(IN)SECURE Magazine Notifications RSS

Forge: Simplifying the process for cracking hashed passwords

1 hour 42 minutes ago

Inferno Systems unveiled Forge, a web application that simplifies the process for cracking hashed passwords. Forge offers a workflow for creating attacks against password hashes that includes dictionary management, plan building and use of mixed local and cloud-based compute clusters. Tightly-controlled IT environments can run Forge in an offline environment, allowing sensitive information to remain on-site. However, Forge also offers turn-key use of Amazon AWS cloud-based GPUs allowing users to distribute ongoing attacks to powerful, … More →

The post Forge: Simplifying the process for cracking hashed passwords appeared first on Help Net Security.

Industry News

Threat Stack Cloud Security Platform features improved visibility of Kubernetes environments

2 hours 43 minutes ago

Threat Stack, the leader in cloud infrastructure security and compliance, announced enhancements to the Threat Stack Cloud Security Platform that provide customers with complete security observability of Kubernetes-managed containers. The improved visibility of Kubernetes environments enables Threat Stack’s customers to leverage container infrastructure without increasing risk or relying on multiple point solutions to achieve full stack cloud security observability. As companies adopt Kubernetes to help orchestrate their container infrastructure, security processes and policies have been … More →

The post Threat Stack Cloud Security Platform features improved visibility of Kubernetes environments appeared first on Help Net Security.

Industry News

Cumulus Networks’ new version of NetQ provides real-time telemetry and fabric-wide analytics

3 hours 13 minutes ago

Cumulus Networks, the leaders in building open, modern, and scalable networks, announced version 2.0 of NetQ, a highly scalable modern network operations toolset delivering real-time actionable insights and operational intelligence about the health of data center networks — from the container, virtual machine, or host, all the way to the switch and port. As the next level of visibility into Cumulus Linux, NetQ provides fabric-wide visibility, full lifecycle management, closed-loop automation and is one step … More →

The post Cumulus Networks’ new version of NetQ provides real-time telemetry and fabric-wide analytics appeared first on Help Net Security.

Industry News

ShieldX adds lateral movement prevention to the Elastic Security Platform for AWS

3 hours 42 minutes ago

ShieldX, the leader in elastic security, announced the addition of lateral movement prevention to the ShieldX Elastic Security Platform for AWS. Also known as East-West security, enterprises can now for the first time monitor and prevent lateral movement inside the AWS public cloud to complement ShieldX’s existing capability for VMWare ESXi and Microsoft Azure. This eliminates a significant management and security challenge, by providing a full range of security controls including visibility into the movement … More →

The post ShieldX adds lateral movement prevention to the Elastic Security Platform for AWS appeared first on Help Net Security.

Industry News

OPAQ provides 15 Gbps of security-as-a-service networking to support digital transformation

4 hours 12 minutes ago

OPAQ, the network security cloud company, announced a new set of offerings that provide up to 15 Gbps of hyperscale security-as-a-service networking to support digital transformation initiatives. The OPAQ Cloud provides direct Gigabit connectivity to ISP exchanges and comprehensive network security for organizations that require carrier-grade network performance and security for hybrid and multi-cloud environments that span on-premises, Infrastructure-as-a-Service (IaaS) and Software-as-a-Service (SaaS) resources. “Companies of all sizes are integrating on-premises data centers with cloud … More →

The post OPAQ provides 15 Gbps of security-as-a-service networking to support digital transformation appeared first on Help Net Security.

Industry News

Four new incident response and forensic investigators join the Arete Advisors team

4 hours 43 minutes ago

Arete Advisors announced the addition of four of the world’s foremost incident response and forensic investigators to its elite group of cybersecurity experts: Michael Stewart, Rae Jewell, Peter Hubert, and Matt Hanyok. Together, the group brings decades of experience leading challenging, cyber incident response and forensics investigations into some of the most devastating cyberattacks and network breaches impacting the U.S. Government and major commercial verticals. “As the cybersecurity skills gap becomes more acute, organizations are … More →

The post Four new incident response and forensic investigators join the Arete Advisors team appeared first on Help Net Security.

