Critical zero-day vulnerability in MOVEit Transfer exploited by attackers!
A critical zero-day vulnerability in Progress Software’s enterprise managed file transfer solution MOVEit Transfer is being exploited by attackers to grab corporate data. “[The vulnerability] could lead to escalated privileges and potenti.....»»
Nozomi and Cynalytica team to deliver security solutions to OT & IoT environments
Nozomi Networks and Cynalytica have unveiled they have partnered to provide a visibility, monitoring and threat detection solution that encompasses both TCP/IP-based and non-IP based serial bus and analog connections found in OT and IoT environments......»»
Zyxel firewalls under attack by Mirai-like botnet
CVE-2023-28771, the critical command injection vulnerability affecting many Zyxel firewalls, is being actively exploited by a Mirai-like botnet, and has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog. About CVE-2023-28771 CV.....»»
Resecurity appoints Shawn Loveland as COO
Resecurity announced the appointment of Shawn Loveland as its Chief Operating Officer (COO). With an impressive track record of over 35 years in technology and cybersecurity, Mr. Loveland brings extensive experience and expertise to the Resecurity te.....»»
Syxsense partners with VLCM to provide customers with endpoint security and management solutions
Syxsense announced a partnership with VLCM, an IT solutions and services provider focused on meeting customer needs for cybersecurity, networking, cloud, big data, and more. VLCM is one of Syxsense’s platinum channel partners and offers Syxsense Ma.....»»
Threat actors can exfiltrate data from Google Drive without leaving a trace
Google Workspace (formerly G Suite) has a weak spot that can prevent the discovery of data exfiltration from Google Drive by a malicious outsider or insider, Mitiga researchers say. A problem for digital forensic analysts and incident responders R.....»»
Stellar Cyber integrates with Amazon Security Lake to boost data processing and threat detection
Stellar Cyber announced support for the Amazon Security Lake from Amazon Web Services (AWS). Organizations using the Stellar Cyber Open XDR Platform and AWS can directly ingest data from the Amazon Security Lake into Stellar Cyber, automatically enab.....»»
Safe Security unveils Cyber Risk Cloud of Clouds platform
Safe Security announced Cyber Risk Cloud of Clouds for predicting and preventing cyber breaches. In contrast to the rest of the industry that takes a reactive approach, SAFE’s Cyber Risk Cloud of Clouds enables organizations to make informed an.....»»
Code42 names Wayne Jackson to its Board of Directors
Code42 Software has announced the appointment of Wayne Jackson to its board of directors. Jackson boasts an impressive career in enterprise security software and currently serves as the CEO of Sonatype. “We are pleased to welcome Wayne Jackson to C.....»»
Navigating cybersecurity in the age of remote work
In this Help Net Security interview, Jay Chaudhry, CEO at Zscaler, talks about connecting and securing remote employees and their devices to access organizational resources from any location. He discusses the potential risks of remote VPN access, the.....»»
Why organizations should adopt a cloud cybersecurity framework
The cloud is the future of enterprise architecture. It’s economical (to a degree), it’s scalable, it’s flexible and – best of all – it’s someone else’s responsibility. Again, to a point. That’s because the cloud comes with its.....»»
Infosec products of the month: May 2023
Here’s a look at the most interesting products from the past month, featuring releases from: Aqua Security, Axiado, Bitwarden, Cloudflare, ComplyAdvantage, Dashlane, Delinea, Enzoic, Feedzai, Immersive Labs, Intruder, Nebulon, NETSCOUT, Neurotechno.....»»
Phishing campaigns thrive as evasive tactics outsmart conventional detection
A 25% increase in the use of phishing kits has been recorded in 2022, according to Group-IB. The key phishing trends observed are the increasing use of access control and advanced detection evasion techniques. The rise in evasive tactics, such as ant.....»»
Fighting ransomware: Perspectives from cybersecurity professionals
Ransomware has become an ever-present threat to individuals, businesses, and even entire nations. In this Help Net Security round-up, we present parts of previously recorded videos from experts in the field that shed light on the pressing ransomware.....»»
Disaster recovery challenges enterprise CISOs face
An essential aspect of organizational operations is effectively responding to and returning from a disruptive event, commonly called disaster recovery. The primary objective of DR techniques is to restore the utilization of crucial systems and IT inf.....»»
Bitdefender GravityZone Security for Mobile provides protection against mobile attack vectors
Bitdefender unveiled GravityZone Security for Mobile, designed to provide organizations with advanced Mobile Threat Detection (MTD) and security for Android, iOS and Chromebook devices, including Chrome extensions. The new offering helps enterprises,.....»»
Rezilion Smart Fix improves software supply chain security
Rezilion released its new Smart Fix feature in the Rezilion platform, which offers critical guidance so users can understand the most strategic, not just the most recent, upgrade to fix vulnerable components. Patching is a complicated and noisy proce.....»»
PingSafe helps organizations securely deploy containers with KSPM module
PingSafe launched KSPM module to provide an end-to-end security solution that encompasses the entire container lifecycle, from development to production, helping organizations securely navigate the dynamic landscape of container orchestration. By tig.....»»
ConnectSecure enhances its cybersecurity platform with deep attack surface scanning and EPSS
ConnectSecure is adding deep attack surface scanning and the Exploit Prediction Scoring System (EPSS) to its cybersecurity platform for managed service providers (MSPs) that protect small and midsize businesses. The new capabilities will be fully int.....»»
Someone is roping Apache NiFi servers into a cryptomining botnet
If you’re running an Apache NiFi instance exposed on the internet and you have not secured access to it, the underlying host may already be covertly cryptomining on someone else’s behalf. The attack Indicators of the ongoing campaign were.....»»