(IN)SECURE Magazine Notifications RSS

Maximizing data privacy: Making sensitive data secure by default

1 hour 56 minutes ago

Maximizing data privacy should be on every organization’s priority list. We all know how important it is to keep data and applications secure, but what happens when access to private data is needed to save lives? Should privacy be sacrificed? Does it need to be? Consider the case of contact tracing, which has become a key tool in the fight to control COVID-19. It’s a daunting task greatly facilitated by collecting and analyzing real-time identity … More →

The post Maximizing data privacy: Making sensitive data secure by default appeared first on Help Net Security.

Help Net Security

Organizations knowingly ship vulnerable code despite using AppSec tools

2 hours 27 minutes ago

Nearly half of organizations regularly and knowingly ship vulnerable code despite using AppSec tools, according to Veracode. Among the top reasons cited for pushing vulnerable code were pressure to meet release deadlines (54%) and finding vulnerabilities too late in the software development lifecycle (45%). Respondents said that the lack of developer knowledge to mitigate issues and lack of integration between AppSec tools were two of the top challenges they face with implementing DevSecOps. However, nearly … More →

The post Organizations knowingly ship vulnerable code despite using AppSec tools appeared first on Help Net Security.

Help Net Security

Expanding attack surfaces leave security teams stretched thin

2 hours 57 minutes ago

30% of businesses globally have seen an increase in attacks on their IT systems as a result of the pandemic, HackerOne reveals. This is according to C-Level IT and security execs at global businesses, 64% of which believe their organization is more likely to experience a data breach due to COVID-19. Remote working and expanding attack surfaces “The COVID-19 crisis has shifted life online,” says Marten Mickos, CEO of HackerOne. “As companies rush to meet … More →

The post Expanding attack surfaces leave security teams stretched thin appeared first on Help Net Security.

Help Net Security

Half of IT teams can’t fully utilize cloud security solutions due to understaffing

3 hours 26 minutes ago

There are unrealized gaps between the rate of implementation or operation and the effective use of cloud security access brokers (CASB) within the enterprise, according to a global Cloud Security Alliance survey of more than 200 IT and security professionals from a variety of organization sizes and locations. Utilize cloud security solutions “CASB solutions have been underutilized on all the pillars but in particular on the compliance, data security, and threat protection capabilities within the … More →

The post Half of IT teams can’t fully utilize cloud security solutions due to understaffing appeared first on Help Net Security.

Help Net Security

How to maintain or improve employee productivity in virtual or hybrid workplaces

3 hours 56 minutes ago

Productivity can be maintained surprisingly well in a virtual or hybrid workplaces, according to BCG. Employees are open to hybrid workplaces The survey, conducted in the US, Germany, and India, also shows that there is significant appetite for flexible ways of working among employees, as well as increased openness to this from managers. As working methods become increasingly remote or hybrid in the wake of the COVID-19 pandemic, a key question for companies is how … More →

The post How to maintain or improve employee productivity in virtual or hybrid workplaces appeared first on Help Net Security.

Help Net Security

RSA SecurID Access innovations support organizations struggling to protect their workforces

4 hours 56 minutes ago

RSA announced the availability of RSA SecurID Access offerings that are designed to support organizations struggling to protect and optimize their workforces in this challenging environment. The new solutions broaden protection and reduce friction for both administrators and users, particularly as organizations tap into the benefits of the cloud for remote workers. “While interest in transitioning security management technologies to cloud environments has steadily increased over the past few years, the global pandemic has dramatically … More →

The post RSA SecurID Access innovations support organizations struggling to protect their workforces appeared first on Help Net Security.

Industry News

SonicWall TZ: Desktop firewalls with multi-gigabit malware and ransomware protection

5 hours 27 minutes ago

To ensure cybersecurity administration is easier and more accessible, SonicWall announced new zero touch-enabled, multi-gigabit SonicWall TZ firewalls with SD-Branch capabilities, along with a redesigned cloud-native management console that helps streamline operations through fresh and modern user interfaces. “The new business norm is forcing organizations to rethink security for remote users and distributed networks,” said SonicWall Senior Vice President and Chief Operating Officer Atul Dhablania. “SonicWall’s new SD-Branch ready next-generation firewalls, along with re-engineered SonicOS, … More →

The post SonicWall TZ: Desktop firewalls with multi-gigabit malware and ransomware protection appeared first on Help Net Security.

