The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a binding operational directive (BOD 25-01) requiring federal civilian agencies to secure their (Microsoft) cloud environments. About the CISA BOD 25-01 directive The Implementing Secure Practices for Cloud Services directive…
Category: Help Net Security
Legit Security provides insights into the enterprise’s secrets posture
Legit Security announced enhancements to its secrets scanning product. Available as either a stand-alone product or as part of a broader ASPM platform, Legit released a new secrets dashboard for an integrated view of all findings and recovery actions taken…
Ukrainian hacker gets prison for infostealer operations
Ukrainian national Mark Sokolovsky was sentenced to 60 months in federal prison for one count of conspiracy to commit computer intrusion. According to court documents, he conspired to operate the Raccoon Infostealer as a malware-as-a-service (MaaS). Individuals who deployed Raccoon…
Netwrix 1Secure enhances protection against data and identity access risks
Netwrix released a new version of its SaaS platform, Netwrix 1Secure. The latest version builds on its existing security monitoring functionality with more robust access rights assessment and expanded security auditing capabilities to overcome the lack of control when relying…
Ataccama ONE platform enhancements accelerate enterprise data quality initiatives
Ataccama announced enhancements to the Ataccama ONE unified data trust platform v15.4 that enable customers to have confidence in using their data for business-critical decision-making. In this latest release, enhancements include augmenting its AI capabilities, streamlining user experience, and simplifying…
NetSPI introduces external attack surface management solutions
NetSPI introduced three tiers of external attack surface management (EASM) solutions, delivered through the The NetSPI Platform. The new offerings address the evolving needs of NetSPI’s global customer base, to move toward a continuous threat exposure management (CTEM) model and…
Enpass simplifies compliance and security controls for password management
Enpass added Single Sign-On (SSO) for its admin console in support for its Business Enterprise customers. Enpass integrates seamlessly with prominent Identity Providers (IDPs) such as Google Workspace, Okta, and Microsoft Entra ID, further enhancing Enpass’s approach to simplifying compliance…
Are threat feeds masking your biggest security blind spot?
Security teams that subscribe to threat feeds get lists of known malicious domains, IPs, and file signatures that they can leverage to blacklist and prevent attacks from those sources. The post Are threat feeds masking your biggest security blind spot?…
Leadership skills for managing cybersecurity during digital transformation
In this Help Net Security interview, Dan Lohrmann, CISO at Presidio, discusses the need for organizations to rethink their leadership and operational strategies and the cybersecurity risks they have to deal with during digital transformation. The post Leadership skills for…
Ransomware in 2024: New players, bigger payouts, and smarter tactics
In 2024, ransomware remained the top cybersecurity threat to organizations worldwide. New groups filled the void left by law enforcement crackdowns, targeting businesses with record-breaking ransom demands and sophisticated tactics. In this article, you will find excerpts from ransomware surveys…