Tag: Help Net Security

In this Help Net Security video, John Grancarich, Fortra’s Chief Strategy Officer, discusses the 2025 Fortra State of Cybersecurity Survey and highlights escalating concerns among security professionals about AI-driven threats and a shortage of cybersecurity skills. The survey reveals that…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Outpost24, Palo Alto Networks, Red Canary, and Sonatype. Outpost24 introduces CyberFlex to streamline attack surface management and pen testing Outpost24 has launched Outpost24 CyberFlex, a…

Read more →

CISO Amplitude | USA | Hybrid – View job details As a CISO, you will develop, implement, and maintain a comprehensive security strategy aligned with Amplitude’s business goals and risk tolerance. Oversee the identification, assessment, and mitigation of security risks…

Read more →

Socure launched Identity Manipulation Risk Score, a cross-industry predictive risk score designed to stop repeat first-party fraud abusers from exploiting the digital economy at scale. This AI-powered capability is embedded within Sigma First-Party Fraud, Socure’s innovative solution that leverages the…

Read more →

Persona announced the next generation of their unified KYC-KYB platform that will combat sophisticated fraud during business onboarding and throughout the business lifecycle. These enhancements deliver insights into both businesses and the individuals behind them, enabling more effective fraud detection…

Read more →

Riskified launched Adaptive Checkout, a solution designed to drive higher conversion rates by not falsely declining good orders while also mitigating fraud for ecommerce merchants. This configuration of Riskified’s Chargeback Guarantee product enhances existing fraud prevention models by incorporating a…

Read more →

In recent years, collaboration tools have become an absolute necessity for remote and hybrid work. This primarily increased during the COVID-19 pandemic due to the impossibility of communicating in person. So, tools like Slack, Microsoft Teams, and Zoom surged in…

Read more →

Discover essential reads for CISOs in this curated list of books covering cybersecurity leadership, risk management, zero trust, board communication, and more. Why CISOs Fail, 2nd Edition Author: Barak Engel Barak Engel expands on the ideas from his original 2017…

Read more →

Organizations have zero visibility into 89% of AI usage, despite security policies according to a LayerX report. 71% of connections to GenAI tools are done using personal non-corporate accounts. Among logins using corporate accounts, 58% of connections are done without…

Read more →

Whether we recognize it or not, anytime an incident occurs, it sets off the grieving process. But grief isn’t a bad thing: it’s how we process our emotional reactions and move on. That’s precisely what security teams need to do…

Read more →

Sonatype announced end-to-end AI Software Composition Analysis (AI SCA) capabilities that enable enterprises to harness the full potential of AI. With its expertise in open source governance, Sonatype now extends its trusted platform to protect, manage, and optimize AI/ML models…

Read more →

eSentire announced its new Next Level cybersecurity offering and supporting campaign. Through an integration of Continuous Threat Exposure Management (CTEM) and MDR services, eSentire is delivering differentiated outcomes for organizations demanding heightened levels of protection as they build resilience and…

Read more →

Sonatype announced end-to-end AI Software Composition Analysis (AI SCA) capabilities that enable enterprises to harness the full potential of AI. With its expertise in open source governance, Sonatype now extends its trusted platform to protect, manage, and optimize AI/ML models…

Read more →

Omega Systems has expanded its cybersecurity offerings with the addition of a new Enterprise Password Management solution to help companies minimize the risk of password-related cyberattacks. Omega’s fully managed password solution is the latest addition to the company’s managed security…

Read more →

As enterprises expand their multi-cloud strategies to drive agility and scalability, CISOs must prioritize cyber resilience across diverse cloud platforms. The complexities of securing multi-cloud environments demand innovative solutions to maintain a strong security posture. “Many organizations in regulated industries…

Read more →

Specops Software has launched Specops Secure Access, a new capability that provides multi-factor authentication (MFA) to Windows logon, Remote Desktop Protocol (RDP), and VPN connections. This new innovation adds a layer of security to on-premises or hybrid Active Directory environments,…