Industry News

JumpCloud App for Windows: Enabling secure credential and identity management

6 hours 26 minutes ago

JumpCloud announced the release of the JumpCloud App for Windows, the latest update to its patent-pending strategy for enabling secure credential and identity management from an employee’s device. The release follows its Apple macOS App release, which established the company’s strategy for a device-centric approach to secure corporate password updates. Employees safely manage and modify their credentials from within the confines of JumpCloud-managed Windows and macOS hosts, eliminating attack vectors such as phishing emails, deepfake … More →

The post JumpCloud App for Windows: Enabling secure credential and identity management appeared first on Help Net Security.

Industry News

Nutanix Clusters now available on AWS, allowing businesses to accelerate digital initiatives

6 hours 56 minutes ago

Nutanix announced general availability of Nutanix Clusters on AWS, extending the flexibility and ease of use of the company’s hyperconverged infrastructure (HCI) software, along with all Nutanix products and services, to bare metal Amazon Elastic Compute Cloud (Amazon EC2) instances on Amazon Web Services (AWS). With this announcement, Nutanix delivers hybrid cloud infrastructure — one that allows businesses to accelerate their digital initiatives and optimize spending, priorities further amplified in the age of COVID. Nutanix … More →

The post Nutanix Clusters now available on AWS, allowing businesses to accelerate digital initiatives appeared first on Help Net Security.

Industry News

Alcatel-Lucent and RingCentral introduce cloud solution, Rainbow Office powered by RingCentral

7 hours 27 minutes ago

Alcatel-Lucent Enterprise and RingCentral announced that they have entered into a strategic partnership to introduce a new co-branded cloud solution – Rainbow Office powered by RingCentral – making it unique and exclusive for Alcatel-Lucent Enterprise. RingCentral and Alcatel-Lucent Enterprise will jointly develop programs enabling both companies to lead the cloud communications services for the enterprise market. “We are excited to partner with Alcatel-Lucent Enterprise and to bring our industry-leading cloud communications solutions to their customers … More →

The post Alcatel-Lucent and RingCentral introduce cloud solution, Rainbow Office powered by RingCentral appeared first on Help Net Security.

Industry News

Perimeter 81 raises $40M to support growth and accelerate hiring and development

8 hours 27 minutes ago

Perimeter 81 announced that it has completed a $40 million Series B round led by Insight Partners. The financing will help support Perimeter 81’s rapid growth and accelerate the company’s hiring and development, furthering its disruption of the traditional VPN and Firewall markets. Perimeter 81 simplifies network security for the modern and increasingly remote and mobile workforce. Since its 2018 inception, the company has emerged as a leader in Secure Access Service Edge (SASE), growing … More →

The post Perimeter 81 raises $40M to support growth and accelerate hiring and development appeared first on Help Net Security.

Industry News

August 2020 Patch Tuesday: Microsoft fixes two vulnerabilities under attack

12 hours 19 minutes ago

On this August 2020 Patch Tuesday: Microsoft has plugged 120 flaws, two of which are being exploited in attacks in the wild Adobe has delivered security updates for Adobe Acrobat, Reader and Lightroom Apple has released updates for iCloud on Windows Google has updated Chrome with security fixes Microsoft’s updates Microsoft has released patched for 120 CVEs, 17 of which are critical and the rest important. One (CVE-2020-1464) is publicly known and being actively exploited, … More →

The post August 2020 Patch Tuesday: Microsoft fixes two vulnerabilities under attack appeared first on Help Net Security.

Zeljka Zorz

Exploits for vBulletin zero-day released, attacks are ongoing

22 hours 5 minutes ago

The fix for CVE-2019-16759, a remote code execution vulnerability in vBulletin that was patched in September 2019, is incomplete, security researcher Amir Etemadieh has discovered. The discovery and his publishing of PoC and full exploits spurred attackers to launch attacks: A new VBulletin Zero Day got dropped yesterday by @Zenofex that revealed the CVE-2019-16759 patch was incomplete – within three hours https://t.co/LwbPuEoL5b was attacked, but we were ready for it. Disable PHP rendering to protect … More →

The post Exploits for vBulletin zero-day released, attacks are ongoing appeared first on Help Net Security.

Zeljka Zorz

Ericom Application Isolator separates corporate apps from unauthorized users to prevent ransomware

22 hours 50 minutes ago

Ericom Software announced the introduction of Ericom Application Isolator, a new solution that integrates with existing remote access VPNs and Next Generation Firewalls to secure corporate applications and data from the security risks associated with excessive access rights inside a network. Ericom Application Isolator addresses the security risks created by the broad access rights granted to users and devices on corporate networks, which create an environment hackers or malicious insiders can easily exploit. Extensive permissions … More →

The post Ericom Application Isolator separates corporate apps from unauthorized users to prevent ransomware appeared first on Help Net Security.

