The recent targeted attacks exploiting the (at the time) zero-day remote code execution vulnerability (CVE-2021-40444) in Windows via booby-trapped Office documents have been delivering custom Cobalt Strike payloads, Microsoft and Microsoft-owned RiskIQ have shared. The researchers also found connections between the attackers’ exploit delivery infrastructure and an infrastructure previously used by attackers to deliver human-operated ransomware, the Trickbot trojan and the BazaLoader backdoor/downloader. The attacks and their possible goals Judging by the email lures used … More →
The post CVE-2021-40444 exploitation: Researchers find connections to previous attacks appeared first on Help Net Security.
After offering the passwordless authentication option to enterprise customers in March 2021, Microsoft has now started rolling it out to its consumer segment of users. The Passwordless account option “Beginning today, you can now completely remove the password from your Microsoft account. Use the Microsoft Authenticator app, Windows Hello, a security key, or a verification code sent to your phone or email to sign in to your favorite apps and services, such as Microsoft Outlook, … More →
The post Microsoft announces passwordless authentication option for consumers appeared first on Help Net Security.
According to recent research, federal spending on cloud computing is anticipated to grow from $6.8 billion in 2020 to nearly $7.8 billion in 2022. As this adoption accelerates, the information environment remains highly distributed and riddled with duplicative information, hindering decision makers with limited access to authoritative data, poor data integration across disparate systems, and low-quality data. This, paired with the “anything you can do, I can do better” mantra adopted by today’s nation-state threat … More →
The post Keys to the cloud: Unlocking digital transformation to enhance national security appeared first on Help Net Security.
Bot attack volumes grew 41% year over year with human-initiated attacks falling 29%, according to a report from LexisNexis Risk Solutions. The report confirms earlier trend patterns showing the financial services industry and media businesses bear the brunt of increased automated bot network attacks. The report analyzed 28.7 billion transactions over the six-month period, up 28% year over year, attributed to increased transaction volumes from existing customers and an increased customer base. The increased shift … More →
The post Bot attack volumes growing 41% year over year, human-initiated attacks down 29% appeared first on Help Net Security.
AuditBoard announced the results of a survey of corporate chief audit executives (CAEs) that reveals the long-term impacts of COVID on their operations and the profession at large. The survey polled more than 175 CAEs across a range of industries, uncovering five key trends respondents believe will have long-term impacts on internal audit teams — from an increased reliance on technology to innovative new ways of conducting audits. Audit teams will be more focused on … More →
The post The long-term impacts of the pandemic on internal audit teams appeared first on Help Net Security.
A study from Juniper Research has found the global value of the CPaaS market will exceed $10 billion for the first time in 2022; rising from $8.6 billion in 2021. This represents growth of 17% year-on-year. To capitalise on this remarkable growth, the research predicts CPaaS vendors will seek to further differentiate their services by integrating novel solutions directly into their service platforms. Customer data platforms: Key to differentiation The study urges platform vendors to … More →
The post CPaaS market value to exceed $10 billion in 2022 appeared first on Help Net Security.
MicroAge sought feedback from IT professionals to explore the performance of modern (and not-so-modern) managed service providers (MSPs). The survey found that even satisfactory MSPs are falling short in certain key areas: cloud strategy, security, and IT spending. MSPs and their clients falling behind as remote workforce evolves As remote and hybrid workforces continue to evolve at a breakneck pace, MSPs that cannot modernize will find themselves—and their clients—falling behind. In newly remote connected workforces, … More →
The post MSPs that cannot modernize will find themselves and their clients falling behind appeared first on Help Net Security.
Employers must act now to ensure staff have the modern skills to stay productive during hybrid working, says Questionmark. While firms are continuing to let staff work remotely for at least some of the week, most employees have noticed dips in their productivity. Hybrid working, with staff splitting their week between home and the office, looks set to form the future of work. Almost 40% of workers would consider quitting if their employer won’t allow … More →
The post Firms embracing hybrid working, but must ensure teams have the modern skills to stay productive appeared first on Help Net Security.
Creating a cybersecurity plan is the first step in starting secure and staying secure. Consider this when planning a budget, getting support from staff, and creating company goals. Here are the five essential Ws for getting started. Why you should add cybersecurity to your budget Don’t wait until there is a problem to start thinking about a cybersecurity plan. A company may not consider cybersecurity in their budgeting. When there is an attack, the costs … More →
The post The 5 Ws for building a strong cybersecurity plan appeared first on Help Net Security.
