Don’t miss

The CISO’s approach to AI: Balancing transformation with trust

access control, Artificial Intelligence, CISO, cybersecurity, Devo Technology, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, policy, risk, Risk Management /

The CISO’s approach to AI: Balancing transformation with trust 2024-07-23 at 07:31 By Help Net Security As organizations increasingly adopt third-party AI tools to streamline operations and gain a competitive edge, they also invite a host of new risks. Many companies are unprepared, lacking clear policies and adequate employee training to mitigate these new dangers. […]

The CISO’s approach to AI: Balancing transformation with trust Read More »

10 fintech companies to watch in 2024

Compliance, Don't miss, Fintech, GoCardless, Hot stuff, News, Paysafe, Riskified, SaaS, Socure, tokenization /

10 fintech companies to watch in 2024 2024-07-23 at 07:01 By Anamarija Pogorelec The fintech market is experiencing a swift transformation driven by emerging technologies like Open Finance and GenAI, as highlighted by Juniper Research. This evolution is compounded by intense competition to become customers’ preferred choice, making the market more competitive and unpredictable than

10 fintech companies to watch in 2024 Read More »

Despite economic uncertainty, organizations are prioritizing SaaS security investments

Adaptive Shield, CISO, Cloud Security Alliance, cybersecurity, Don't miss, Hot stuff, News, report, SaaS, strategy, survey, tips, Video /

Despite economic uncertainty, organizations are prioritizing SaaS security investments 2024-07-23 at 06:31 By Mirko Zorz In this Help Net Security video, Maor Bin, CEO and Co-Founder of Adaptive Shield, discusses the key findings of their recent annual SaaS Security Survey Report, conducted in partnership with the Cloud Security Alliance (CSA). Seventy percent of organizations have

Despite economic uncertainty, organizations are prioritizing SaaS security investments Read More »

Confidential AI: Enabling secure processing of sensitive data

Artificial Intelligence, Compliance, cybersecurity, Data Protection, Don't miss, Features, Hot stuff, Intel, News, opinion, software /

Confidential AI: Enabling secure processing of sensitive data 2024-07-23 at 06:01 By Mirko Zorz In this Help Net Security interview, Anand Pashupathy, VP & GM, Security Software & Services Division at Intel, explains how Intel’s approach to confidential computing, particularly at the silicon level, enhances data protection for AI applications and how collaborations with technology

Confidential AI: Enabling secure processing of sensitive data Read More »

Microsoft releases tool to speed up recovery of systems borked by CrowdStrike update

CrowdStrike, Don't miss, Hot stuff, Microsoft, News, Orca Security, phishing, tech support scam, Trend Micro, virtualization, Windows, Windows Server /

Microsoft releases tool to speed up recovery of systems borked by CrowdStrike update 2024-07-22 at 15:16 By Zeljka Zorz By now, most people are aware of – or have been personally affected by – the largest IT outage the world have ever witnessed, courtesy of a defective update for Crowdstrike Falcon Sensors that threw Windows

Microsoft releases tool to speed up recovery of systems borked by CrowdStrike update Read More »

Cross-industry standards for data provenance in AI

Artificial Intelligence, Compliance, cybersecurity, data, Data & Trust Alliance, Don't miss, Features, Hot stuff, News, opinion, regulation, standards /

Cross-industry standards for data provenance in AI 2024-07-22 at 07:31 By Mirko Zorz In this Help Net Security interview, Saira Jesani, Executive Director of the Data & Trust Alliance, discusses the role of data provenance in AI trustworthiness and its impact on AI models’ performance and reliability. Jesani highlights the collaborative process behind developing cross-industry

Cross-industry standards for data provenance in AI Read More »

Shuffle Automation: Open-source security automation platform

automation, Don't miss, GitHub, Hot stuff, News, open source, security operations, software /

Shuffle Automation: Open-source security automation platform 2024-07-22 at 07:01 By Mirko Zorz Shuffle is an open-source automation platform designed by and for security professionals. While security operations are inherently complex, Shuffle simplifies the process. It’s designed to integrate with Managed Security Service Providers (MSSPs) and other service providers. Key features Feature-rich workflow editor. App creator

Shuffle Automation: Open-source security automation platform Read More »

Cyber insurance 2.0: The systemic changes required for future security

cyber insurance, cyber risk, cybercrime, Don't miss, Hot stuff, resilience, Video /

Cyber insurance 2.0: The systemic changes required for future security 2024-07-22 at 06:31 By Help Net Security Digitalization has evolved into a systemic risk for organizations – and, therefore, cyber insurers. With the global cost of cybercrime skyrocketing, something has to change. In this Help Net Security video, Vishaal Hariprasad, CEO at Resilience, discusses how

Cyber insurance 2.0: The systemic changes required for future security Read More »

Update: Worldwide IT outage due to buggy Crowdstrike update

BH Consulting, Brian Honan, CrowdStrike, cyber resilience, disruption, Don't miss, ESET, Hot stuff, Hunter Strategy, News, Performanta, SANS ISC, Windows /

Update: Worldwide IT outage due to buggy Crowdstrike update 2024-07-19 at 19:46 By Zeljka Zorz The world is 16+ hours into what looks like the biggest IT outage in history, triggered by a defective update for Crowdstrike endpoint security software for Windows machines. The price of both Crowdstrike’s and Microsoft’s shares tumbled down as a

Update: Worldwide IT outage due to buggy Crowdstrike update Read More »

Faulty CrowdStrike update takes out Windows machines worldwide

Australia, CrowdStrike, Don't miss, Endpoint Security, Europe, Hot stuff, News, UK, USA, Windows /