Industry News

Businesses prioritize security and collaboration tools to manage sustained remote work environments

23 hours 22 minutes ago

77 percent of IT professionals believe they were prepared to manage the rapid shift to remote work during the COVID-19 outbreak, according to TeamViewer. Among those surveyed, the percentage working from home had abruptly jumped from 28 percent prior to the pandemic to 71 percent during the outbreak. The survey included more than 200 IT executives in the U.S. across various industries. Manage remote work: High productivity, effectiveness and morale IT professionals identified many challenges … More →

The post Businesses prioritize security and collaboration tools to manage sustained remote work environments appeared first on Help Net Security.

Help Net Security

Securing human resources from cyber attack

1 day 2 hours ago

As COVID-19 forced organizations to re-imagine how the workplace operates just to maintain basic operations, HR departments and their processes became key players in the game of keeping our economy afloat while keeping people alive. Without a doubt, people form the core of any organization. The HR department must strike an increasingly delicate balance while fulfilling the myriad of needs of workers in this “new normal” and supporting organizational efficiency. As the tentative first steps … More →

The post Securing human resources from cyber attack appeared first on Help Net Security.

Help Net Security

10-point plan for securing employee health data collected for COVID-19 prevention

1 day 2 hours ago

The COVID-19 pandemic has dramatically changed the business landscape and, over the past few months, employers have found themselves in uncharted waters on more than one occasion. First, it was getting entire workforces up-and-running from home practically overnight. And now, as employees are welcomed back onsite, employers are required to follow new health and safety protocols to prevent the virus’ spread and maintain near-normal operations. One health initiative causing confusion (and often tension) within many … More →

The post 10-point plan for securing employee health data collected for COVID-19 prevention appeared first on Help Net Security.

Help Net Security

CyberSaint CyberStrong updates make cybersecurity resiliency an enabler of business strategy

1 day 6 hours ago

CyberSaint announced new CyberStrong platform updates that allow security and risk leaders to deliver clear narratives around their cybersecurity and IT risk management strategies. New features combine quantitative and qualitative insights to help CISOs and CIOs communicate the program’s past, present, and future risk management initiatives and returns. Leveraging these new features, customers can identify, plan, and present the costs and benefits of various solutions to leadership in several ways. All risk and solution plans … More →

The post CyberSaint CyberStrong updates make cybersecurity resiliency an enabler of business strategy appeared first on Help Net Security.

Industry News

MiniTool Power Data Recovery 9.0: Improved scanning speed and data recovery results

1 day 6 hours ago

MiniTool Software has released the latest MiniTool Power Data Recovery 9.0, aiming to make specific location recovery available and save the recovery time. The new features are Desktop Recovery, Recycle Bin Recovery, and Select Folder Recovery. It is the second time for MiniTool to announce a new version of this software this year. The last time was about four months ago. Add Desktop Recovery Files on desktop are usually important and frequently used. When the … More →

The post MiniTool Power Data Recovery 9.0: Improved scanning speed and data recovery results appeared first on Help Net Security.

Industry News

Leading tech companies certify IoT devices via ioXt Alliance

1 day 7 hours ago

The ioXt Alliance announced that major technology companies and manufacturers including Google, T-Mobile, Silicon Labs and more, certified a wide range of devices through the ioXt Alliance Certification Program. Devices certified secure by the ioXt Alliance include cell phones, smart home, lighting controls, IoT Bluetooth, smart retail, portable medical, pet trackers, routers and automotive technology. The ioXt Alliance is backed by the biggest names in tech and is the only organization positioned to handle the … More →

The post Leading tech companies certify IoT devices via ioXt Alliance appeared first on Help Net Security.

Industry News

Cryptography

Tasker: Total Automation for Android

The Register

India explores blockchain-powered voting but not to enable online elections

2 hours 55 minutes ago
Verifying wandering voters in the world’s largest and most complex elections is the aim

India has pondered how blockchain might enhance its elections with a high-level online gabfest concluding that the technology might have a role in making it possible for more voters to cast their ballot in more places around the nation.…

NCC Group admits its training data was leaked online after folders full of CREST pentest certification exam notes posted to GitHub

15 hours 59 minutes ago
'Inhouse crt rigs to solve... book before ur exam' as firm claims 'some' of the content wasn't theirs

Exclusive British infosec biz NCC Group has admitted to The Register that its internal training materials were leaked on GitHub – after folders purporting to help people pass the CREST pentest certification exams appeared in a couple of repositories.…