Read more →

Fix Inventory is an open-source tool for detecting compliance and security risks in cloud infrastructure accounts. It was built from the ground up for cloud-native environments and provides broad support for over 300 cloud services, including AWS, Google Cloud Platform,…

Read more →

In Q4 2024, cyber threats reached unprecedented levels, with 2.55 billion attacks blocked, equating to 321 threats every second. In this Help Net Security video, Luis Corrons, Security Evangelist at Gen, discusses a new Gen report that highlights a troubling…

Read more →

Red Canary announced new capabilities for Red Canary Security Data Lake, a service that enables IT and security teams to store, search, and access large volumes of infrequently accessed logs—such as firewall, DNS, and SASE data—without overspending on legacy SIEMs.…

Read more →

In its ongoing commitment to deliver comprehensive cyber resiliency, Rubrik announced innovations designed to enhance protection for cloud, SaaS, and on-premises environments. The innovations aim to provide customers with even more ability to anticipate breaches, detect potential threats, and recover…

Read more →

To say that the cybersecurity landscape has grown more complex over the past several years would be a dramatic understatement. Attackers have more resources at their fingertips than ever, and data breaches have become almost a daily occurrence. For both…

Read more →

Virtual Chief Information Security Officer (vCISO) services are in high demand. Even though it is clear to all that this trend is growing, most service providers only offer a portion of overall CISO duties. Many ask themselves “Can we offer…

Read more →

Immuta announced Immuta AI, a new foundational layer within the Immuta Platform, designed to infuse AI across the platform to enhance data governance at scale – including seamless integration with Immuta’s Data Marketplace to further streamline access to governed data. As…

Read more →

In this Help Net Security interview, Matthew Darlage, CISO at Citizens, discusses key strategies for strengthening cyber resilience in banks. He underlines that adherence to frameworks like NIST is essential for continuous improvement and that data protection measures are critical…

Read more →

Governments in the UK, US, and Europe are pressuring tech companies to weaken encryption in the name of security. The latest push from the UK government demanding Apple create a backdoor to encrypted iCloud data is just one example, one…

Read more →

The dynamic between CISOs and CIOs has always been complex. While both roles are essential to an organization’s success, their priorities often put them at odds. The CIO focuses on IT efficiency, innovation, and business enablement, while the CISO prioritizes…

Read more →

Application Security Engineer Via | Israel | Hybrid – View job details As a Application Security Engineer, you will perform security assessments, including penetration testing, vulnerability scanning, and code reviews, to identify security weaknesses in applications. Define and implement application…

Read more →

The growth of AI-based technology has introduced new challenges, making remote identity verification systems more vulnerable to attacks, according to iProov. Innovative and easily accessible tools have allowed threat actors to become more sophisticated overnight, powering an increasing number of…

Read more →

In this Help Net Security video, Tim Morris, Chief Security Advisor at Tanium, shares practical best practices to help organizations balance innovation and security while leveraging AI. Morris warns of an even riskier shadow AI trend in which departments, unsatisfied…

Read more →

Outpost24 has launched Outpost24 CyberFlex, a comprehensive application security solution that combines Attack Surface Management (ASM) and Penetration Testing as a Service (PTaaS) to manage and secure an organization’s external-facing applications, and deliver enhanced visibility in a flexible and agile…

Read more →

Palo Alto Networks introduced today Prisma SASE 5G, delivering the functionality and capabilities customers need to stay protected for the future state of mobility and connectivity. The company also announced the expansion of its private 5G collaborations, working with seven…

Read more →

Commix is an open-source penetration testing tool designed to automate the detection and exploitation of command injection vulnerabilities, streamlining security assessments for researchers and ethical hackers. Commix features Easy to use: Commix simplifies the process of identifying and exploiting command…

Read more →

The Chief AI Officer’s Handbook is a comprehensive resource for professionals navigating AI implementation and strategy. It is particularly valuable for Chief AI Officers (CAIOs), offering guidance on defining their role and executing AI-driven business strategies. About the author Jarrod…

