ESET researchers have identified a vulnerability (CVE-2024-7344) impacting most UEFI-based systems, which allows attackers to bypass UEFI Secure Boot. The issue was found in a UEFI application signed with Microsoft’s “Microsoft Corporation UEFI CA 2011” third-party certificate. Exploiting this vulnerability…
Category: Help Net Security
HarvestIQ.ai provides actionable insights for cybersecurity professionals
IT-Harvest launched HarvestIQ.ai, a platform featuring two AI assistants designed to redefine how professionals navigate the cybersecurity landscape. The Analyst AI provides access to IT-Harvest’s comprehensive database of 4,070 cybersecurity vendors, offering users instant insights into market players, trends, and…
Cisco AI Defense safeguards against the misuse of AI tools
Cisco announced Cisco AI Defense, a pioneering solution to enable and safeguard AI transformation within enterprises. As AI technology advances, new safety concerns and security threats are emerging at an unprecedented speed which existing security solutions are unprepared to protect…
Regula enhances Document Reader SDK with full support for Digital Travel Credentials
Regula has updated its Regula Document Reader SDK. Now, the software fully supports the new Digital Travel Credential (DTC) format, aligned with the International Civil Aviation Organization (ICAO) standards. This enhancement enables governments, airlines, and border control authorities worldwide to…
Webinar: Amplifying SIEM with AI-driven NDR for IT/OT convergence
Join cybersecurity leader Erwin Eimers from Sumitomo Chemicals Americas to explore how AI-driven Network Detection and Response (NDR) enhances SIEM capabilities, bridging critical visibility gaps in converged IT/OT environments. Learn how NDR provides enriched telemetry, real-time insights, and faster threat…
Red Hat Connectivity Link enhances security across multiple layers of application infrastructure
Red Hat introduced Red Hat Connectivity Link, a hybrid multicloud application connectivity solution that provides a modern approach to connecting disparate applications and infrastructure. Red Hat Connectivity Link integrates advanced traffic management, policy enforcement and role-based access control (RBAC) directly…
Entrust PKI Hub streamlines PKI, certificate lifecycle management, and automation
Entrust launched PKI Hub, providing enterprise visibility, management, and automation for cryptographic assets in an all-in-one, container-based virtual appliance that can be simply deployed at scale in the cloud or on-premises. Entrust PKI Hub is a comprehensive, high-performance solution comprised…
A humble proposal: The InfoSec CIA triad should be expanded
The inconsistent and incomplete definitions of essential properties in information security create confusion within the InfoSec community, gaps in security controls, and may elevate the costs of incidents. In this article, I will analyze the CIA triad, point out its…
How CISOs can elevate cybersecurity in boardroom discussions
Ross Young is the CISO in residence at Team8 and the creator of the OWASP Threat and Safeguard Matrix (TaSM). In this interview, he shares his perspective on how cybersecurity professionals can tailor their presentations to the board, aligning security…
Critical vulnerabilities remain unresolved due to prioritization gaps
Fragmented data from multiple scanners, siloed risk scoring and poor cross-team collaboration are leaving organizations increasingly exposed to breaches, compliance failures and costly penalties, according to Swimlane. The relentless surge of vulnerabilities is pushing security teams to their limits, forcing…