OAuth apps have become prominent in several attack groups’ TTPs in recent years. OAuth apps are used for every part of the attack process. In this Help Net Security video, Tal Skverer, Research Team Lead at Astrix Security, shares insights…
Tag: Help Net Security
Securiti AI enables organizations to safely use AI
Securiti AI released AI Security & Governance offering, providing a solution to enable safe adoption of AI. It combines comprehensive AI discovery, AI risk ratings, Data+AI mapping and advanced Data+AI security & privacy controls, helping organizations adhere to global standards…
Qualys TotalCloud 2.0 measures cyber risk in cloud and SaaS apps
Qualys unveiled TotalCloud 2.0. This significant upgrade to Qualys’ AI-powered cloud native application protection platform (CNAPP) delivers a single prioritized view of cloud risk and is the first to extend its protection to SaaS applications. The shift toward multi-cloud and…
Chinese hackers breached Dutch Ministry of Defense
Chinese state-sponsored hackers have breached the Dutch Ministry of Defense (MOD) last year and deployed a new remote access trojan (RAT) malware to serve as a backdoor. “The effects of the intrusion were limited because the victim network was segmented…
SolarWinds offers complete hybrid visibility across on-premises and cloud networks
SolarWinds announced enhancements to its SaaS-based and self-hosted, on-premises observability solutions built to monitor and observe complex, distributed environments from anywhere. The AI-powered enhancements enable teams to manage on-prem, hybrid, or cloud-native ecosystems with full-stack visibility across networks, infrastructure, databases,…
The fight against commercial spyware misuse is heating up
Though there are organizations out there investigating how commercial spyware is misused to target journalists, human rights defenders and dissidents, the growing market related to the development and sale of this type of software and the exploits used to deploy…
OneTrust launches Data Privacy Maturity Model
OneTrust introduced Data Privacy Maturity Model. The model provides privacy, security, marketing, and data teams with the resources to transform their privacy programs from tactical compliance initiatives that mitigate risk, to strategic customer trust imperatives that unlock the value of…
DynaRisk Cyber Intelligence Data Lake enhances the accuracy of data breach predictions
DynaRisk launched Cyber Intelligence Data Lake. This major feature upgrade propels the company’s capabilities in preventing and predicting hacker activity. DynaRisk’s Cyber Intelligence Data Lake is a leap forward in the cyber risk management landscape, offering next-generation intelligence quickly and…
Entrust in final talks to acquire Onfido
Entrust has entered into exclusive discussions to acquire Onfido. With this contemplated acquisition, Entrust would add a compliant AI/ML-based biometric and document IDV tech stack to its portfolio of identity solutions. Additionally, Entrust would have the opportunity to advance the…
Ivanti Connect Secure flaw massively exploited by attackers (CVE-2024-21893)
CVE-2024-21893, a server-side request forgery (SSRF) vulnerability affecting Ivanti Connect Secure VPN gateways and Policy Secure (a network access control solution), is being exploited by attackers. About CVE-2024-21893 CVE-2024-21893 allows a attackers to bypass authentication requirements and access certain restricted…