Read more →

QR codes have become an integral part of our everyday life due to their simplicity. While they’ve been around for many years, their use exploded during the COVID-19 pandemic, when businesses turned to them for contactless menus, payments, and check-ins.…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Massive botnet hits Microsoft 365 accounts A recently discovered botnet of over 130,000 compromised devices is launching coordinated password-spraying attacks against Microsoft 365 (M365) accounts.…

Read more →

Ransomware attacks against industrial organizations surged by 87% over the past year, while new malware families designed specifically for OT environments emerged. These findings highlight a troubling trend: OT systems are increasingly becoming mainstream targets, and even sophisticated threat actors…

Read more →

Users of the MITRE Caldera cyber security platform have been urged to plug a critical hole (CVE-2025–27364) that may allow unauthenticated attackers to achieve remote code execution. About MITRE Caldera MITRE Caldera is a platform built on the MITRE ATT&CK…

Read more →

The Open Source Security Foundation (OpenSSF), a cross-industry initiative by the Linux Foundation, has announced the initial release of the Open Source Project Security Baseline (OSPS Baseline), a tiered framework of security practices that evolve with the maturity of open…

Read more →

In this Help Net Security interview, David Dumont, Partner at Hunton Andrews Kurth, discusses the implications of the EU AI Act and how organizations can leverage existing GDPR frameworks while addressing new obligations such as conformity assessments and transparency requirements.…

Read more →

In this Help Net Security video, Nathan Parks, Senior Research Specialist at Gartner, discusses their recent research, revealing that only 14% of security leaders effectively balance data security with business goals. 35% of leaders are focused on securing data, while…

Read more →

Here’s a look at the most interesting products from the past month, featuring releases from: 1Password, Armor, BigID, Dynatrace, Fortinet, Legit Security, Netwrix, Nymi, Palo Alto Networks, Pangea, Privacera, Qualys, SafeBreach, Satori, Seal Security, Socure, and Veeam Software. Qualys TotalAppSec…

Read more →

Phishing has been the method most often employed by cybercriminals to achieve initial access to targeted organizations in 2024, according to risk advisory firm Kroll, which expects this trend to continue in 2025. But attackers have also increasingly been using…

Read more →

CalypsoAI launched the CalypsoAI Security Leaderboard, an index of all the major AI models based on their security performance. The CalypsoAI Security Leaderboard ranks all the major models on their ability to withstand advanced security attacks and presents a risk-to-performance (RTP)…

Read more →

Aviatrix launched Aviatrix Kubernetes Firewall, a new solution designed to tackle the pervasive security and application modernization challenges faced by enterprises operating Kubernetes at scale, particularly those in hybrid and multicloud environments. In an era where enterprises are increasingly adopting Kubernetes…

Read more →

Trustmi announced new Behavioral AI, anomaly detection, and risk-scoring capabilities to help enterprise customers combat social engineering attacks on their finance teams, payment systems, suppliers, and processes. The new wave of sophisticated AI-driven social engineering attacks generates highly personalized and…

Read more →

A high-severity vulnerability (CVE-2025-23363) in the Siemens Teamcenter product lifecycle management (PLM) software could allow an attacker to steal users’ valid session data and gain unauthorized access to the vulnerable application. About CVE-2025-23363 Siemens Teamcenter is a suite of applications…

Read more →

F5 introduced the F5 Application Delivery and Security Platform, an Application Delivery Controller (ADC) solution that fully converges high-performance load balancing and traffic management with app and API security capabilities into a single platform. With this platform, F5 is delivering…

Read more →

Agentic AI, which consists of systems that autonomously take action based on high-level goals, is becoming integral to enterprise security, threat intelligence, and automation. While these systems present significant potential, they also introduce new risks that CISOs must address. This…

Read more →

This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Kunai: Open-source threat hunting tool for Linux Kunai is an open-source tool that provides deep and precise event monitoring for Linux environments.…

Read more →

The post Cybersecurity jobs available right now in Europe: February 27, 2025 appeared first on Help Net Security. This article has been indexed from Help Net Security Read the original article: Cybersecurity jobs available right now in Europe: February 27,…

