(IN)SECURE Magazine Notifications RSS

eSentire unveiled eSentire Cloud Automation Security Assistant (CASA), the company’s automated detection and response solution for Microsoft Security products. With CASA, eSentire brings its MDR leadership and expertise from over 10 years of threat hunting to Microsoft users. CASA offers customers a single place within Microsoft Teams to actively manage alerts, engage eSentire experts on demand, and launch automated threat configurations for Microsoft Cloud Application Security, Microsoft 365, Microsoft Defender for Endpoint, Microsoft Azure, and … More →

The post eSentire launches automated detection and response solution for Microsoft Security products appeared first on Help Net Security.

The Sandworm Team hacking group is part of Unit 74455 of the Russian Main Intelligence Directorate (GRU), the US Department of Justice (DoJ) claimed as it unsealed an indictment against six hackers and alleged members on Monday. Sandworm Team attacks “These GRU hackers and their co-conspirators engaged in computer intrusions and attacks intended to support Russian government efforts to undermine, retaliate against, or otherwise destabilize: Ukraine; Georgia; elections in France; efforts to hold Russia accountable … More →

The post US charges Sandworm hackers who mounted NotPetya, other high-profile attacks appeared first on Help Net Security.

We are beginning to shift away from what has long been our first and last line of defense: the password. It’s an exciting time. Since the beginning, passwords have aggravated people. Meanwhile, passwords have become the de facto first step in most attacks. Yet I can’t help but think, what will the consequences of our actions be? Intended and unintended consequences Back when overhead cameras came to the express toll routes in Ontario, Canada, it … More →

The post Can we trust passwordless authentication? appeared first on Help Net Security.

What is confidential computing? Can it strengthen enterprise security? Nelly Porter, Senior Product Manager, Google Cloud and Sam Lugani, Lead Security PMM, Google Workspace & GCP, answer these and other questions in this Help Net Security interview. How does confidential computing enhance the overall security of a complex enterprise architecture? We’ve all heard about encryption in-transit and at-rest, but as organizations prepare to move their workloads to the cloud, one of the biggest challenges they face … More →

The post What is confidential computing? How can you use it? appeared first on Help Net Security.

SOCs across the globe are most concerned with advanced threat detection and are increasingly looking to next-gen automation tools like AI and ML technologies to proactively safeguard the enterprise, Micro Focus reveals. Growing deployment of next-gen tools and capabilities The report’s findings show that over 93 percent of respondents employ AI and ML technologies with the leading goal of improving advanced threat detection capabilities, and that over 92 percent of respondents expect to use or … More →

The post SecOps teams turn to next-gen automation tools to address security gaps appeared first on Help Net Security.

Cybercriminals are targeting vulnerabilities created by the pandemic-driven worldwide transition to remote work, according to Secureworks. The report is based on hundreds of incidents the company’s IR team has responded to since the start of the pandemic. Threat level is unchanged While initial news reports predicted a sharp uptick in cyber threats after the pandemic took hold, data on confirmed security incidents and genuine threats to customers show the threat level is largely unchanged. Instead, … More →

The post Is poor cyber hygiene crippling your security program? appeared first on Help Net Security.

In the aftermath of the COVID-19 pandemic, global biometric device revenues are expected to drop 22%, ($1.8 billion) to $6.6 billion, according to a report from ABI Research. The entire biometrics market, however, will regain momentum in 2021 and is expected to reach approximately $40 billion in total revenues by 2025. Global biometric device revenues in 2020 “The current decline in the biometrics market landscape stems from multifaceted challenges from a governmental, commercial, and technological … More →

The post Biometric device revenues to drop 22%, expected to rebound in 2021 appeared first on Help Net Security.

Entrust announced the Sigma Instant Desktop Issuance solution, a direct-to-card solution for instant physical and mobile ID issuance. Designed for both cloud and on-premise deployment, the Sigma solution sets the standard for simple, secure and smart instant ID solutions across enterprise, healthcare, government, higher education and financial institutions. Today’s enterprises face a myriad of security challenges: From transitioning to digital operations during the pandemic, to managing the global rise in cyber-attacks, they must maintain a … More →

The post Entrust launches direct-to-card solution for instant physical and mobile ID issuance appeared first on Help Net Security.

An online platform designed to help IoT vendors receive, assess, manage and mitigate vulnerability reports has been launched by the IoT Security Foundation (IoTSF). VulnerableThings.com aims to simplify the reporting and management of vulnerabilities whilst helping IoT vendors comply with new consumer IoT security standards and regulations. As the first globally applicable standard for consumer IoT cybersecurity, the new ETSI EN 303 645 specification requires IoT vendors – which could include device manufacturers or importers/distributors … More →

The post IoT Security Foundation unveils online platform to help IoT vendors report and manage vulerabilities appeared first on Help Net Security.

Microsoft and Adobe released out-of-band security updates for Visual Studio Code, the Windows Codecs Library, and Magento. All the updates fix vulnerabilities that could be exploited for remote code execution, but the good news is that none of them are being actively exploited by attackers (yet!). Microsoft’s updates Microsoft has fixed CVE-2020-17023, a remote code execution vulnerability in Visual Studio Code, its free and extremely popular source-code editor that’s available for Windows, macOS and Linux. … More →

The post Magento, Visual Studio Code users: You need to patch! appeared first on Help Net Security.

