(IN)SECURE Magazine Notifications RSS

ThreatConnect, provider of the industry’s only intelligence-driven security operations platform, announced that it has been named the winner of the “Overall Security Orchestration, Automation and Response (SOAR) Platform of the Year” award from CyberSecurity Breakthrough, a leading independent market intelligence organization that recognizes the top companies, technologies, and products in the global information security market today. CyberSecurity Breakthrough Awards recognizes the innovation, hard work, and success in a range of information security categories, including Cloud … More →

The post ThreatConnect named winner of the SOAR Platform of the Year award appeared first on Help Net Security.

Attackers have embedded crypto-mining and Metasploit code into WAV audio files to stymie threat detection solutions. “All WAV files discovered adhere to the format of a legitimate WAV file (i.e., they are all playable by a standard audio player),” Josh Lemos, VP of Research and Intelligence at BlackBerry Cylance, told Help Net Security. “One WAV file contained music with no indication of distortion or corruption and the others contained white noise. One of the WAV … More →

The post WAV files spotted delivering malicious code appeared first on Help Net Security.

In 2019, 67% of employees access their company’s information system through their personal smartphone. So far, IT security teams were facing a dilemma: manage BYOD devices to control their integrity or let them run unmanaged and risk fraudulent connections to corporate data and services. Pradeo launched a unique Secure Private Store solution that allows organizations to distribute mobile services to their collaborators (public and private apps, documents), that they can freely use under the condition … More →

The post Pradeo Secure Private Store facilitates and expands safe BYOD usage appeared first on Help Net Security.

If you thought that Adobe skipped this month’s Patch Tuesday because there were no immediate vulnerabilities to fix, you were wrong: a week later the company dropped security updates for several of its products, including Acrobat and Reader and the Download Manager. All in all, 82 security holes – most of which are critical – have been plugged. The good news is that none are under active exploitation. The updates The update for Adobe Acrobat … More →

The post Adobe splats bucketful of bugs in Acrobat and Reader appeared first on Help Net Security.

Enterprise software is only as good as its security. Today, a data breach costs $3.92 million on average. Organizations are expected to spend $124 billion on security in 2019 and will probably invest even more given the alarming rate at which cyberattacks are growing. Despite these investments, newer and more sophisticated threats are emerging every day, making the security of an enterprise’s software environment challenging – even for the most well-prepared. Fortunately, new innovations have … More →

The post Code dependency mapping’s role in securing enterprise software appeared first on Help Net Security.

When the TRITON (aka TRISIS) attack struck three refining sites in the Middle East in November of 2017, it was the first known cyber incident to target safety instrumented systems (SIS), specifically Schneider Electric’s Triconex gear. The consequences of these attacks were plant-wide shutdowns. While such shutdowns are costly, the consequences could have been far worse. Refineries rely on correctly functioning SIS equipment to prevent worker casualties and environmental disasters in the face of both … More →

The post Microsegmentation for refining safety systems appeared first on Help Net Security.

In Q2 2019, RSA Security identified 57,406 total fraud attacks worldwide. Of these, phishing attacks were the most prevalent (37%), followed by fake mobile apps (usually apps posing as those of popular brands). But while phishing went up by just 6 percent when the numbers from 1H 2019 are compared to those from 2H 2018, attacks via financial malware and rogue mobile apps have increased significantly (80 and 191 percent, respectively). “The fact that fraud … More →

The post Fake mobile app fraud tripled in first half of 2019 appeared first on Help Net Security.

77 percent of IT professionals believe their organizations could earn an edge if company leaders were more collaborative with their businesses to find shadow IT solutions, according to a survey of 1000 US-based IT professionals by Entrust Datacard. As organizations adapt to changing technologies, employees are eager to use productivity solutions that help them function more efficiently — even if these solutions are outside the company’s IT rules and processes. This is the shadow IT … More →

The post When properly managed, shadow IT can benefit your organization appeared first on Help Net Security.

While most enterprises demonstrate a committed effort towards maintaining a well-rounded PKI setup, they still fall short in several key categories. The post-Black Hat survey report generated by AppViewX indicated that the primary reason for these shortfalls resided in the fact that most certificate- and PKI-processes were bound by silos, manual workflows, and a lack of synergy between systems. For instance, nearly 50% of the respondents admitted to still relying on passwords to safeguard private … More →

The post How seriously are businesses taking their PKI security? appeared first on Help Net Security.

Consumer spending on technology is forecast to reach $1.69 trillion in 2019, an increase of 5.3% over 2018. Traditional technologies still dominate According to the latest Worldwide Semiannual Connected Consumer Spending Guide from International Data Corporation (IDC), consumer purchases of traditional and emerging technologies will remain strong over the 2019-2023 forecast period, reaching $2.06 trillion in 2023 with a five-year compound annual growth rate (CAGR) of 5.1%. Roughly three quarters of all consumer technology spending … More →

The post Consumer spending on technology forecast to reach $1.69 trillion in 2019 appeared first on Help Net Security.