Read more →

Imagine you’re a network engineer at an enterprise. You already have your hands full with IT priorities, including managing bandwidth related to working from home, the company’s new data center, and, more recently, computing needs to support AI adoption. Additionally,…

Read more →

While cybersecurity pros spend much of their time immersed in technical reports, risk assessments, and policy documents, fiction offers a refreshing perspective on security and hacking. Great cyber-themed novels can teach lessons on human psychology, cyber warfare, and the ethics…

Read more →

Fortanix announced new capabilities to its data encryption and key management platform. Even as organizations struggle to manage the rising costs and complexity of data security, advances in AI and quantum computing will render current protections obsolete. Quantum computers will…

Read more →

For the second time since the start of 2025, a huge number of login credentials extracted from infostealer logs has been added to the database powering the HaveIBeenPwned (HIBP) site and breach notification service. In January 2025, HIBP’s creator Troy…

Read more →

Kaspersky researchers have unearthed an extensive and long-running malware delivery campaign that exploited users’ propensity for downloading code from GitHub and using it without first verifying whether it’s malicious. “Over the course of the GitVenom campaign, the threat actors behind…

Read more →

Pentera has unveiled Cyber Pulse, a new mechanism to update the Pentera platform with the latest vulnerabilities and attack techniques from the Pentera research team. Cyber Pulse delivers a continuous stream of new cyber exposure validation capabilities, enabling organizations to…

Read more →

Seal Security launched Seal OS, a solution designed to automatically fix vulnerabilities in both Linux operating systems and application code. Seal OS delivers long-term support for a wide range of Linux distributions, encompassing Red Hat Enterprise Linux, CentOS, Oracle Linux,…

Read more →

Red Hat announced Red Hat OpenShift 4.18, the latest version of the hybrid cloud application platform powered by Kubernetes. Red Hat OpenShift 4.18 introduces new features and capabilities designed to streamline operations and security across IT environments and deliver greater…

Read more →

DalFox is an open-source tool for automating the detection of XSS vulnerabilities. With powerful testing capabilities and a wide range of features, it makes scanning, analyzing parameters, and verifying vulnerabilities faster and easier. “The uniqueness of Dalfox lies in its…

Read more →

For many CISOs, compliance can feel like a necessary evil and a false sense of security. While frameworks like ISO 27001, SOC 2, and PCI DSS offer structured guidelines, they don’t automatically equate to strong cybersecurity. The challenge? Many organizations…

Read more →

In this Help Net Security video, Nataraj Nagaratnam, an IBM Fellow and CTO for Cloud Security, discusses enterprises’ steps to lay a secure foundation for agentic AI deployments. Recent research from IBM and Morning Consult shows that 99% of developers…

Read more →

DISA Global Solutions, a Texas-based company that provides employment screening services (including drug and alcohol testing and background checks) for over 55,000 organizations, has suffered a cyber incident that led to a data breach, which resulted in the potential compromise…

Read more →

Have you ever heard anyone earnestly ask in a business, “Who owns legal?” or “Who sets the financial strategy?” Probably not – it should be obvious, right? Yet, when it comes to cybersecurity, the question of ownership still seems to…

Read more →

Silver Fox, a China-based threat actor that may or may not be backed by the Chinese government, has been delivering the ValleyRAT backdoor to unsuspecting users by disguising the malware as legitimate healthcare app (the Philips DICOM viewer), a Windows…

Read more →

Halcyon announced Halcyon Ransomware Detection and Recovery (RDR), a no-cost integrated service that is now included with every deployment of the Halcyon Anti-Ransomware Platform. Most 24/7 threat monitoring and response services are not included with software platform purchases and are…

Read more →

Netskope announced enhancements to its Netskope One Enterprise Browser. By delivering Enterprise Browser fully integrated with the Netskope One platform’s Security Service Edge (SSE) capabilities, Netskope enables organizations to increase productivity and streamline the security of how unmanaged devices and…

