News

Trustwave Unveils Six New Solutions to Unlock the Full Potential of Microsoft Security

News /

Trustwave Unveils Six New Solutions to Unlock the Full Potential of Microsoft Security 2024-06-04 at 16:01 By Trustwave has launched six new Microsoft-focused offerings that will bring clients greater security, resilience, and a higher return on their investment by helping optimize their Microsoft 365 enterprise plan to take full advantage of all of its security features. This […]

Trustwave Unveils Six New Solutions to Unlock the Full Potential of Microsoft Security Read More »

20 free cybersecurity tools you might have missed

cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, software /

20 free cybersecurity tools you might have missed 2024-06-04 at 07:31 By Help Net Security Free, open-source cybersecurity tools have become indispensable to protecting individuals, organizations, and critical infrastructure from cyber threats. These tools are created through collaborative and transparent efforts, making them affordable and accessible alternatives to proprietary software. Here, you will find a

20 free cybersecurity tools you might have missed Read More »

Security challenges mount as as companies handle thousands of APIs

API security, app, digital transformation, F5 Networks, News, report, survey /

Security challenges mount as as companies handle thousands of APIs 2024-06-04 at 06:31 By Help Net Security Modern applications are taking over enterprise portfolios, with apps classed as modern now making up 51% of the total, up by more than a quarter in the last year, according to F5. According to the 2024 edition of

Security challenges mount as as companies handle thousands of APIs Read More »

High-risk Atlassian Confluence RCE fixed, PoC available (CVE-2024-21683)

Atlassian Confluence, CVE, Don't miss, Hot stuff, News, PoC, SonicWall, vulnerability /

High-risk Atlassian Confluence RCE fixed, PoC available (CVE-2024-21683) 2024-06-03 at 12:16 By Zeljka Zorz If you’re self-hosting an Atlassian Confluence Server or Data Center installation, you should upgrade to the latest available version to fix a high-severity RCE flaw (CVE-2024-21683) for which a PoC and technical details are already public. About CVE-2024-21683 Confluence Server and

High-risk Atlassian Confluence RCE fixed, PoC available (CVE-2024-21683) Read More »

NethSecurity: Open-source Linux firewall

Don't miss, firewall, Hot stuff, Linux, News, open source, software /

NethSecurity: Open-source Linux firewall 2024-06-03 at 07:31 By Mirko Zorz NethSecurity is a free, open-source Linux firewall that simplifies network security deployment. It integrates various security features into one platform, including firewalling, intrusion detection and prevention, antivirus, multi-WAN, DNS, and content filtering. NethSecurity has an intuitive interface that delivers real-time insights and control over network

NethSecurity: Open-source Linux firewall Read More »

Businesses must prioritize digital trust to avoid major problems

digital transformation, ISACA, News, report, strategy, survey /

Businesses must prioritize digital trust to avoid major problems 2024-06-03 at 07:01 By Help Net Security As organizations pursue digital transformation, they urgently need to prioritize digital trust to achieve their goals and prepare for future market opportunities, legislation, and regulatory compliance, according to ISACA. The ISACA State of Digital Trust 2024 report finds that

Businesses must prioritize digital trust to avoid major problems Read More »

Infosec products of the month: May 2024

Abnormal Security, Adaptive Shield, Appdome, AuditBoard, Calix, Cranium, CyberArk, Cybersixgill, Dashlane, Datadog, Detectify, Eclypsium, ExtraHop, FireMon, Forcepoint, ManageEngine, News, OneTrust, OWASP, PlexTrac, Proofpoint, Secure Code Warrior, SentinelOne, Snyk, Splunk, Strike Graph, Sumo Logic, Synopsys, Trellix, Truecaller /

Infosec products of the month: May 2024 2024-06-03 at 05:46 By Help Net Security Here’s a look at the most interesting products from the past month, featuring releases from: Abnormal Security, Adaptive Shield, Appdome, AuditBoard, Calix, Cranium, CyberArk, Cybersixgill, Dashlane, Datadog, Detectify, Eclypsium, ExtraHop, FireMon, Forcepoint, ManageEngine, OneTrust, OWASP Foundation, PlexTrac, Proofpoint, Secure Code Warrior,

Infosec products of the month: May 2024 Read More »

Week in review: Attackers trying to access Check Point VPNs, NIST CSF 2.0 security metrics evolution

News, Week in review /

Week in review: Attackers trying to access Check Point VPNs, NIST CSF 2.0 security metrics evolution 2024-06-02 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: RansomLord: Open-source anti-ransomware exploit tool RansomLord is an open-source tool that automates the creation of PE files,

Week in review: Attackers trying to access Check Point VPNs, NIST CSF 2.0 security metrics evolution Read More »

Snowflake denies breach, blames data theft on poorly secured customer accounts

data breach, Don't miss, extortion, Hot stuff, Hudson Rock, Mitiga, News, Snowflake /

Snowflake denies breach, blames data theft on poorly secured customer accounts 2024-06-01 at 23:32 By Zeljka Zorz Snowflake is disputing claims made by a threat actor who stole data belonging to Santander and Ticketmaster, and maintains that the theft of customer data was the result of stolen customer login credentials. “We are aware of recent

Snowflake denies breach, blames data theft on poorly secured customer accounts Read More »

