Network security tops infrastructure investments
Network security is both the top challenge and the top investment priority for enterprise IT leaders, according to ISG. Network security challenges 60% of respondents to the ISG survey on network modernization ranked network security among their top.....»»
"Fight is coming": UAW, VW brace for start of bargaining
Profit sharing, COLA, retirement security, affordable health care and the elimination of tiers appear to be the UAW's focus points for bargaining with VW......»»
Compliance frameworks and GenAI: The Wild West of security standards
In this Help Net Security interview, Kristian Kamber, CEO at SplxAI, discusses how security challenges for GenAI differ from traditional software. Unlike predictable software, GenAI introduces dynamic, evolving threats, requiring new strategies for d.....»»
eBook: Navigating compliance with a security-first approach
As cyberattacks escalate, more regulations are being introduced to help protect organizations and their customers’ data. This has resulted in a complex web of legislation with which companies in the private sector must comply. It can be challenging.....»»
The ripple effects of regulatory actions on CISO reporting
In this Help Net Security video, Sara Behar, Content Manager at YL Ventures, discusses how recent regulatory actions and high-profile legal incidents involving cybersecurity leaders have influenced CISO reporting. In a recent report of the CISO Circu.....»»
"Fight is coming:" UAW, VW brace for start of bargaining
Profit sharing, COLA, retirement security, affordable health care and the elimination of tiers appear to be the UAW's focus points for bargaining with VW......»»
Windows is still making changes to prevent another CrowdStrike-type disaster
After what happened with CrowdStrike, Microsoft wants to ensure that the incident doesn't repeat itself by making some important changes to its security......»»
GAZEploit could work out Vision Pro user passwords from watching their avatars [Fixed]
Security researchers came up with a pretty wild Vision Pro exploit. Dubbed GAZEploit, it’s a method of working out the passwords of Vision Pro users by watching the eye movements of their avatars during video calls. They’ve put together a YouT.....»»
Nudge Security unveils SSPM capabilities to strengthen SaaS security
Nudge Security unveiled new SSPM (SaaS security posture management) capabilities for its SaaS security and governance platform. This enhancement creates the industry’s most comprehensive solution of its kind, combining SaaS discovery, security.....»»
Aging, overworked and underfunded: NASA faces a dire future, according to experts
Aging infrastructure, short-term thinking, and ambitions that far outstrip its funding are just a few of the problems threatening the future of America's vaunted civil space agency, according to the National Academies of Sciences, Engineering, and Me.....»»
Organizations still don’t know how to handle non-human identities
Organizations are grappling with their current NHI (non-human identities) security strategies, according to Cloud Security Alliance and Astrix Security. The high volume of NHIs significantly amplifies the security challenges organizations face. Each.....»»
Security measures fail to keep up with rising email attacks
Organizations must reassess their email security posture as incidents continue to escalate, leading to financial losses. Key findings reveal a significant increase in email attacks, with many successfully bypassing standard security protocols and tar.....»»
How to make Infrastructure as Code secure by default
Infrastructure as Code (IaC) has become a widely adopted practice in modern DevOps, automating the management and provisioning of technology infrastructure through machine-readable definition files. What can we to do make IaC secure by default? Secur.....»»
Self-driving tech spurs investment rebound in mobility sector
Investments in the mobility sector are perking up after a rough multi-year stretch, according to the latest data from financial insights firm Pitchbook. Deal vaues reached $6.7 billion in the second quarter in the segment......»»
New infosec products of the week: September 13, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Druva, Huntress, Ketch, LOKKER, Tenable, Trellix, and Wing Security. Tenable AI Aware provides exposure insight into AI applications, libraries and plugins T.....»»
Adobe Acrobat Reader has a serious security flaw — so patch now
A bug allows threat actors to launch malicious code on Acrobat Reader remotely, and it's already being used in the wild......»»
Neural network improves tunable diode laser absorption spectroscopy quantification accuracy
A research group from the Hefei Institutes of Physical Science (HFIPS) of the Chinese Academy of Sciences recently developed a neural network-based absorbance recovery method to improve the accuracy of single path tunable diode laser absorption spect.....»»
GAZEploit can work out Vision Pro user passwords from watching their avatars
Security researchers have come up with a pretty wild Vision Pro exploit. Dubbed GAZEploit, it’s a method of working out the passwords of Vision Pro users by watching the eye movements of their avatars during video calls. They’ve put together a.....»»
Dru Investigate simplifies cyber investigations and helps users uncover data threats
Druva launched Dru Investigate, a gen AI-powered tool that guides data security investigations using a natural language interface. With Dru Investigate, users across IT, security, legal, and privacy teams can swiftly identify and mitigate data risks,.....»»
Adobe completes fix for Reader bug with known PoC exploit (CVE-2024-41869)
Among the security updates released by Adobe on Tuesday are those for various versions of Adobe Acrobat and Reader, which fix two critical flaws that could lead to arbitrary code execution: CVE-2024-45112 and CVE-2024-41869. Nothing in the advisory p.....»»
NETSCOUT enhances Omnis Cyber Intelligence platform with MITRE ATT&CK behavioral analytics
NETSCOUT announced updates to its advanced, scalable deep packet inspection-based Omnis Cyber Intelligence Network Detection and Response (NDR) platform. New MITRE ATT&CK behavioral analytics enable earlier detection of advanced threats like ransomwa.....»»