(IN)SECURE Magazine Notifications RSS

Email security miss rates are definitely a huge issue. Malicious files regularly bypass all of today’s leading email security products, leaving enterprises vulnerable to email-based attacks including ransomware, phishing and data breaches, according to BitDam. BitDam conducted an empirical study to measure leading email security products’ ability to detect unknown threats at first encounter. Unknown threats are produced in the wild, sometimes hundreds in a day. The study employs the retrieval of fresh samples of … More →

The post Email security industry miss rates when encountering threats are higher than 20% appeared first on Help Net Security.

Most state CIOs see innovation as a major part of their job – 83% said innovation is an important or very important part of their day-to-day leadership responsibilities – while only 14% reported extensive innovation initiatives within their organizations, Accenture and the National Association of State Chief Information Officers (NASCIO) reveal. Previously, NASCIO had highlighted innovation as a top ten current issue facing state CIOs. “The pace of technological change keeps accelerating, bringing new challenges … More →

The post State CIOs see innovation as critical priority, only 14% report extensive innovation appeared first on Help Net Security.

What are the key considerations security decision makers should take into account when designing their 2020 breach protection? To answer this, Cynet polled 1,536 cybersecurity professionals to understand the common practices, prioritizations and preferences of organization today in protecting themselves from breaches. Security executives face significant challenges when confronting the evolving threat landscape. For example, what type of attacks pose the greatest risk and what security products would best address them? Is it better to … More →

The post Download: State of Breach Protection 2020 survey results appeared first on Help Net Security.

Security provider Stellar Cyber, with the first Open-XDR platform, announced its new Firewall Traffic Analysis (FTA) Application, which supercharges firewalls by analyzing their data to spot undetected anomalies. With this new App, security analysts get an automated assistant to detect firewall misconfigurations, malicious users and abnormal traffic to gain new value from firewall data, improving analyst productivity typically over 20x. The FTA Application supports firewalls from many vendors including Cisco, Check Point, Fortinet, Palo Alto … More →

The post Stellar Cyber’s new app applies machine learning to firewall data to spot anomalies appeared first on Help Net Security.

FireEye, the intelligence-led security company, announced the availability of two new FireEye Mandiant services. Cloud Security Assessments help organizations evaluate and harden security in cloud platforms, and Cyber Defense Operations consulting services help organizations achieve security transformation by improving the detection and response capabilities of their security operations center (SOC). “For more than 15 years, FireEye Mandiant has been at the forefront of cyber security and cyber threat intelligence. We have a deep understanding of … More →

The post FireEye Mandiant unveils two new services to help orgs improve detection, investigation, and response appeared first on Help Net Security.

STEALTHbits Technologies, a cybersecurity software company focused on protecting an organization’s sensitive data and the credentials attackers use to steal that data, announced the release of StealthRECOVER 1.5, their fine-grained rollback and recovery solution for Active Directory (AD). As a component of STEALTHbits’ AD Management and Security solution portfolio, StealthRECOVER enables organizations to quickly and easily rollback and recover unintended and unwanted directory changes. Users are enabled with point in time rollback and recovery of … More →

The post STEALTHbits StealthRECOVER 1.5: Easier and faster AD rollback and recovery appeared first on Help Net Security.

Skylo, maker of the world’s most affordable and ubiquitous network that connects any machine or sensor, announced that the company has emerged from Stealth with $116 million in total funding. The company previously raised $13 million in a Series A round that was co-led by DCM and Innovation Endeavors, and joined by Moore Strategic Ventures. The new Series B round raised $103 million, led by SoftBank Group and joined by all existing investors. Skylo will … More →

The post Skylo raises $116M to bring affordable IoT connectivity to over 1 billion devices globally appeared first on Help Net Security.

ACROS Security has released a micropatch that implements the workaround for a recently revealed actively exploited zero-day RCE flaw affecting Internet Explorer (CVE-2020-0674). Remote code execution vulnerability affecting IE Last Friday, Microsoft released an out-of-band security advisory notifying Internet Explorer users of a remote code execution vulnerability affecting IE 11, 10 and 9 on various versions od Windows and Windows Server, which they know is being exploited in “limited targeted attacks”. Flagged by researchers from … More →

The post Micropatch simulates workaround for recent zero-day IE flaw, removes negative side effects appeared first on Help Net Security.

As attackers continue to hit vulnerable Citrix (formerly Netscaler) ADC and Gateway installations, Citrix has released permanent fixes for some versions and has promised to provide them for other versions and for two older versions of SD-WAN WANOP by January 24. A short timeline before the situation update CVE-2019-19781, a critical vulnerability affecting Citrix ADC and Gateway that may allow unauthenticated attackers to achieve remote code execution and obtain direct access to an organization’s local … More →

The post First patches for the Citrix ADC, Gateway RCE flaw released appeared first on Help Net Security.

Trend Micro announced the results of research featuring a honeypot imitating an industrial factory. The highly sophisticated Operational Technology (OT) honeypot attracted fraud and financially motivated exploits. Hardware equipment that ran the factory Complex investigation The six-month investigation revealed that unsecured industrial environments are primarily victims of common threats. The honeypot was compromised for cryptocurrency mining, targeted by two separate ransomware attacks, and used for consumer fraud. “Too often, discussion of cyber threats to industrial … More →

The post Researchers create OT honeypot, attract exploits and fraud appeared first on Help Net Security.