Read more →

Hyperscalers have perpetuated the narrative that open-source solutions cannot compete at scale. This perception has influenced funding priorities, shaped policy discussions, and reinforced organizational reliance on Big Tech. With the launch of Hub 10, Nextcloud demonstrates that open source is…

Read more →

By providing full context around both the application and the development environment, Legit’s ASPM platform empowers CISOs and their team to find, fix, and prevent the application vulnerabilities driving the greatest business risk. The release of Legit context follows on…

Read more →

OwnID announced an addition to its platform: AI-native identity support for AI Agents. With browser-using AI Agents – such as ChatGPT Operator and other autonomous digital assistants becoming an integral part of customer interactions, businesses require a secure, scalable way…

Read more →

In this Help Net Security interview, Marina Segal, CEO at Tamnoon, discusses the most significant obstacles when implementing managed cloud security in hybrid and multi-cloud environments. She shares insights on long onboarding times, legacy security gaps, vendor lock-in, and overlooked…

Read more →

Application Security Engineer Binance | UAE | Remote – View job details As a Application Security Engineer, you will enhance and maintain the security postures of Binance’s affiliates specializing in DeFi and Web3. Serve as the first responder for security…

Read more →

CISOs are constantly navigating the challenge of protecting their organizations while ensuring business agility and innovation. For example, as companies move workloads to the cloud to support remote teams, security teams must secure data without slowing down productivity. Finding the…

Read more →

BigID announced BigID Next, a cloud-native, AI-powered Data Security Platform (DSP) designed to help enterprises discover, manage, and protect their data at scale. With a modular, AI-assisted architecture, BigID Next empowers organizations to take control of their most valuable asset—data—while…

Read more →

A proof-of-concept (PoC) exploit for four critical Ivanti Endpoint Manager vulnerabilities has been released by Horizon3.ai researchers. The vulnerabilities – CVE-2024-10811, CVE-2024-13161, CVE-2024-13160 and CVE-2024-13159 – may be exploited by remote, unauthenticated attackers to leverage Ivanti EPM machine account credentials…

Read more →

A recently discovered botnet of over 130,000 compromised devices is launching coordinated password-spraying attacks against Microsoft 365 (M365) accounts. Security researchers at SecurityScorecard are examining possible connections to China-affiliated threat actors, citing evidence of infrastructure linked to CDS Global Cloud…

Read more →

Account takeover (ATO) is one of the most prevalent attack types; Proofpoint says that in 2024, 99% of the customer tenants the company monitors were hit with at least one account takeover attempt, and 62% of the customers experienced at…

Read more →

In this Help Net Security interview, Aaron Roberts, Director at Perspective Intelligence, discusses how automation is reshaping threat intelligence. He explains that while AI tools can process massive data sets, the nuanced judgment of experienced analysts remains critical. Roberts also…

Read more →

In this Help Net Security video, Lee Waskevich, VP of Security at ePlus, discusses how AI deployment demands enhanced governance and stricter controls, particularly in managing data. The recent ePlus AI Readiness survey revealed that the top data concerns among…

Read more →

Misconfig Mapper is an open-source CLI tool built in Golang that discovers and enumerates instances of services used within your organization. It performs large-scale detection and misconfiguration assessments, leveraging customizable templates with detection and misconfiguration fingerprints to identify potential security…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094) The suspected Chinese state-sponsored hackers who breached workstations of several US Treasury employees in…

Read more →

For most public sector organizations, digital transformation is a work in progress, with the complexity of integrating new systems and privacy and security concerns remaining key barriers, according to a report by SolarWinds. Only 6% of respondents report having fully…

Read more →

OpenText announced OpenText Core Threat Detection and Response, a new AI-powered cybersecurity solution for threat detection to be generally available with Cloud Editions 25.2. OpenText has expanded its Cybersecurity portfolio in recent years, and its next generation of innovation is…

Read more →

Versa releases Versa Sovereign SASE, allowing enterprises, governments, and service providers to deploy customized networking and security services directly from their own infrastructure in a “do-it-yourself” model. This approach addresses the growing demand for greater control amidst evolving data privacy…

