Russia-backed ATP group Sandworm is behind the cyberattack that caused disruption of parts of the Ukrainian power grid in late 2022, according to Mandiant. About Sandworm “Sandworm is a threat actor that has carried out cyber operations in support of…
Tag: Help Net Security
Akamai and Deloitte partner for zero trust and incident response services
Akamai and Deloitte have announced a strategic alliance to provide zero trust microsegmentation and incident response services to Deloitte customers worldwide. This alliance will combine Deloitte’s expertise in cybersecurity, network forensics, and security with the Akamai Guardicore Segmentation solution. This…
YesWeHack unveils Attack Surface Management product that unifies offensive security testing
YesWeHack has unveiled an Attack Surface Management (ASM) product that enables clients to orchestrate their offensive security and vulnerability remediation strategy through a risk-based approach. The new product continuously maps an organisation’s internet-exposed assets, detects their possible exposure to known…
GitLab updates Duo to enhance security and efficiency throughout SDLC
GitLab has unveiled updates to GitLab Duo, the company’s suite of AI capabilities, including the beta of GitLab Duo Chat available in the GitLab 16.6 November product release, and the general availability of GitLab Duo Code Suggestions in the GitLab…
MOVEit hackers leverage new zero-day bug to breach organizations (CVE-2023-47246)
A critical zero-day vulnerability (CVE-2023-47246) in the SysAid IT support and management software solution is being exploited by Lace Tempest, a ransomware affiliate known for deploying Cl0p ransomware. Lace Tempest has previously exploited zero-day vulnerability (CVE-2023-34362) in Progress Software’s MOVEit…
NetRise Trace utilizes AI to Identify compromised software assets
NetRise has released Trace in the NetRise platform. This new solution allows users to identify and validate compromised and vulnerable third-party and proprietary software assets using AI-powered semantic search for the first time. Trace revolutionizes vulnerability detection and validation by…
ManageEngine Endpoint Central MSP Cloud automates everyday management and security tasks
ManageEngine launched Endpoint Central MSP Cloud, which brings the advantages of the cloud’s scalability, flexibility, and efficiency to the remote monitoring and management (RMM) of endpoints for MSPs. The launch also completes the first stage of the company’s vision for…
Ivanti and Securin join forces to protect customers against cyber threats
Ivanti announced its partnership with a provider of tech-enabled cybersecurity solutions, Securin. Fueled by data from Securin’s Vulnerability Intelligence (VI), Ivanti Neurons for Vulnerability Knowledge Base provides authoritative, near-real-time vulnerability threat intelligence so security experts can expedite vulnerability assessments and…
SnapAttack extends collaboration with Mandiant to optimize threat detection for organizations
SnapAttack announced an expanded partnership with Mandiant, part of Google Cloud, to extend operationalized threat intelligence to organizations of all sizes. Building on its current API integrations, the new endeavor will bring Mandiant’s threat intelligence to customers directly in the…
Open-source vulnerability disclosure: Exploitable weak spots
Flaws in the vulnerability disclosure process of open-source projects could be exploited by attackers to harvest the information needed to launch attacks before patches are made available, Aqua Security researchers worry. The risk arises from “half-day” and “0.75-day” vulnerabilities “Half-day”…