations for its cloud-grade routing platform that simplify and secure routing for the enterprise, mobile provider and cloud operators. These software and hardware innovations continue to drive down customer operational cost and complexity with a consistent…

Read more →

ForgeRock has enhanced its identity orchestration capabilities to enable enterprises to more easily deliver customer and employee experiences secured by AI-driven threat protection. Limitations of typical Identity systems make creating highly personalized and secure digital experiences costly, time consuming, and…

Read more →

Concentric AI has partnered with Snowflake to integrate its Semantic Intelligence solution. This integration benefits joint customers by making Concentric AI’s data security posture management capabilities readily available on the Snowflake Data Cloud. Concentric AI safeguards business-critical data and manages…

Read more →

Kinara and Arcturus Networks partnership combines the Kinara Ara-1 Edge AI processor with Arcturus Brinq edge AI and vision analytics software to drive detection, tracking and characterization solutions. The partnership delivers the critical software and hardware platforms required by OEMs…

Read more →

Fortanix has raised $90 million in Series C financing bringing the total amount the company has raised to over $122 million. The round was led by the Growth Equity business within Goldman Sachs Asset Management (Goldman Sachs) with participation from…

Read more →

Leveraging a 20-year track record in software marketing with expertise in cybersecurity and IT management, Jennifer Johnson is a seasoned CMO who has earned a reputation as a bold storyteller well known for helping companies define and dominate market categories.…

Read more →

Lattice Semiconductor has announced the appointment of Raejeanne Skillern to the Company’s Board of Directors and Compensation Committee. Ms. Skillern brings 28 years of experience in the enterprise and cloud computing market to the position, with an established track record…

Read more →

Aliro Quantum names its first Chief Marketing Officer (CMO), Michael Wood. Over the past 12 months, the company has continued to expand engagements with systems integrators, telecom providers, major government agencies, and academic and industry partners to design, architect, simulate,…

Read more →

CoreStack and Marlabs collaboration will integrate the expertise of both companies, bringing digital transformation for their shared customer base to help them stay competitive through increased digital agility. Marlabs will implement CoreStack’s AI-based real-time cloud governance engine in its Cloud…

Read more →

The Office of Management and Budget (OMB) has issued a memo requiring US federal government agencies to use software that has been built according to secure software development practices and whose developers follow practices for software supply chain security, as…

Read more →

ESET researchers have discovered a Linux variant of the SideWalk backdoor, one of the multiple custom implants used by the SparklingGoblin APT group. Commands with different or missing implementation in the Linux version of SideWalk Targeting a Hong Kong university…

Read more →

Laminar released findings from its 2022 Security Professional Insight Survey conducted at AWS re:Inforce in July 2022 and Black Hat in August 2022. The research revealed gaps in organizations’ defenses that security teams will want to proactively address to reduce…

Read more →

Coalition announced the mid-year update to its 2022 Cyber Claims Report detailing the evolution of cyber trends, revealinig that small businesses have become bigger targets, overall incidents are down, and ransomware attacks are declining as demands go unpaid. During the…

Read more →

Every organization that interacts with customers or consumers via web and mobile applications, and also as they transition to a hybrid workspace, means that they are interacting with more tools, cloud services, on-prem services, SaaS tools and interfaces. This creates…

Read more →

While Quantum Day, or “Q-Day,” may be five to ten years away, it is arriving faster than we would like. Q-Day represents the day that quantum computers will reliably use the superpositioning power of multi-state qubits to break encryption algorithms…

Read more →

The working landscape has changed forever. Now, with workforces dispersed across hybrid work environments, having the technology to allow employees to operate effectively while staying secure is key for every organization. For the last 33 years, NetSupport Manager has been…

Read more →

Duality Technologies has unveiled that Google integrated its open-source Fully Homomorphic Encryption (FHE) Transpiler, which was built using XLS SDK and resides on GitHub, with the Duality-led OpenFHE, the open-source fully homomorphic encryption library, to make cryptographic expertise more accessible…

Read more →

Avetta is helping companies uncover and mitigate hidden financial and business risks in their global supply chains. New Avetta Business Risk in the Avetta One platform goes beyond checking a credit score or financial report; it closely monitors suppliers’ credit…

Read more →

Netskope has enhanced its Netskope Cloud Firewall, the firewall-as-a-service (FWaaS) component of its converged SASE platform. New security capabilities for Netskope Cloud Firewall help customers simplify operations, prevent threats, and provide consistent firewall coverage worldwide—anywhere their users are located. Businesses…