Snowflake compromised? Attackers exploit stolen credentials

credentials, data breach, data theft, Don't miss, enterprise, extortion, Hot stuff, Hudson Rock, Mitiga, News, Snowflake /

Snowflake compromised? Attackers exploit stolen credentials 2024-05-31 at 22:17 By Zeljka Zorz Have attackers compromised Snowflake or just their customers’ accounts and databases? Conflicting claims muddy the situation. What is Snowflake? Snowflake is cloud-based data storage and analytics company based in the US, and claims nearly 9,500 organizations around the world as customers. “From an

Snowflake compromised? Attackers exploit stolen credentials Read More »

25,000 individuals affected in BBC Pension Scheme data breach

data breach, Don't miss, Europe, Hot stuff, News, Privacy, UK /

25,000 individuals affected in BBC Pension Scheme data breach 2024-05-31 at 16:16 By Zeljka Zorz Personal information of current and former BBC employees has been exposed in a data breach that affected the broadcaster’s in-house pension scheme. More than 25,000 individuals have been affected, according to The Guardian. What data was exposed? “On the 21

25,000 individuals affected in BBC Pension Scheme data breach Read More »

Check Point VPN zero-day exploited since beginning of April (CVE-2024-24919)

0-day, Check Point, CISA, CVE, Don't miss, enterprise, Hot stuff, News, Rapid7, WatchTowr /

Check Point VPN zero-day exploited since beginning of April (CVE-2024-24919) 2024-05-31 at 14:32 By Zeljka Zorz Attackers have been exploiting CVE-2024-24919, a zero-day vulnerability in Check Point Security Gateways, to pinpoint and extract password hashes for local accounts, which they then used to move laterally in the target organizations’ network. “The vulnerability is particularly critical

Check Point VPN zero-day exploited since beginning of April (CVE-2024-24919) Read More »

Lack of skills and budget slow zero-trust implementation

cybersecurity, Entrust, News, report, survey, zero trust /

Lack of skills and budget slow zero-trust implementation 2024-05-31 at 07:02 By Help Net Security The risk of a cyber breach is the number one global driver for zero trust strategy implementation, according to Entrust. The 2024 State of Zero Trust & Encryption Study surveyed over 4,000 IT security practitioners worldwide. The survey shows that

Lack of skills and budget slow zero-trust implementation Read More »

Encrypted Notepad: Open-source text editor

Don't miss, Encryption, GitHub, News, open source, software /

Encrypted Notepad: Open-source text editor 2024-05-31 at 06:33 By Mirko Zorz Encrypted Notepad, an open-source text editor, ensures your files are saved and loaded encrypted with AES-256. With no ads, no network connection required, and no unnecessary features, it’s a tool that simply works. “Like the Windows Notepad app, it has no features besides text

Encrypted Notepad: Open-source text editor Read More »

New infosec products of the week: May 31, 2024

Adaptive Shield, Dashlane, Detectify, News, Truecaller /

New infosec products of the week: May 31, 2024 2024-05-31 at 06:04 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Adaptive Shield, Dashlane, Detectify, and Truecaller. Adaptive Shield unveils platform enhancements to improve SaaS security Adaptive Shield has extended the capabilities of its SaaS

New infosec products of the week: May 31, 2024 Read More »

NIST says NVD will be back on track by September 2024

CVE, Don't miss, Hot stuff, News, NIST, vulnerability assessment, vulnerability management /

NIST says NVD will be back on track by September 2024 2024-05-30 at 14:01 By Zeljka Zorz The National Institute of Standards and Technology (NIST) has awarded a contract for an unnamed company/organization to help them process incoming Common Vulnerabilities and Exposures (CVEs) for inclusion in the National Vulnerability Database (NVD), the agency has announced

NIST says NVD will be back on track by September 2024 Read More »

59% of public sector apps carry long-standing security flaws

Application Security, cybersecurity, News, report, survey, Veracode /

59% of public sector apps carry long-standing security flaws 2024-05-30 at 07:07 By Help Net Security Applications developed by public sector organizations have more security debt than those created by the private sector, according to Veracode. Security debt, defined for this report as flaws that remain unfixed for longer than a year, exists in 59%

59% of public sector apps carry long-standing security flaws Read More »

NIST unveils ARIA to evaluate and verify AI capabilities, impacts

Artificial Intelligence, cybersecurity, News, NIST /

NIST unveils ARIA to evaluate and verify AI capabilities, impacts 2024-05-30 at 06:36 By Help Net Security The National Institute of Standards and Technology (NIST) is launching a new testing, evaluation, validation and verification (TEVV) program intended to help improve understanding of artificial intelligence’s capabilities and impacts. Assessing Risks and Impacts of AI (ARIA) aims

NIST unveils ARIA to evaluate and verify AI capabilities, impacts Read More »

Identity-related incidents becoming severe, costing organizations a fortune

authentication, cybercrime, cybersecurity, identity, IDSA, News, report, social engineering, survey /

Identity-related incidents becoming severe, costing organizations a fortune 2024-05-30 at 06:09 By Help Net Security With the rise of identity sprawl and system complexity, more businesses are suffering identity-related incidents than ever before, according to IDSA. Identity-related incidents in headlines Identity-related incidents continue to dominate today’s headlines. Clorox, MGM, and Caesars fell prey to social

Identity-related incidents becoming severe, costing organizations a fortune Read More »

Scroll to Top