Industry News

Symantec joins the DIB CS program to share threat information between DOD and industry

5 hours 12 minutes ago

Symantec, the world’s leading cyber security company, announced it has become a member of the United States’ Department of Defense’s (DOD) Defense Industrial Base (DIB) Cybersecurity (CS) program. The DIB CS program is a voluntary cyber threat information-sharing initiative established by the DOD to enhance and supplement DIB participants’ capabilities to mitigate cyber attacks. The program features a collaborative information-sharing environment where members voluntarily report cyber threats as well as information on how to prevent/mitigate … More →

The post Symantec joins the DIB CS program to share threat information between DOD and industry appeared first on Help Net Security.

Industry News

CI Security raises $9.6M to defend healthcare and the public sector from cyber threats

5 hours 42 minutes ago

CI Security announced it has raised an additional $9.6 million to defend critical services in healthcare and the public sector from cyber threats. The added investment allows CI Security to continue expanding its Critical Insight Managed Detection and Response (MDR) service. Customers with Critical Insight MDR can detect and respond to intrusions and threats quickly. Those customers know that CI Security’s analysts are using purpose-built technology to watch for security events 24/7/365. The Series B … More →

The post CI Security raises $9.6M to defend healthcare and the public sector from cyber threats appeared first on Help Net Security.

Industry News

Whitepaper: Third-Party Risk to the Nth Degree

17 hours 40 minutes ago

For many, cost-effective scalability usually means outsourcing some or all of your business functions to a complex web of third-party vendors. The Third-Party Risk to the Nth Degree whitepaper provides quantitative and contextual measures by which your organization can compare current practices and investment to help mitigate third-party risk. Key findings 44 percent of organizations revealed that they had experienced a third-party-related data breach in the last year. 33 percent of organizations cited lack of … More →

The post Whitepaper: Third-Party Risk to the Nth Degree appeared first on Help Net Security.

Help Net Security

Are your passwords among the 100,000 most breached ones?

18 hours 36 minutes ago

Year after year, the list of most often used passwords changes but a little: the latest one, compiled by infosec researcher Troy Hunt and published by the UK National Cyber Security Centre (NCSC), puts “123456”, “123456789”, “qwerty”, “password” and “111111” on the top five spots. The entire list of the top 100,000 most used passwords can be checked out here and predictably holds many common words, names, number combinations and even single letters and numbers. … More →

The post Are your passwords among the 100,000 most breached ones? appeared first on Help Net Security.

Zeljka Zorz

The foundation: Quantifying risk with focused security measurement

22 hours 46 minutes ago

When you hear “quantify risk,” you might think it’s the buzz-term du jour. You might be right. Risk quantification is a hot topic right now. It seems everyone who touches security – from the C-suite to the board – has this at the forefront of their mind. As a security leader, you’re likely being asked about quantifying risk, perhaps more so now than ever before. You might be pressed to answer with much confidence. When … More →

The post The foundation: Quantifying risk with focused security measurement appeared first on Help Net Security.

Help Net Security

Attackers are weaponizing more vulnerabilities than ever before

22 hours 57 minutes ago

2018 had the most weaponized vulnerabilities ever (177), which represents a 139% increase compared to 2017, according to the RiskSense latest report. In addition, the rate of exploits discovered in the wild before a patch was available was nearly three times higher last year than the previous record set in 2010. The RiskSense Vulnerability Weaponization Insights Report provides an in-depth analysis of vulnerabilities and weaponization patterns across the Adobe family of products from August 1996 … More →

The post Attackers are weaponizing more vulnerabilities than ever before appeared first on Help Net Security.

Help Net Security

PDF: The vehicle of choice for malware and fraud

23 hours 12 minutes ago

There has been a substantial increase of fraudulent PDF files, according to a report by SonicWall Capture Labs threat researchers. This fraud campaign takes advantage of recipients’ trust in PDF files as a “safe” file format that is widely used and relied upon for business operations. “Increasingly, email, Office documents and now PDFs are the vehicle of choice for malware and fraud in the cyber landscape,” said SonicWall President and CEO Bill Conner. “In all … More →

The post PDF: The vehicle of choice for malware and fraud appeared first on Help Net Security.

Help Net Security

Scientists may have identified a new way to improve network security

23 hours 27 minutes ago

With cybersecurity one of the nation’s top security concerns and billions of people affected by breaches last year, government and businesses are spending more time and money defending against it. Researchers at the U.S. Army Combat Capabilities Development Command’s Army Research Laboratory, the Army’s corporate research laboratory also known as ARL, and Towson University may have identified a new way to improve network security. Many cybersecurity systems use distributed network intrusion detection that allows a … More →

The post Scientists may have identified a new way to improve network security appeared first on Help Net Security.