Read more →

Rezilion and Ponemon Institute announced the release of “The State of Vulnerability Management in DevSecOps,” which reveals that organizations are losing thousands of hours in time and productivity dealing with a massive backlog of vulnerabilities that they have neither the…

Read more →

Rocket Software has launched Rocket Support for Zowe, a supporting offering for the Open Mainframe Project’s Zowe open-source framework for z/OS and its multiple modern interfaces. Rocket Support for Zowe provides customers with 24/7 support for Zowe core components, improved…

Read more →

Weaveworks has released Weave GitOps 2022.09 to automate trusted application delivery and secure infrastructure operations on premise, in the cloud and at the edge. The latest release makes it easier for teams to deploy applications into any Kubernetes environment using…

Read more →

NETSCOUT SYSTEMS has completed validation of the integration of its Omnis Cyber Intelligence (OCI), the central console for its network detection and response solution, with Palo Alto Networks Panorama management platform, which centrally manages all form factors of Palo Alto…

Read more →

AlertEnterprise has partnered with Sentry to provide SentryCard as part of their cyber-physical identity access management and security solutions. Redefining security and trust The SentryCard empowers organizations with assured proof-of-identity for employees, while overcoming common privacy and hygiene risks associated…

Read more →

C3 AI and Google Cloud have announced the three-year expansion of their partnership to accelerate their joint selling and co-development efforts. C3 AI’s entire portfolio of enterprise AI applications is available on Google Cloud. Under the terms of the new…

Read more →

Adaptive Shield has joined forces with Tenable, to provide a consolidated posture management solution that correlates the risk of SaaS users and their endpoints. While SaaS providers build in security features, it is the company’s responsibility to cover all attack…

Read more →

SandboxAQ has acquired Cryptosense, just weeks after the company unveiled its Strategic Investment Program and initial investment in evolutionQ. The acquisition of Cryptosense complements and accelerates the deployment of SandboxAQ’s Post-Quantum Cryptography (PQC) solutions to corporations and government institutions worldwide.…

Read more →

LogRhythm has appointed Gary Abad as VP of Global Channels. Abad joins LogRhythm as an accomplished channel sales leader with 25 years of experience in Senior Channel leadership positions with Trustwave, Ivanti, Meru Networks (acquired by Fortinet), Kaspersky Labs, and…

Read more →

May Mitchell, as Open Systems‘ chief marketing officer (CMO), will lead the company’s global marketing strategy, branding, messaging, communications, demand generation, and partner marketing development efforts. Her specific goals include scaling new business growth and increasing customer retention by aligning…

Read more →

Reena Choudhry, as Obsidian Security‘s CRO, brings more than 20+ years of experience in enterprise sales leadership and partner-driven go-to-market strategies. She most recently served as the Chief Revenue Officer at Very Good Security and before that, served as the…

Read more →

FishPig, a UK-based company developing extensions for the popular Magento open-source e-commerce platform, has announced that its paid software offerings have been injected with malware after its distribution server was compromised. How the attackers compromised the FishPig extensions Sansec researchers…

Read more →

Phishers are looking to trick owners of Facebook pages with fake notices from the social network (i.e., Meta, the company behind Facebook, Instagram and WhatsApp), in an attempt to get them to part with sensitive information. The method they are…

Read more →

Ransomware is still the biggest threat to many organizations out there. Many organizations have fallen and you would think they’ve learned from it, but most companies still make one mistake: they think cyberattackers might not get after them since they’re…

Read more →

For years, LinkedIn has been utilized by threat actors looking to refine their attacks. From simple spear-phishing attacks to reconnaissance, the professional networking site has provided a fertile field to harvest data and enhance criminal tactics, even as a jumping…

Read more →

novoShield emerged from stealth, launching its iPhone phishing protection app on the App Store. The company’s cybersecurity solution for mobile devices provides everyone – from individual users to businesses of any size – with the technology they need to combat…

Read more →

Kingston Digital has released the Kingston IronKey Keypad 200 (KP200), the drive to deliver the latest FIPS 140-3 Level 3 security for your data. The IronKey Keypad 200 is built with protection and flexibility of use in mind — offering…

Read more →

The CIS Critical Security Controls (CIS Controls) are a prioritized set of safeguards to mitigate the most prevalent cyber-attacks against systems and networks. They are mapped to and referenced by multiple legal, regulatory, and policy frameworks. CIS Controls v8 has…

Read more →

Kroll announced its report Cyber Risk and CFOs: Over-Confidence is Costly which found chief financial officers (CFOs) to be woefully in the dark regarding cybersecurity, despite confidence in their company’s ability to respond to an incident. The report, conducted by…