Read more →

Symbiotic Security announced updates to its application and integrated development environment (IDE) extension, further streamlining security for developers by improving usability, accessibility, and real-time security insights. The demand for real-time security solutions is growing as organizations seek to shift security…

Read more →

Apple allows you to lock your notes using your iPhone passcode or a separate password, ensuring your private information stays protected across all your Apple devices, including iOS and macOS. Whether you’re using your iPhone, iPad, or Mac, here’s how…

Read more →

In this Help Net Security interview, Chester Wisniewski, Director and Global Field CISO at Sophos, discusses the shifting ransomware landscape, the risks posed by quantum decryption threats, and the role of vendor security validation. Wisniewski notes that cyber resilience is…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from 1Password, Fortinet, Pangea, Privacera, and Veeam Software. Fortinet enhances FortiAnalyzer to deliver accelerated threat hunting and incident response FortiAnalyzer offers a streamlined entry point to…

Read more →

Compliance & Privacy Specialist McKesson | Remote – View job details As a Compliance & Privacy Specialist, you will identify potential gaps, establish and maintain policies and procedures to guide the business in complying with regulatory requirements, create and deliver…

Read more →

Apiiro security researchers have released open source tools that can help organizations detect malicious code as part of their software development lifecycle: PRevent (a scanner for pull requests), and a malicious code detection ruleset for Semgrep and Opengrep static code…

Read more →

Runa launched Runa Assure, a security suite specifically built to fortify payout processes against threats of fraud, cyberattacks, and compliance risks. Runa Assure was purpose-built for instant payout methods, including gift cards, prepaid, and push-to-card, and now protects over two…

Read more →

A new, improved version of Darcula, a cat-themed phishing-as-a-service (PhaaS) platform aimed at serving Chinese-speaking criminals, will be released this month and will allow malicious users to create customized phishing kits to target a wider variety of brands than ever…

Read more →

Since early 2024, ESET researchers have been tracking DeceptiveDevelopment, a series of malicious campaigns linked to North Korea-aligned operators. Disguising themselves as software development recruiters, these threat actors lure victims with fake job offers and deliver software projects embedded with…

Read more →

Norton is setting the standard for scam protection with a new range of AI-powered features fully integrated in Norton Cyber Safety products to help protect people from the most widespread cyberthreat of our time. Like the first domino tipping over…

Read more →

Privacera announced significant updates to its AI Governance (PAIG) platform, reinforcing its commitment to AI risk management and compliance. These additions align PAIG to the existing National Institute of Standards and Technology’s (NIST) AI Risk Management Framework, offering a comprehensive,…

Read more →

1Password introduced 1Password Enterprise Password Manager – MSP Edition, a dedicated solution that transforms how MSPs safeguard client data and helps them confront complex threat environments. With features tailored to MSPs’ unique needs, this comprehensive solution strengthens client security posture…

Read more →

Lumu announced Playback feature for Managed Service Providers (MSPs). Playback collects, analyzes and stores network metadata including network logs, and turns them into actionable threat intelligence. This enterprise-grade technology is widely adopted by the financial sector, healthcare, government, and education,…

Read more →

In this Help Net Security interview, Juliette Hudson, CTO of CybaVerse, discusses why asset visibility remains a critical cybersecurity challenge. She explains how to maintain security without slowing down operations, shares ways to improve visibility in OT environments, and explains…

Read more →

The third quarter of 2024 saw a dramatic shift in the types of malware detected at network perimeters, according to a new WatchGuard report. The report’s key findings include a 300% increase quarter over quarter of endpoint malware detections, highlighted…

Read more →

Enhancing your security and privacy on iOS 18 involves configuring various settings to control access to your personal data and device features. Here are 12 essential settings to consider. Enable two-factor authentication (2FA) Using 2FA authentication adds an extra layer…

Read more →

CardinalOps announced new enhancements to its Threat Exposure Management platform. The newly launched platform provides security teams with better visibility, smarter prioritization, and consistent workflows to address exposures and proactively reduce the risk of a breach. With this expansion, CardinalOps is…

Read more →