Veeam Software has expanded its relationship with Microsoft. Veeam is making it easier for customers to protect Microsoft 365 with Cirrus by Veeam which brings the ease and flexibility of Backup-as-a-Service (BaaS) for Microsoft 365. Utilizing the power and reliability…
Tag: Help Net Security
SAFE Materiality Assessment Module identifies top cyber risk scenarios
Safe Security announced its new SAFE Materiality Assessment Module, enabling security and risk leaders to achieve SEC compliance by estimating and tracking materiality of cyber incidents. Safe Security’s materiality module is based on the fully tunable Factor Analysis of Information…
Drata unveils Third-Party Risk Management offering to help security teams identify risks
Drata announced its Third-Party Risk Management (TPRM) offering, empowering customers to identify, evaluate, and monitor third-party risks in one centralized and integrated platform. Third-party risk has become a critical element of a strong governance, risk, and compliance (GRC) program, especially…
Attackers abuse OAuth apps to initiate large-scale cryptomining and spam campaigns
Attackers are compromising high-privilege Microsoft accounts and abusing OAuth applications to launch a variety of financially-motivated attacks. Abusing OAuth applications OAuth is an open standard authentication protocol that uses tokens to grant applications access to server resources without having to…
EOL Sophos firewalls get hotfix for old but still exploited vulnerability (CVE-2022-3236)
Over a year has passed since Sophos delivered patches for a vulnerability affecting Sophos Firewalls (CVE-2022-3236) that was being actively exploited by attackers, and now they have pushed additional ones to protect vulnerable EOL devices. “In December 2023, we delivered…
Which cybersecurity controls are organizations struggling with?
How are organizations performing across cybersecurity controls in the Minimum Viable Secure Product (MVSP) framework? A recent analysis by Bitsight and Google reveals some good and some bad results – and room for improvement. What is MVSP? Minimum Viable Secure…
Shifting data protection regulations show why businesses must put privacy at their core
Like it or not, data protection will be one of the biggest issues organizations face in 2024. Knowing where to focus compliance efforts will be tricky, with more and more state-level privacy laws becoming effective in the US, creating a…
A closer look at LATMA, the open-source lateral movement detection tool
In this Help Net Security video, Gal Sadeh, Head of Data and Security Research at Silverfort, discusses LATMA, a free, open-source tool. It’s engineered with advanced algorithms to track and report any unusual activity within an environment. The tool consists…
ThreatNG open-source datasets aim to improve cybersecurity practices
The ThreatNG Governance and Compliance Dataset is an open-source initiative that aims to democratize access to critical data, fostering transparency, collaboration, and improvement of cybersecurity practices globally. Datasets for organizational insight The open-source datasets offered by ThreatNG provide an understanding…
Guide: Application security posture management deep dive
Distinguishing real, business-critical application risks is more challenging than ever. A siloed, ad hoc approach to AppSec generates noisy false positives that overwhelm under-resourced security teams. You need a multidimensional approach that leverages deep context to continuously map, programmatically prioritize,…