Read more →

Couchbase announced findings from industry research examining the challenges faced by development teams amid the race to the cloud and to execute on digital transformation initiatives. The global survey of 650 senior IT decision makers found that development teams are…

Read more →

Asigra has released Tigris Data Protection software with CDR (Content Disarm & Reconstruction). According to the 2022 Verizon Business Data Breach Investigation’s Report, “This has been an unprecedented year in cybersecurity history, shedding light on some of the leading issues…

Read more →

Keysight Technologies has released a new automotive serializer/deserializer (SerDes) receiver (Rx) compliance test solution to verify mobile industry processor interface (MIPI) A-PHY devices based on the Compliance Test Specification (CTS) requirements. This solution was developed in collaboration with BitifEye Digital…

Read more →

Motorola Solutions has unveiled new innovations within its integrated video security and access control portfolio, which allows security operations to detect and analyze incidents in real-time for improved efficiency, safety and security. “It’s been an exciting year for us and…

Read more →

The Linux Foundation has introduced the intention to form the OpenWallet Foundation (OWF), a new collaborative effort to develop open source software to support interoperability for a wide range of wallet use cases. The initiative already benefits from strong support…

Read more →

Daon has announced the availability of IdentityX voice biometrics on the Genesys AppFoundry. Leveraging the Genesys AudioHook API, the new integration delivers identity verification and proofing, mitigates fraudulent account-take-over (ATO) and increases the speed of customers moving through their desired…

Read more →

Oracle has unveiled that MySQL HeatWave is available on Amazon Web Services (AWS). MySQL HeatWave is the service that combines OLTP, analytics, machine learning, and machine learning-based automation within a single MySQL database. AWS users can now run transaction processing,…

Read more →

IFS has unveiled that global cleantech company Hitachi Zosen Inova has selected IFS Cloud to support its mission-critical enterprise resource planning (ERP) processes. Hitachi Zosen Inova operates in energy from waste and renewable gas. The company has their roots in…

Read more →

Salesforce has expanded its use of Workday to support continued global growth. The organization has selected Workday Financial Management, Workday Accounting Center, Workday Adaptive Planning, and Workday Prism Analytics, building on its existing use of Workday Human Capital Management (HCM),…

Read more →

Google has completed its acquisition of Mandiant. Mandiant will join Google Cloud and retain the Mandiant brand. Google and Mandiant share a long commitment to security. Over the past two decades, Google has innovated to build some of the most…

Read more →

New Relic has named Siva Padisetty as SVP and GM, Telemetry Data Platform and Global Infrastructure and Tia Williams as GVP of Design and Product Experience. Padisetty joins New Relic from Amazon Web Services (AWS) where he served as GM…

Read more →

CyrusOne’s Board of Directors has elected Eric Schwartz as Chief Executive Officer, to be effective on or about October 1, 2022. Mr. Schwartz succeeds Dave Ferdman, who has served as CyrusOne’s interim President & Chief Executive Officer since July 28,…

Read more →

Ridge Security has partnered with Stellar Cyber to deliver an integrated solution that streamlines security operations and consolidates multi-sourced data and insights into one single platform to investigate and remediate threats. The joint solution integrates the AI/ML-driven foundation and automated…

Read more →

CellTrust and Xillio have entered a strategic relationship to offer Xillio data migration to organizations through CellTrust. Most of CellTrust’s customers operate in highly regulated industries, i.e., financial services, government, healthcare, education, or insurance, where recordkeeping, eDiscovery, and compliance are…

Read more →

Westcon-Comstor has signed a new distribution agreement with Proofpoint to extend the reach of Proofpoint’s cybersecurity and compliance solutions in the EMEA market. The initial focus will concentrate on certain high-growth countries and is set to expand, with a phased…

Read more →

September 2022 Patch Tuesday is here, with fixes for 64 CVE-numbered vulnerabilities in various Microsoft products, including one zero-day (CVE-2022-37969) exploited by attackers. About CVE-2022-37969 CVE-2022-37969 is an elevation of privilege vulnerability in the Windows Common Log File System (CLFS)…

Read more →

U.S. moving and storage rental company U-Haul has suffered a data breach due to an unauthorized person having accessed an unspecified number of rental contracts, U-Haul’s parent company Amerco has revealed in a last week. It is not known have…

Read more →

Barracuda released its fourth-annual threat research report which looks at ransomware attack patterns that occurred between August 2021 and July 2022. This Help Net Security video highlights how ransomware attacks continue to be a threat to businesses of all sizes.…