Help Net Security

As bad bots grow more sophisticated, so does the number of industries impacted by them

23 hours 42 minutes ago

Bot attack sophistication continues to evolve, as advanced attackers learn to adapt their techniques in order to invalidate existing defense tactics, according to Distil Networks. The report investigates hundreds of billions of bad bot requests from 2018 over thousands of domains to provide deeper insight into the daily automated attacks wreaking havoc on websites, mobile apps and APIs. “Bot operators and bot defenders are playing an incessant game of cat and mouse, and techniques used … More →

The post As bad bots grow more sophisticated, so does the number of industries impacted by them appeared first on Help Net Security.

Help Net Security

Underserved populations unaware of cybersecurity risks

23 hours 57 minutes ago

Members of underserved populations are less likely to know whether they have even been victimized by a cyber attack, and they have lower awareness of cybersecurity risks. Partly as a result, they are also less likely to access vital online services, such as banking, health services, educational programs, and other resources, which could lead to them falling behind economically, according to a survey of more than 150 San Franciscans at diverse community-based organizations across San … More →

The post Underserved populations unaware of cybersecurity risks appeared first on Help Net Security.

Help Net Security

Week in review: G Suite security enhancements, Microsoft 365 security

1 day 21 hours ago

Here’s an overview of some of last week’s most interesting news and articles: One hundred percent of endpoint security tools eventually fail Endpoint security tools and agents fail, reliably and predictably, according to the 2019 Global Endpoint Security Trends Report from Absolute. Microsoft 365 security: Protecting users from an ever-evolving threat landscape In this age of frequent security and data breaches, the statement “We take our customers’ privacy and security very seriously” has been heard … More →

The post Week in review: G Suite security enhancements, Microsoft 365 security appeared first on Help Net Security.

Help Net Security

Xerox adds an extra layer of protection to Xerox AltaLink multifunction printers

2 days 1 hour ago

Xerox announced security enhancements to its line of Xerox AltaLink Multifunction Printers (MFPs), providing IT managers, network administrators and chief information security officers with an extra layer of protection and a more proactive approach to network threats. “While other networked print devices use a fractured, manual approach to cybersecurity, Xerox employs an automated response that neutralizes threats at their source,” said Dr. Alissa J. Abdullah, chief information security officer, Xerox. “Instantaneous responses are critical when … More →

The post Xerox adds an extra layer of protection to Xerox AltaLink multifunction printers appeared first on Help Net Security.

Industry News

Evident and Okta partnership simplifies identity verification and reduces risk for businesses

2 days 2 hours ago

Evident, the revolutionary platform that powers identity and credential verification for many of the world’s fastest-growing companies, announced it has partnered with Okta, the leading independent provider of identity for the enterprise. The integrated solution enables businesses across industries to access and move seamlessly between multiple identity verification methods while dramatically reducing their exposure to sensitive or regulated information. Okta and Evident’s integration makes it easier and quicker for companies to efficiently verify identity to … More →

The post Evident and Okta partnership simplifies identity verification and reduces risk for businesses appeared first on Help Net Security.

Industry News

Idera’s new integration allows teams to further secure their software development lifecycle

2 days 2 hours ago

Idera, parent company of global B2B software productivity brands, announced powerful new integration capabilities between its Assembla and Kiuwan products. The integration allows development teams on Assembla to “shift left” and further secure their software development lifecycle by automatically scanning code in their Assembla repositories with Kiuwan’s enterprise-grade application security testing engine. Verizon’s 2018 Data Breach Investigations Report1 found that attacks on web applications exploiting code-level or authentication mechanism vulnerabilities led to the highest number … More →

The post Idera’s new integration allows teams to further secure their software development lifecycle appeared first on Help Net Security.

Industry News

Cryptography

Tasker: Total Automation for Android

The Register

High Court confirms the way UK banned GSM gateways was illegal

14 hours 13 minutes ago
Ministers can't tell Ofcom to ignore the law after all

UK comms regulator Ofcom can't be ordered to ignore its legal duties, the High Court has ruled, paving the way for GSM gateway operators to claim compensation after Home Office ministers and mandarins destroyed their businesses.…