Astrix Security collaborates with GuidePoint Security to secure non-human identities
Astrix Security and GuidePoint Security announced a strategic partnership to help their customers secure and manage Non-Human Identities across their corporate and production environments. With 20,000 Non-Human Identities (NHI) for every 1,000 empl.....»»
SaaS Pulse tool from Wing Security enhances SaaS security posture
Wing Security has released SaaS Pulse, a free tool for SaaS security management, offering organizations actionable insights and continuous oversight into their SaaS security posture. This free tool continuously monitors threats from issues like criti.....»»
Zyxel fixes critical command injection flaw in EOL NAS devices (CVE-2024-6342)
Users of Zyxel network-attached storage (NAS) devices are urged to implement hotfixes addressing a critical and easily exploited command injection vulnerability (CVE-2024-6342). About CVE-2024-6342 Zyxel NAS devices are generally used by small to med.....»»
Free SaaS Pulse tool from Wing Security enhances SaaS security posture
Wing Security has released SaaS Pulse, a free tool for SaaS security management, offering organizations actionable insights and continuous oversight into their SaaS security posture. This free tool continuously monitors threats from issues like criti.....»»
Huntress launches Managed SIEM, eliminating the complexity of traditional SIEMs
Huntress announces the arrival of its new Managed SIEM solution, designed to serve small—to mid-sized enterprises and their MSP allies with everything a Security Information and Event Management (SIEM) should provide and none of what makes traditio.....»»
33 open-source cybersecurity solutions you didn’t know you needed
Open-source cybersecurity tools provide transparency and flexibility, allowing users to examine and customize the source code to fit specific security needs. These tools make cybersecurity accessible to a broader range of organizations and individual.....»»
How human-led threat hunting complements automation in detecting cyber threats
In this Help Net Security interview, Shane Cox, Director, Cyber Fusion Center at MorganFranklin Consulting, discusses the evolving methodologies and strategies in threat hunting and explains how human-led approaches complement each other to form a ro.....»»
Tech stack uniformity has become a systemic vulnerability
Crashes due to faulty updates are nothing new; in fact, one reason IT teams often delay updates is their unreliability and tendency to disrupt the organization’s day-to-day operations. Zero-days are also an old phenomenon. In the past, due to a lac.....»»
Veeam Backup & Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711)
CVE-2024-40711, a critical vulnerability affecting Veeam Backup & Replication (VBR), could soon be exploited by attackers to steal enterprise data. Discovered and reported by Code WHite researcher Florian Hauser, the vulnerability can be leveraged fo.....»»
TP-Link Omada Cloud Essentials: Centralized network management and monitoring
TP-Link launched Omada Cloud Essentials, a simplified, free cloud management option designed for surveillance networks, hostels, and large homes. Omada offers a flexible cloud management architecture, including an on-premises Hardware Controller, an.....»»
Red Hat Enterprise Linux AI extends innovation across the hybrid cloud
Red Hat Enterprise Linux (RHEL) AI is Red Hat’s foundation model platform, enabling users to develop, test, and run GenAI models to power enterprise applications. The platform brings together the open source-licensed Granite LLM family and Instruct.....»»
End of an era: Security budget growth slows down
Amidst global economic and geopolitical uncertainty, markets are jittery, companies are spending frugally, and investors remain cautious, according to IANS Research and Artico Search. Security budgets are also affected by these realities with most bu.....»»
Phishing in focus: Disinformation, election and identity fraud
The frequency of phishing attacks is rising as attackers increasingly utilize AI to execute more scams than ever before. In this Help Net Security video, Abhilash Garimella, Head Of Research at Bolster, discusses how phishing scams are now being host.....»»
Best practices for implementing the Principle of Least Privilege
In this Help Net Security interview, Umaimah Khan, CEO of Opal Security, shares her insights on implementing the Principle of Least Privilege (PoLP). She discusses best practices for effective integration, benefits for operational efficiency and audi.....»»
OpenZiti: Secure, open-source networking for your applications
OpenZiti is a free, open-source project that embeds zero-trust networking principles directly into applications. Example of an OpenZiti overlay network OpenZiti features “We created OpenZiti to transform how people think about connectivity. Whi.....»»
AI cybersecurity needs to be as multi-layered as the system it’s protecting
Cybercriminals are beginning to take advantage of the new malicious options that large language models (LLMs) offer them. LLMs make it possible to upload documents with hidden instructions that are executed by connected system components. This is a b.....»»
Week in review: Vulnerability allows Yubico security keys cloning, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Vulnerability allows Yubico security keys to be cloned Researchers have unearthed a cryptographic vulnerability in popular Yubico (FIDO) hardware se.....»»
Exposed: Russian military Unit 29155 does digital sabotage, espionage
The US Department of Justice has named five Russian computer hackers as members of Unit 29155 – i.e., the 161st Specialist Training Center of the Russian General Staff Main Intelligence Directorate (GRU) – which they deem resposible for t.....»»
Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195)
For the fourth time in the last five months, Apache OFBiz users have been advised to upgrade their installations to fix a critical flaw (CVE-2024-45195) that could lead to unauthenticated remote code execution. About CVE-2024-45195 Apache OFBiz is an.....»»
Veza and HashiCorp join forces to help prevent credential exposure
Veza announced a partnership with HashiCorp to deliver an integrated solution for solving modern identity security challenges. Together, the Veza Access Platform and HashiCorp Vault empower joint customers to strengthen their identity security postur.....»»