Japanese multinational Mitsubishi Electric has admitted that it had suffered a data breach some six months ago, and that “personal information and corporate confidential information may have been leaked.” The company, though, claims that “sensitive information on social infrastructure such as defense, electric power, and railways, highly confidential technical information, and important information concerning business partners have not been leaked.” What was compromised in the Mitsubishi Electric data breach? Mitsubishi Electric is a manufacturer of … More →

The post Mitsubishi Electric discloses data breach, possible data leak appeared first on Help Net Security.

Companies are increasingly building smart products that are tailored to know the individual user. In the automotive world, the next generation passenger vehicle could behave like a personal chauffeur, sentry and bodyguard rolled into one. Over the next decade, every car manufacturer that offers any degree of autonomy in a vehicle will be forced to address the security of both the vehicle and your data, while also being capable of recognizing and defending against threats … More →

The post Data-driven vehicles: The next security challenge appeared first on Help Net Security.

Seemingly every day news drops that a popular site with millions of users had been breached and its user database leaked online. Almost without fail, attackers try to use those leaked user credentials on other sites, making password stuffing one of the most common attacks today. Users often use the same username/email and password combination for multiple accounts and, unfortunately, enterprise accounts are no exception. Attackers can, therefore, successfully use leaked credentials to access specific … More →

The post Review: Enzoic for Active Directory appeared first on Help Net Security.

Five security best practices for DevOps and development professionals managing Kubernetes deployments have been introduced by Portshift. Integrating these security measures into the early stages of the CI/CD pipeline will assist organizations in the detection of security issues earlier, allowing security teams to remediate issues quickly. Kubernetes as the market leader The use of containers continues to rise in popularity in test and production environments, increasing demand for a means to manage and orchestrate them. … More →

The post Techniques and strategies to overcome Kubernetes security challenges appeared first on Help Net Security.

Vendor revenue from sales of IT infrastructure products (server, enterprise storage, and Ethernet switch) for cloud environments, including public and private cloud, declined in the third quarter of 2019 (3Q19) as the overall IT infrastructure market continues to experience weakening sales following strong growth in 2018, IDC reveals. The decline of 1.8% year over year was much softer than in 2Q19 as the overall spend on IT infrastructure for cloud environments reached $16.8 billion. IDC … More →

The post Revenue from cloud IT infrastructure products declines appeared first on Help Net Security.

Data is everything to businesses and organizations across the globe. For more than a decade, different teams at law firm BakerHostetler have been at the forefront of helping clients leverage data and technology to transform their products and services. Following its own advice of using an enterprise approach to address these issues, BakerHostetler merged its teams into a unique multidisciplinary practice group to help clients address the spectrum of issues in this area. The new … More →

The post BakerHostetler’s multidisciplinary practice group helps clients leverage data and technology appeared first on Help Net Security.

Datadog, the monitoring and analytics platform for developers, IT operations teams and business users in the cloud age, announced the Datadog Partner Network, a new program expanding Datadog’s support for channel partners. The Datadog Partner Network will bring benefits to partners including: Go-to-market collateral; Self-service training for implementation; Opportunity registration in the Partner Portal; and a Partner Locator Listing. Members of the Datadog Partner Network will have access to training and accreditation programs for Datadog … More →

The post Datadog expands support for channel partners with Partner Network appeared first on Help Net Security.

Mellanox Technologies, a leading supplier of high-performance, end-to-end smart interconnect solutions for data center servers and storage systems, announced that OpenStack software includes native and upstream support for virtualization over HDR 200 gigabit InfiniBand network, enabling customers to build high-performance OpenStack-based cloud services over the most enhanced interconnect infrastructure, taking advantage of InfiniBand’s extremely low latency, high data-throughput, In-Network Computing and more. By leveraging the upstream OpenStack ‘Train’ software release, data center managers and providers … More →

The post Mellanox OpenStack software includes native upstream support for HDR 200 Gb InfiniBand network appeared first on Help Net Security.

Synopsys announced that it has joined the new Autonomous Vehicle Computing Consortium. The Consortium brings together leading experts in the automotive, automotive supply, semiconductor and computing industries to help accelerate the delivery of safer and affordable vehicles. As a member of the Consortium, Synopsys will actively contribute to the development of a set of recommendations for system architectures and computing platforms that will be used to address the challenges of deploying self-driving vehicles at scale. … More →

The post Synopsys joins Autonomous Vehicle Computing Consortium to deliver safer and affordable vehicles appeared first on Help Net Security.

Anexsys, the leading UK consulting firm specialising in legal support and e-discovery is delighted to announce their new partnership with Brainspace, the world’s leading data analytics platform for investigations, eDiscovery, and compliance. Anexsys has integrated the Brainspace platform as part of the firm’s e-discovery managed services solution, enabling clients to conduct early case assessments and manage the growing volume and complexity of complex litigation and investigations. “At Anexsys we are committed to delivering innovative new … More →

The post Anexsys partners with Brainspace to help clients solve complex data challenges appeared first on Help Net Security.