While the threat landscape continues to shift and evolve, attackers’ motivations do not, according to a Red Canary report. The classic tools and techniques adversaries deploy remain consistent–with some notable exceptions. The report tracked MITRE ATT&CK techniques that adversaries abuse…
Tag: Help Net Security
90% of exposed secrets on GitHub remain active for at least five days
12.8 million new secrets occurrences were leaked publicly on GitHub in 2023, +28% compared to 2022, according to GitGuardian. Remarkably, the incidence of publicly exposed secrets has quadrupled since the company started reporting in 2021. Companies need to manage sensitive…
Human risk factors remain outside of cybersecurity pros’ control
Cyber threats are growing at an unprecedented pace, and the year ahead is fraught with cybercrime and incidents anticipated ahead of the busy election year where over 50 countries head to the polls, according to Mimecast. With new threats like…
AI and the future of corporate security
In this Help Net Security video, Tracy Reinhold, CSO at Everbridge, discusses why AI technology must be embraced while also exploring some guardrails that must be in place to protect organizations against threats using AI to penetrate facilities. The post…
New infosec products of the week: March 15, 2024
Here’s a look at the most interesting products from the past week, featuring releases from AuditBoard, Cynerio, DataDome, Regula, and Tenable. AuditBoard unveils AI, analytics, and annotation capabilities to deliver more timely insights AuditBoard revealed new AI, analytics, and annotation…
Halo Security Dark Web Monitoring identifies and mitigates potential exposures
Halo Security intoduced its new Dark Web Monitoring feature. This addition further enhances the company’s external security platform, allowing security teams to gain insights into potential threats originating from the dark web. With the new Dark Web Monitoring feature, security…
Critical FortiClient EMS vulnerability fixed, (fake?) PoC for sale (CVE-2023-48788)
A recently fixed SQL injection vulnerability (CVE-2023-48788) in Fortinet’s FortiClient Endpoint Management Server (EMS) solution has apparently piqued the interest of many: Horizon3’s Attack Team means to publish technical details and a proof-of-concept exploit for it next week, and someone…
Perception Point GPThreat Hunter allows cybersecurity experts to focus on in-depth investigations
Perception Point launched its latest innovation, GPThreat Hunter, an addition to the company’s comprehensive security stack. Leveraging the capabilities of OpenAI’s GPT-4 model, GPThreat Hunterre presents a significant leap forward in Perception Point’s ability to autonomously resolve complex security cases…
Cado Security enables organizations to investigate and respond to potential M365 threats
Cado Security announced that the Cado platform now enables customers to acquire Microsoft 365 Unified Audit Log (UAL) to help investigate and respond to Microsoft 365 compromises such as business email compromise (BEC), account takeover (ATO), and insider threats. With…
QuProtect Core Security secures Cisco routers against quantum threats
QuSecure unveiled QuProtect Core Security, a product designed to fortify existing Cisco router-to-router communications against emerging quantum threats. Leveraging advanced crypto-agile post-quantum cryptography, QuProtect Core Security offers a seamless and robust security layer, delivering protection for critical network infrastructures for…