Many security pros that are doing an excellent job in handling incidents find that effectively communicating the process to their management is a challenging task. Cynet addresses this gap with the IR Reporting for Management PPT template, providing an intuitive tool to report both the ongoing IR process and its conclusion. The IR for Management template enables CISOs and CIOs to communicate the key points that management cares about: assurance that the incident is under … More →

The post Download: IR Reporting for Management PPT template appeared first on Help Net Security.

Greenbone, a leading provider of vulnerability management solutions, has extended its security feed capabilities in order to detect unprotected Picture Archiving and Communication Systems (PACS) in use by medical professionals to store and share scans, x-rays and other medical images. In September 2019, Greenbone revealed that approximately 700 million images – relating to more than 24 million patient records – were exposed on the internet due to poorly secured PACS servers. Sensitive patient data requires … More →

The post Greenbone extends its security feed capabilities to detect unprotected PACS in use by medical pros appeared first on Help Net Security.

Acronis, a global leader in cyber protection, announced several new cyber protection solutions – Acronis Cyber Protect, Acronis Cyber Platform and Acronis Cyber Infrastructure – that will revolutionize how the industry solves modern data protection and cybersecurity challenges. Introduced at the inaugural Acronis Global Cyber Summit currently being held in Miami FL, Acronis’ new solutions deliver modern cyber protection capabilities to replace the legacy solutions that no longer meet modern IT challenges. The ability to … More →

The post Acronis’ integrated stack of solutions provides edge, endpoint and data center workloads protection appeared first on Help Net Security.

Eurofins Digital Testing, a global leader in end-to-end quality assurance (QA) and testing services, announced its Cybersecurity Division will offer media companies a suite of supplemental cybersecurity services to further bolster the DPP’s Committed to Security programme. Specifically, Eurofins’ CyberSecurity Framework: Media Edition provides a suite of customizable services designed to increase cybersecurity robustness across the media marketplace, by protecting the people, processes and technologies therein. The CyberSecurity Framework compliments Eurofins’ existing work as an … More →

The post Eurofins Digital Testing offers supplemental cybersecurity services to media companies appeared first on Help Net Security.

Telchemy, the leading provider of embedded analytics for voice, video, and data, announced that it has partnered with Knowi, a leader in Augmented Analytics for modern data, to offer a turnkey end-to-end IoT analytics solution that uses the Knowi Business Intelligence platform with Telchemy’s Embiot edge analytics agent. This jointly developed solution will enable organizations to combine powerful real time edge analytics with advanced cloud-based data integration, reporting and natural language queries. “Embiot analyzes complex … More →

The post Telchemy and Knowi develop end-to-end IoT analytics solution appeared first on Help Net Security.

ipoque, a Rohde & Schwarz company providing market-leading network analytics software, announced a partnership with Cardinality and Dell. R&SNet Sensor OEM, the new leading-edge software IP probe by Rohde & Schwarz, is integrated in Cardinality’s Perception platform, a big data analytics solution. With the solution running on Dell EMC PowerEdge servers, customers have access to big data and traffic analytics based on the latest processing and IP probing technologies. “This partnership brings technology leaders together … More →

The post ipoque partners with Cardinality and Dell to offer a big-data analytics solution for CSPs appeared first on Help Net Security.

Microsoft Defender, the anti-malware component of Microsoft Windows, has been equipped with a new protective feature called Tamper Protection, which should prevent malware from disabling it. The feature will be rolled out to Windows 10 users and enabled by default for home users. Enterprise administrators will be able to enable it for endpoints via Intune (the Microsoft 365 Device Management portal). About Tamper Protection “Tamper protection prevents unwanted changes to security settings on devices. With … More →

The post Tamper Protection prevents malware from disabling Microsoft Defender AV appeared first on Help Net Security.

While the definition of “smart city” is still under debate, one thing is indisputable: the technologies used to make smart cities a reality are currently acquired and deployed after very little (or even no) security testing. Cesar Cerrudo, CTO at IOActive and board member of the Securing Smart Cities initiative, says that city governments – the buyers of these technologies – often blindly trust vendors when they say that their products are secure. They ask … More →

The post “Smart city” governments should also be smart about security appeared first on Help Net Security.

As we continue on through National Cybersecurity Awareness Month (NCSAM), a time to focus on how cybersecurity is a shared responsibility that affects all Americans, one of the themes that I’ve been pondering is that of personal accountability. Years ago, I read Charles Perrow’s book, “Normal Accidents: Living with High-Risk Technologies,” which analyzes the social side of technological risk. When the book was first written in 1984, Perrow analyzed complex systems like nuclear power, aviation … More →

The post Viewing cybersecurity incidents as normal accidents appeared first on Help Net Security.

You are using Active Directory (AD) every day, every hour, every minute when you log into your device, open your emails, access an application, or share a file. But, guess what, it’s also used by hackers on a daily basis. Simply put, when attackers take control of your AD, they inherit godlike powers over your IT. Sweet. Analyzing attack vectors: How attack pathways are born Active Directory itself is a robust product that suffered few … More →

The post Product showcase: Alsid for AD appeared first on Help Net Security.