(IN)SECURE Magazine Notifications RSS

GitHub, the world’s largest open source code repository and leading software development platform, has launched GitHub Security Lab. “Our team will lead by example, dedicating full-time resources to finding and reporting vulnerabilities in critical open source projects,” said Jamie Cool, VP of Product Management, Security at GitHub. GitHub Security Lab GitHub Security Lab is a program aimed at researchers, maintainers, and companies that want to contribute to the overall security of open source software. Current … More →

The post GitHub Security Lab aims to make open source software more secure appeared first on Help Net Security.

Ransomware tries to slip unnoticed past security controls by abusing trusted and legitimate processes, and then harnesses internal systems to encrypt the maximum number of files and disable backup and recovery processes before an IT security team catches up, according to a new Sophos report. Main modes of distribution for the major ransomware families Ransomware is typically distributed in one of three ways: as a cryptoworm, which replicates itself rapidly to other computers for maximum … More →

The post Attack tools and techniques used by major ransomware families appeared first on Help Net Security.

Sysdig Secure 3.0 provides enterprises with threat prevention at runtime Sysdig Secure 3.0 includes an incident response and audit tool for Kubernetes, giving enterprises the ability to reconstruct historical system activity. Enabling these capabilities are three new features: Kubernetes Policy Advisor, Falco Tuning, and Activity Audit. Jamf unveils Jamf Protect, an enterprise Mac endpoint protection solution Jamf Protect leverages native Apple security tools and on-device analysis of macOS activity to create customized telemetry that gives … More →

The post New infosec products of the week: November 15, 2019 appeared first on Help Net Security.

Organizations reported an average 32% reduction in threat responder workload when they deployed a managed SIEM solution, according to CenturyLink and IDG. Improve incident response The research shows security leaders are turning to managed security services to help augment limited internal resources and bridge the security technology gap. “Security is an inherent ingredient in networking today; however, limited resources and budget constraints make it difficult for companies to develop with their own staff,” says Chris … More →

The post To improve incident response, you need to consider 3rd party solutions appeared first on Help Net Security.

Enterprises plan to aggressively shift investment to hybrid cloud architectures, with respondents reporting steady and substantial hybrid deployment plans over the next five years, according to a Nutanix survey. Hybrid cloud as the ideal IT operating model The vast majority of 2019 survey respondents (85%) selected hybrid cloud as their ideal IT operating model. Vanson Bourne surveyed 2,650 IT decision-makers in 24 countries around the world about where they’re running their business applications today, where … More →

The post IT professionals deem hybrid cloud as most secure appeared first on Help Net Security.

Fears of data loss, identity theft and fraud are leaving American consumers on edge this holiday season, and they’re prepared to hold their financial institution responsible for the damages. This is according to a new study released by Terbium Labs, which found that 68 percent of shoppers would hold their bank at least partly responsible for fraudulent activity, regardless of how the compromise occurred. The blame game Americans are on high alert heading into the … More →

The post Evaluating cyber risk during the holiday season appeared first on Help Net Security.

Mainstream adoption of disruptive technologies in 2020 will finally see data, automation and IoT technologies come together to create connected cities and societies, NTT predicts. The company predicts that 2020 will finally see all the hype words of the past decade come together to create completely connected environments that are capable of running themselves autonomously to build more intelligent cities, workplaces and businesses – and on a secure basis. Data, AI and secure by design … More →

The post Disruptive technology predictions: 2020 will see the creation of completely connected environments appeared first on Help Net Security.

HiveIO released version 7.4 of Hive Fabric, an Artificial Intelligence (AI) ready solution that enables organizations to deploy virtualization technology without vendor complexity or the need for specialists. The latest software release provides Hive Fabric users with increased security and efficiency-enhancing integrations, furthering operational-focused capabilities and removing overhead associated with the day-to-day support of virtualization. “Technology should be transformative. We want to enable customers to focus on innovating for their business, not supporting its infrastructure,” … More →

The post HiveIO Hive Fabric 7.4: Deploy virtualization technology without vendor complexity appeared first on Help Net Security.

MITRE Engenuity, a tech foundation for public good, announced the Center for Threat-Informed Defense, a collaboration with industry to improve cyber defense at scale through collaborative research and development. Founding Research Partners are AttackIQ, Bank of America, HCA Healthcare, and JPMorgan Chase. Founding Research Sponsors are American Express, Booz Allen Hamilton, Citi, Fujitsu, Microsoft, Red Canary, Siemens, and US Bank. The Cyber Threat Alliance joins as a founding non-profit participant. “The cybersecurity challenges that we … More →

The post MITRE Engenuity Center for Threat-Informed Defense improves cyber defense at scale appeared first on Help Net Security.

Keysight Technologies, a leading technology company that helps enterprises, service providers and governments accelerate innovation to connect and secure the world, announced the i3070 Series 6 In-Circuit Test (ICT) suite of solutions which enables electronics manufacturers to improve test throughput and the operational efficiency of their printed circuit board assembly (PCBA) manufacturing. Electronics manufacturers for the 5G, internet of things (IoT), and the automotive and energy industries are faced with a highly complex, connected global … More →

The post Keysight i3070 Series 6 ICT boosts throughput and operational efficiency for PCBA manufacturing appeared first on Help Net Security.