Read more →

Apple has fixed a slew of vulnerabilities in macOS, iOS, and iPadOS, including a zero-day kernel vulnerability (CVE-2022-32917) exploited by attackers in the wild. About CVE-2022-32917 CVE-2022-32917, reported by an anonymous researcher, may allow a malicious application to execute arbitrary…

Read more →

In a world where we can no longer trust anyone, zero trust security has picked up momentum, especially since 2018 when NIST published Implementing a Zero Trust Architecture. With breaches at all time high and ever-increasing sophistication in cyberattacks, it…

Read more →

Censys launched its State of the Internet Report, a holistic view into internet risks and organizations’ exposure to them. Through careful examination of which ports, services, and software are most prevalent on the internet and the systems and regions where…

Read more →

Kali Linux is a Linux distribution designed for digital forensics, penetration testing, security research, and reverse engineering. Here is a selection of books for different experience levels, you can either start from scratch or get advanced tips – there’s something…

Read more →

Today’s harsh reality is that incident response based on manual efforts is no longer successful for security teams. Staying on top of thousands of daily security alerts is exhausting and is nearly impossible to assess manually, especially for security analysts…

Read more →

INFINIQ has introduced a data anonymization solution that automatically detects and anonymizes all identifiable faces and license plates in videos and images captured. It can blur out or use Deepfake technology to anonymize personal information in real-time with over 99%…

Read more →

D3 Security has launched D3 Chronos, a streamlined SOAR package for managed security services providers (MSSPs) that can cut alert-handling times by 90% within two weeks. In contrast to full-scale SOAR implementations that can take months, D3 Chronos is purpose-built…

Read more →

HYCU has announced its State of Ransomware Preparedness report in partnership with ActualTech Media, which reveals that ransomware is an unavoidable risk for businesses, which is why ransomware preparedness is a top priority. The report captures detailed data intended to…

Read more →

Unified Identity Protection company Silverfort has appointed Tim Fleming as Strategic Advisor. Responsible for all commercial and operational technology strategy at Deloitte for over 20 years, as CIO of Australia and APAC, Tim oversaw a team of more than 1300…

Read more →

Verimatrix has unveiled that NexPlayer has integrated its NexPlayer multi-screen player SDK with the Verimatrix Streamkeeper Multi-DRM platform as well as its accompanying Verimatrix Watermarking tools to help further protect its customers’ valuable entertainment content. Acclaimed for efficiently addressing issues…

Read more →

NTT DATA UK&I and SecurityScorecard have partnered to accelerate the transformation of continuous cyber risk monitoring across industries across the UK and Ireland (UK&I). As part of the partnership, NTT DATA will deliver a posture evaluation report offering for clients,…

Read more →

With the resurgence of cyber-attacks, which are ever more violent and paralyzing for companies, IKOULA has joined forces with ESET to offer companies a professional endpoint protection solution against ransomware and zero-day threats. At a time when cyber-risks must be…

Read more →

QNAP Systems has provided more information about the latest DeadBolt ransomware campaign targeting users of its network-attached storage (NAS) devices and the vulnerability the attackers are exploiting (CVE-2022-27593). About CVE-2022-27593 CVE-2022-27593 exists because of an externally controlled reference that resolves…

Read more →

ImmuniWeb has announced the implementation of a range of improvements to its ImmuniWeb AI Platform, which will become available to existing customers and partners from 18 September. All existing and newly-created projects on the ImmuniWeb AI Platform will receive the…

Read more →

A global research commissioned by Cohesity reveals that nearly half of respondents say their company depends on outdated, legacy backup and recovery infrastructure to manage and protect their data. This Help Net Security video showcases that organizations are still relying…

Read more →

In this Help Net Security video, Michael Thelander, Director Product Marketing at Eclypsium, discusses how financial organizations are failing to act despite the majority experiencing a firmware-related breach. 92% of CISOs in finance believe adversaries are better equipped at weaponizing…

Read more →

Rahul Sasi is the founder and CEO of CloudSEK, which leverages artificial intelligence and machine learning to combat cyber threats. The Singapore-headquartered company was founded in 2015, and raised a $7 million in Series A investment led by MassMutual Ventures…

Read more →

Results of a Vade report highlight the prevalence of Managed Service Providers (MSPs), with 96% of organizations either currently outsourcing at least some of their needs to MSPs or planning to do so in the future. The report also analyzes…

Read more →

API or Application Programming Interface is a de facto building block for modern-day applications, necessary for both building and connecting applications and websites. But APIs are poorly protected and have become one of the prime targets for attacks, especially bot…

Read more →

Delinea set out to understand what IT security leaders are doing to reduce the risk of a privileged account or identity-based attack. This report reveals how people close to the process feel about their progress, what obstacles stand in their…

Read more →