In a significant stride towards enhancing network security, BackBox introduces Zero Trust Network Operations (ZTNO). This offering is a best practice framework with six actionable pillars to automate cybersecurity considerations at the network layer for NetOps teams. To simplify ZTNO…
Category: Help Net Security
Threat actor used Vimeo, Ars Technica to serve second-stage malware
A financially motivated threat actor tracked as UNC4990 is using booby-trapped USB storage devices and malicious payloads hosted on popular websites such as Ars Technica, Vimeo, GitHub and GitLab to surreptitiously deliver malware. Another interesting detail about UNC4990 it’s mostly…
Protect AI acquires Laiyer AI to extend company’s AI/ML security capabilities
Protect AI announced it has acquired Laiyer AI. With the acquisition, Protect AI will be offering a commercial version of Laiyer AI’s open source LLM Guard with expanded features, capabilities, and integrations within the Protect AI platform. LLM Guard is…
Zero trust implementation: Plan, then execute, one step at a time
82% of cybersecurity professionals have been working on implementing zero trust last year, and 16% should be on it by the end of this year. The challenges of zero trust implementation You’ve probably heard it before: zero trust is not…
Custom rules in security tools can be a game changer for vulnerability detection
In this Help Net interview, Isaac Evans, CEO at Semgrep, discusses the balance between speed and thoroughness in CI/CD pipeline security scanning. Stressing the need to avoid slowing down the process, he recommends a nuanced approach, utilizing custom rules to…
CVEMap: Open-source tool to query, browse and search CVEs
CVEMap is an open-source command-line interface (CLI) tool that allows you to explore Common Vulnerabilities and Exposures (CVEs). It’s designed to offer a streamlined and user-friendly interface for navigating vulnerability databases. Although CVEs are crucial for pinpointing and discussing security…
Payment fraud is hitting organizations harder than ever before
96% of US companies were targeted with at least one fraud attempt in the past year, according to Trustpair. 83% of US companies saw an increase in cyber fraud attempts on their organization in the past year. Fraudsters primarily used…
Unpacking the challenges of AI cybersecurity
As organizations handle increasing amounts of data daily, AI offers advanced capabilities that would be harder to achieve with traditional methods. In this Help Net Security video, Tyler Young, CISO at BigID, explores AI’s challenges, triumphs, and future in cybersecurity.…
Infosec products of the month: January 2024
Here’s a look at the most interesting products from the past month, featuring releases from: 1Kosmos, Atakama, Critical Start, Dasera, ID R&D, Living Security, Onfido, Regula, Searchlight Cyber, Seceon, Skopenow, Skyhigh Security, SpecterOps, Veriti, and Wing Security. SpecterOps adds new…
Vade uses generative AI to enhance spear-phishing detection
Vade announced that it has pioneered a new method that improves the confidence of its spear-phishing detection engine. The enhancement, designed to combat advanced threats including those produced by generative AI, leverages threat samples created by artificial technology and human…