Fugue, the company empowering engineers to build and operate secure cloud systems that are compliant with enterprise policies, announced it has open sourced the Fugue Rego Toolkit (Fregot) to enhance the experience working with the Rego policy language. Fregot enables developers to easily evaluate Rego expressions, debug code, and test policies. Fregot provides guided help for writing OPA policies Rego is part of the Open Policy Agent (OPA) policy engine, which Fugue adopted this year … More →

The post Fugue Fregot is now open sourced to enhance the experience working with the Rego policy language appeared first on Help Net Security.

Analog Devices announces the release of new robust, industrial Ethernet physical layer (PHY) products to help manufacturers address key Industry 4.0 and smart factory communication challenges surrounding data integration, synchronization, edge connectivity, and system interoperability. The ADIN1300 is a low-power, single port Ethernet transceiver with industry leading power and latency specifications primarily designed for time-critical industrial Ethernet applications up to Gigabit speeds. As industrial automation increases the adoption of Ethernet and pushes the boundaries of … More →

The post Analog Devices launches low latency PHY for real-time factory comms appeared first on Help Net Security.

BehavioSec, the first vendor to pioneer behavioral biometrics, announced enhanced performance features as part of the newest release of the BehavioSec Behavioral Biometrics Platform. Increased performance, reliability and more accurate detection proficiency further simplify user authentication challenges and reduce reliance on legacy techniques like passwords, tokens and CAPTCHAs to help organizations meet the demands of today’s digital transformation environment. “More organizations than ever are embracing digital transformation and quickly reaping its rewards to increase resource … More →

The post BehavioSec adds new features to its Behavioral Biometrics Platform appeared first on Help Net Security.

Blue Cedar, the company that provides rapid, no code mobile app security integration to enterprises and independent software vendors (ISVs), announced the availability of the Blue Cedar Accelerator for Microsoft, which eases the integration of Microsoft Intune App Protection Policy security controls, now part of Microsoft’s Endpoint Manager solution, into enterprise-authored and other corporate mobile apps. Microsoft Intune enables enterprises to remotely manage a diverse mobile ecosystem of devices and applications, while ensuring the highest … More →

The post Blue Cedar announces Accelerator for Microsoft appeared first on Help Net Security.

Booz Allen Hamilton announced that Jerry Bessette, a former senior cybersecurity official at the Federal Bureau of Investigation, has joined Booz Allen as a leader of the firm’s Commercial business. In his new role as a senior vice president, Bessette will head the U.S. Commercial group’s Incident Response team, helping clients deploy cyber security and risk management solutions to defend against a growing array of domestic and international threats. The team advises Fortune 500 clients … More →

The post Booz Allen appoints Jerry Bessette as leader of the firm’s Commercial business appeared first on Help Net Security.

The IBM board of directors has elected Thomas Buberl to the board, effective April 28, 2020. Mr. Buberl, 46, is the chief executive officer of AXA S.A. Headquartered in Paris, France, AXA is one of the world’s largest global insurance firms. Since becoming CEO in September 2016, Mr. Buberl has been leading AXA through a digital transformation, accelerating business innovation and leveraging data to meet customers’ rapidly evolving needs in the digital world. Before becoming … More →

The post Thomas Buberl joins IBM board of directors appeared first on Help Net Security.

RSA Conference 2020 will feature the new RSAC Engagement Zone, a dedicated networking space meant to encourage interactive, collaborative and cooperative learning for the thousands of cybersecurity experts in attendance. The RSAC Engagement Zone, available to Full Conference pass holders, is designed to foster meaningful conversations between peers, whether formal or informal. The space includes areas for one-on-one meetups or small group discussions with like-minded individuals, problem solving, speed networking, Birds of a Feather and … More →

The post RSAC Engagement Zone: New dedicated area for peer-to-peer networking appeared first on Help Net Security.

Cobalt Iron announced that it has extended its mature Compass enterprise software-as-a-service backup platform with advanced features that bring tremendous value to service providers who sell Compass as their backup-as-a-service (BaaS) offering. Those advanced features, which are unique to Compass, allow service providers to manage complex environments with multiple tenants in a secure manner and provide those different users with appropriate access while reducing the service provider’s operational costs and improving the quality of service. … More →

The post Cobalt Iron Compass delivers secure multitenancy appeared first on Help Net Security.

Creating CI/CD pipelines is often considered a frustrating and time-consuming process. Each change has to be saved, committed and the pipeline rerun from the beginning. DevOps engineers are missing a key component that has been available for software developers for years: debugging breakpoints, so Codefresh is introducing the world’s first live CI/CD debugging tool to take the suck out of DevOps. The Codefresh pipeline debugger works similar to an integrated development environment (IDE) debugger. Developers … More →

The post Codefresh to demonstrate its new CI/CD debugging tool appeared first on Help Net Security.

Imagine dealing with 1,000s of security alerts a day, whilst simultaneously juggling the tasks that are part of your day-to-day job. Challenging right? This is the current problem cybersecurity professionals are facing. Rather than making their jobs easier, automated systems are adding more work to the workload of the CISO and his or her team. Cybersecurity professionals are constantly receiving a large number of security alerts from these automated systems – most of which are … More →

The post Automated systems: Flag smarter, not everything appeared first on Help Net Security.