Azure Defender for IoT – Microsoft’s new security solution for discovering unmanaged IoT/OT assets and IoT/OT vulnerabilities – is now in public preview and can be put to the test free of charge. The solution can alert administrators about unauthorized devices connected to the network and unauthorized connections to the internet, changes to firmware versions, potentially malicious commands, illegal DNP3 operations, known malware, unauthorized SMB logins, and more. About Azure Defender for IoT “As industrial … More →

The post Critical infrastructure and industrial orgs can test Azure Defender for IoT for free appeared first on Help Net Security.

Vulnerability scanners can be a very useful addition to any development or operations process. Since a typical vulnerability scanner needs to detect vulnerabilities in deployed software, they are (generally) not dependent on the language or technology used for the application they are scanning. This often doesn’t make them the top choice for detecting a large number of vulnerabilities or even detecting fickle bugs or business logic issues, but makes them great and very common tools … More →

The post Review: Netsparker Enterprise web application scanner appeared first on Help Net Security.

The importance of privacy and data protection is a critical issue for organizations as it transcends beyond legal departments to the forefront of an organization’s strategic priorities. A FairWarning research, based on survey results from more than 550 global privacy and data protection, IT, and compliance professionals outlines the characteristics and behaviors of advanced privacy and data protection teams. By examining the trends of privacy adoption and maturity across industries, the research uncovers adjustments that … More →

The post Global adoption of data and privacy programs still maturing appeared first on Help Net Security.

75% of all 56 U.S. states and territories leading up to the presidential election, showed signs of a vulnerable IT infrastructure, a SecurityScorecard report reveals. Since most state websites offer access to voter and election information, these findings may indicate unforeseen issues leading up to, and following, the US election. Election infrastructure: High-level findings Seventy-five percent of U.S. states and territories’ overall cyberhealth are rated a ‘C’ or below; 35% have a ‘D’ and below. … More →

The post Most US states show signs of a vulnerable election-related infrastructure appeared first on Help Net Security.

Despite 88% of cybersecurity professionals believing automation will make their jobs easier, younger staffers are more concerned that the technology will replace their roles than their veteran counterparts, according to a research by Exabeam. Overall, satisfaction levels continued a 3-year positive trend, with 96% of respondents indicating they are happy with role and responsibilities and 87% reportedly pleased with salary and earnings. Additionally, there was improvement in gender diversity with female respondents increasing from 9% … More →

The post Most cybersecurity pros believe automation will make their jobs easier appeared first on Help Net Security.

IT leaders are increasingly concerned accelerated digital transformation, combined with the complexity of modern multicloud environments, is putting already stretched digital teams under too much pressure, a Dynatrace survey of 700 CIOs reveals. This leaves little time for innovation, and limits teams’ ability to prioritize tasks that drive greater value and better outcomes for the business and its customers. Key findings 89% of CIOs say digital transformation has accelerated in the last 12 months, and … More →

The post Cloud environment complexity has surpassed human ability to manage appeared first on Help Net Security.

As many business leaders look to close the skills gap and cultivate a sustainable workforce amid COVID-19, an IBM Institute for Business Value (IBV) study reveals less than 4 in 10 human resources (HR) executives surveyed report they have the skills needed to achieve their enterprise strategy. COVID-19 exacerbated the skills gap in the enterprise Pre-pandemic research in 2018 found as many as 120 million workers surveyed in the world’s 12 largest economies may need … More →

The post Is the skills gap preventing you from executing your enterprise strategy? appeared first on Help Net Security.

Achieving the globally respected (ISC)² CISSP or CCSP certifications can catapult your career, leading to more credibility, better opportunities and increased earning potential. To help you stay committed to your certification, through November 30, (ISC)² is offering a 40% discount off Official CISSP and CCSP Online Instructor-Led Trainings when you bundle with an exam voucher. Training seats are limited, so secure your spot today! Online instructor-led training and exam bundle Your bundle includes: Direct access … More →

The post Save 40% on CISSP or CCSP training until November 30 appeared first on Help Net Security.

Honeywell announces the launch of Honeywell Secure Media Exchange (SMX) R201.1, an enterprise software offering to better protect users from advanced malware and firmware-based cybersecurity attacks from USB drives and other removable media. Honeywell SMX can help organizations reduce cybersecurity risk and operational disruption through advanced threat detection capability for operating environments including those in critical infrastructure. “We are excited to expand Honeywell SMX as an enterprise security solution to include hardware device management with … More →

The post Honeywell launches Honeywell Secure Media Exchange to protect against malicious USB attacks appeared first on Help Net Security.

Zerto launched Zerto Data Protection (ZDP), which displaces traditional backup with continuous data protection (CDP) for all applications. By offering a new, cost-effective backup solution, Zerto is bringing the power of its award-winning CDP to all applications at a much lower TCO. “At Zerto, we have always worked with our customers to deliver backup and data protection solutions that align with their enterprise IT infrastructure strategies,” commented Gil Levonai, CMO and senior vice president of … More →

The post Zerto Data Protection: Continuous data protection to all app tiers displacing traditional backup appeared first on Help Net Security.