Faulty CrowdStrike update takes out Windows machines worldwide 2024-07-19 at 11:31 By Zeljka Zorz Thousands and possibly millions of Windows computers and servers worldwide have been made inoperable by a faulty update of Crowdstrike Falcon Sensors, and the outage affected transport, broadcast, financial, retail and other organizations have been affected in Europe, Australia, the US

Faulty CrowdStrike update takes out Windows machines worldwide Read More »

GenAI network acceleration requires prior WAN optimization

Aryaka, Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, generative AI, Hot stuff, network, network monitoring, News, opinion, SASE /

GenAI network acceleration requires prior WAN optimization 2024-07-19 at 07:32 By Help Net Security As GenAI models used for natural language processing, image generation, and other complex tasks often rely on large datasets that must be transmitted between distributed locations, including data centers and edge devices, WAN optimization is essential for robust deployment of GenAI

GenAI network acceleration requires prior WAN optimization Read More »

Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991)

CVE, data analytics, Don't miss, enterprise, Hot stuff, News, security update, SonicWall, Splunk, vulnerability /

Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991) 2024-07-18 at 18:01 By Zeljka Zorz A recently fixed vulnerability (CVE-2024-36991) affecting Splunk Enterprise on Windows “is more severe than it initially appeared,” according to SonicWall’s threat researchers. Several PoC exploits have been published, including one by IT consultant Mohamed Nabil Ali that performs bulk

Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991) Read More »

eBook: How CISSP turns career goals into reality

Don't miss, ISC2, News, Whitepapers and webinars /

eBook: How CISSP turns career goals into reality 2024-07-18 at 16:01 By Help Net Security CISSP carries clout. As the world’s leading cybersecurity certification, it opens many professional opportunities worldwide. Find out what led 14 successful CISSPs around the globe to a career in cybersecurity. They open up about how certification has helped them realize

eBook: How CISSP turns career goals into reality Read More »

FIN7 sells improved EDR killer tool

attack tools, backdoor, cybercrime, cybercriminals, Don't miss, Hot stuff, Malware, News, Ransomware, SentinelOne /

FIN7 sells improved EDR killer tool 2024-07-18 at 15:46 By Zeljka Zorz The cybercrime-focused enterprise known as FIN7 (aka the Carbanak group) has come up with yet another trick to assure the effectiveness of its “EDR killer” tool, dubbed AvNeutralizer (i.e., AuKill) by researchers. By leveraging Windows’ built-in driver TTD Monitor Driver (ProcLaunchMon.sys), in conjunction

FIN7 sells improved EDR killer tool Read More »

Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419)

Cisco, Don't miss, email security, Hot stuff, News, security update, vulnerability /

Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419) 2024-07-18 at 12:16 By Zeljka Zorz Cisco has fixed two critical vulnerabilities that may allow attackers to overwrite files on its Secure Email Gateways (CVE-2024-20401) and change the password of any user on its Smart Software Manager On-Prem license servers (CVE-2024-20419). Neither

Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419) Read More »

Fighting AI-powered synthetic ID fraud with AI

Artificial Intelligence, authentication, AuthenticID, biometrics, Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, fraud, Hot stuff, identity, identity verification, News, opinion /

Fighting AI-powered synthetic ID fraud with AI 2024-07-18 at 07:31 By Help Net Security Aided by the emergence of generative artificial intelligence models, synthetic identity fraud has skyrocketed, and now accounts for a staggering 85% of all identity fraud cases. For security professionals, the challenge lies in staying one step ahead of these evolving threats.

Fighting AI-powered synthetic ID fraud with AI Read More »

Laying the groundwork for zero trust in the military

Artificial Intelligence, Core4ce, cybersecurity, Department of Defense, Don't miss, Features, Hot stuff, machine learning, network, News, opinion, policy, training, zero trust /

Laying the groundwork for zero trust in the military 2024-07-18 at 07:01 By Mirko Zorz In this Help Net Security interview, Curtis Arnold, VP and Chief Scientist at Core4ce, discusses the starting points for military training in zero trust principles, emphasizing foundational technologies and a unified taxonomy. Arnold provides insights into the DoD’s Zero Trust

Laying the groundwork for zero trust in the military Read More »

Grype: Open-source vulnerability scanner for container images, filesystems

cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, penetration testing, scanning, software /

Grype: Open-source vulnerability scanner for container images, filesystems 2024-07-18 at 06:31 By Help Net Security Grype is an open-source vulnerability scanner designed for container images and filesystems that seamlessly integrates with Syft, a powerful Software Bill of Materials (SBOM) tool. Find vulnerabilities for major operating system packages Alpine Amazon Linux BusyBox CentOS CBL-Mariner Debian Distroless

Grype: Open-source vulnerability scanner for container images, filesystems Read More »

Signatures should become cloud security history

cloud security, cybersecurity, Don't miss, Hot stuff, open source, RAD Security, standards, threat detection, Video /

Signatures should become cloud security history 2024-07-18 at 06:01 By Help Net Security It’s becoming evident that the legacy practice of signature-based threat detection needs to be improved for cloud security challenges. In this Help Net Security video, Jimmy Mesta, CTO at RAD Security, discusses a new proposed standard for creating behavioral fingerprints of open-source

Signatures should become cloud security history Read More »

Overlooked essentials: API security best practices

access control, Akto, API security, authentication, cybersecurity, Don't miss, Encryption, Features, Hot stuff, News, opinion, policy /

Overlooked essentials: API security best practices 2024-07-17 at 07:31 By Mirko Zorz In this Help Net Security, Ankita Gupta, CEO at Akto, discusses API security best practices, advocating for authentication protocols like OAuth 2.0 and OpenID Connect, strict HTTPS encryption, and the use of JWTs for stateless authentication. Gupta recommends role-based access control (RBAC) and

Overlooked essentials: API security best practices Read More »

Scroll to Top