Secure Code Warrior announced that Netskope launched its developer training program through Secure Code Warrior’s agile learning platform. Thousands of customers trust Netskope and its powerful NewEdge network to address evolving threats, new risks, technology shifts, organizational and network changes,…
Category: Help Net Security
DNSFilter Malicious Domain Protection identifies risky domains
DNSFilter announced the addition of a new Malicious Domain Protection feature to its protective DNS software, building on its machine learning capabilities. This feature bolsters DNSFilter’s defenses providing better visibility and protection against Domain Generation Algorithms used in malware, botnet…
GuidePoint Security introduces Identity as a Service offering
GuidePoint Security announced its Identity as a Service, which will help organizations address the complex challenges of identity management by optimizing resources, enhancing user experience, and ensuring security. GuidePoint’s Identity as a Service can cover part or all aspects of…
Ivanti partners with Workato to boost operational efficiency for customers
By integrating their technologies, Ivanti Neurons for ITSM and Workato’s Embedded Platform, the two companies will enable Ivanti customers to implement integrations with a wide variety of third-party applications. Using a no-code approach, this seamless integration streamlines workflows, boosts operational…
Concentric AI expands Semantic Intelligence DSPM capabilities with audio and video data protection
Concentric AI unveiled that its Semantic Intelligence DSPM solution now offers sensitive data discovery, identification, risk monitoring, and remediation protection for audio and video files, furthering the data protection capabilities of its DSPM solution. As a result of update to…
Russian hackers target unpatched JetBrains TeamCity servers
Russian state-sponsored hackers have been exploiting CVE-2023-42793 to target unpatched, internet-facing JetBrains TeamCity servers since September 2023, US, UK and Polish cybersecurity and law enforcement authorities have warned. The targets APT 29 (aka CozyBear, aka Midnight Blizzard), believed to be…
Confirm strenghtens trust and security in online marketplaces
Confirm launched a portable digital identity solution designed to bolster trust and security in online marketplaces. Using identity protocols paired with intuitive user experiences, Confirm allows people to create a secure, verified digital ID — a ConfirmID — which they…
Attackers are trying to exploit Apache Struts vulnerability (CVE-2023-50164)
Attackers are trying to leverage public proof-of-exploit (PoC) exploit code for CVE-2023-50164, the recently patched path traversal vulnerability in Apache Struts 2. “Attackers aim to deploy webshells, with some cases targeting the parameter ‘fileFileName’ – a deviation from the original…
Cybercrime operation that sold millions of fraudulent Microsoft accounts disrupted
Microsoft disrupted an alleged threat actor group that built viable cybercrime-as-a-service (CaaS) businesses. Dubbed Storm-1152 by Microsoft, the group bilked enterprises and consumers globally out of millions of dollars. Images of Storm-1152’s illicit websites. Source: Microsoft Cybercrime-as-a-service is a model…
EMB3D Threat Model: Understand threats to embedded devices in critical infrastructure
Critical infrastructure depends on embedded devices across industries such as oil and natural gas, electric, water management, automotive, medical, satellite, autonomous systems, and unmanned aircraft systems. However, these devices often lack proper security controls and are insufficiently tested for vulnerabilities.…