ESET investigated suspicious activity on the network of a trade group in the United States that operates in the financial sector. While helping the affected entity remediate the compromise, they made an unexpected discovery in the victim’s system: malicious tools…
Category: Help Net Security
DeRISK Quantified Vulnerability Management evaluates cyber risks using business-level metrics
DeNexus announced an innovative enhancement to its cyber risk management flagship solution DeRISK. The new DeRISK Quantified Vulnerability Management leverages advanced AI techniques to automatically and continuously mapping common vulnerabilities and exposures, or CVEs, to potential financial impacts, providing insights…
If you think you’re immune to phishing attempts, you’re wrong!
Security consultant Troy Hunt, the creator of the Have I Been Pwned (HIBP) service, has revealed that he got tricked by a clever phishing email, and that the attacker gained access to his Mailchimp account and stole a list of…
Whitepaper: Voice of Security 2025
Discover insights from 900 security leaders across the globe in IDC’s Voice of Security 2025 survey, sponsored by Tines in partnership with AWS. Understand the biggest challenges facing security teams today, and how they can stay ahead of the curve…
Concentric AI’s UBDA feature identifies unusual user activity
Concentric AI announced new, context-driven behavior analytics capabilities in its Semantic Intelligence data security governance platform, enabling organizations to identify abnormal activity at the user level. The company has also added new integrations with Google Cloud Storage, Azure Data Lake,…
Blumira introduces Microsoft 365 threat response feature
Blumira launched Microsoft 365 (M365) threat response feature to help organizations contain security threats faster by enabling direct user lockout and session revocation within M365, Azure and Entra environments. The new threat response feature integrates seamlessly with M365 environments through…
Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783)
Google is in the process of rolling out Chrome v134.0.6998.178 to Windows users to fix CVE-2025-2783, a zero-day vulnerability that allowed attackers to to bypass Chrome sandbox protections. The vulnerability was flagged by Kaspersky researchers, who discovered it being exploited…
Chainguard VMs reduces risk and engineering complexity
Chainguard announced Chainguard VMs, a new product line offering minimal, zero-CVE virtual machine images built entirely from source. Purpose-built for modern, ephemeral workloads in the cloud, Chainguard VMs represent a stark contrast to the legacy, general-purpose VMs that dominate the…
Sumsub launches Reusable Digital Identity product suite
Sumsub is launching its Reusable Digital Identity product suite. It will mitigate repetitive verification and redundant Know Your Customer (KYC) checks that negatively impact user experience and conversion rates for businesses. The new offerings are set to reduce applicant onboarding…
BrowserStack Private Devices helps organizations comply with stringent security requirements
BrowserStack launched Private Devices, expanding its enterprise portfolio to address the specialized testing needs of organizations with stringent security requirements. Private Devices offers exclusive access to customized real devices housed in secure data centers, enabling persistent configurations and advanced testing…