Code42 launched the Code42 Instructor microlearning solution, a new Insider Risk education offering that improves Insider Risk awareness by focusing on the creation of holistic, security-oriented cultures. The solution delivers actionable, hyper-targeted and bite-sized lessons to end-users when they’re needed most, helping to change security behavior for the long term. Instructor can be used directly with the Code42 Incydr product to decrease accidental risk with right-sized, right-timed situational guidance that’s relevant for specific end-users at … More →
The post Code42 Instructor gives security teams the ability to correct risky behaviors appeared first on Help Net Security.
Beyond Identity announced a solution that closes a critical vulnerability and secures the software supply chain against insider threats and malicious attacks. Beyond Identity’s new Secure DevOps product establishes a simple, secure, and automated way to confirm that all source code entering a corporate repository and processed by the continuous integration/continuous deployment (CI/CD) pipeline is signed by a key that is cryptographically bound to a corporate identity and device. This ensures trust, integrity, and auditability … More →
The post Beyond Identity’s solution secures the software supply chain against insider threats and malicious attacks appeared first on Help Net Security.
Snowflake announced the Financial Services Data Cloud, which unites Snowflake’s platform governance capabilities, Snowflake- and partner-delivered solutions, and industry-critical datasets, to help Financial Services organizations revolutionize how they use data to drive business growth and deliver better customer experiences. As customer expectations, regulatory requirements, and data volumes rise, Snowflake’s Data Cloud helps organizations accelerate their top-line growth and innovation while mitigating risk. Banking, insurance, fintech, and investment management customers, and others in the financial services … More →
The post Snowflake helps financial services organizations leverage data to drive business growth appeared first on Help Net Security.
Embroker released two new standalone digital insurance products: Cyber Insurance and Commercial Crime Insurance. Embroker insurance products, built digitally from the ground up, are designed for privately held small to medium sized businesses that are being underserved by legacy commercial insurance carriers. Because of the recent rash of ransomware attacks, businesses of all sizes are more concerned than ever about the risks of cyberattacks on their business. Yet a sizable portion of small business owners … More →
The post Embroker launches two standalone digital insurance products for privately held SMBs appeared first on Help Net Security.
Cardknox announced its support for 3-D Secure 2.0 (3DS2) technology, a next-generation e-commerce payment security protocol developed by EMVco. 3DS2 authenticates cardholder identities in real-time during the checkout process, which reduces fraud and chargebacks without compromising on the checkout experience. This technology is now available through a Cardknox gateway e-commerce integration, as well as with PaymentSITE, Cardknox’s customizable online payment form. Benefits of 3-D Secure 2.0 technology include: Robust, risk-based authentication that uses a greater … More →
The post Cardknox supports 3DS2 technology to decrease online fraud and reduce chargebacks appeared first on Help Net Security.
Juniper Networks announced new features within the AI-driven enterprise portfolio that enable customers to scale and simplify the rollout of their campus wired and wireless networks while bringing greater insight and automation to network operators. The enhancements to the Juniper Mist cloud and AI engine, which include EVPN-VXLAN campus fabric management and additional Marvis Actions for proactive problem remediation, expand on Juniper’s unique automation, AIOps and cloud capabilities to streamline IT operations, lower costs and … More →
The post Juniper Networks enables customers to scale and simplify the rollout of their campus networks appeared first on Help Net Security.
DataStax announced that its cloud database – Astra DB – can now easily be deployed in multiple cloud provider regions, empowering any organization to deliver engaging, interactive digital experiences for customers anywhere on the globe. Through its combination of pay-as-you-go serverless architecture and new multi-region capability, Astra DB can reduce the cost and complexity of replicating geo-distributed databases with always-on business continuity and built-in disaster recovery. Astra DB is built on Apache Cassandra, the open … More →
The post DataStax Astra DB offers replication across multiple regions and clouds appeared first on Help Net Security.
Hillstone Networks released Hillstone virtual Web Application Firewall (vWAF) as part of its full breadth of cybersecurity solutions. vWAF addresses and protects against the barrage of vulnerabilities that are regularly reported in web applications and pose a significant threat to an enterprise’s security posture. With vWAF, customers can fully secure applications that span multiple data centers or clouds. With proactive Layer-7 security, it detects and defends against attacks at both the network layer (DDoS attacks, … More →
The post Hillstone virtual Web Application Firewall detects and defends against treats in web applications appeared first on Help Net Security.
Accenture and IonQ are collaborating to accelerate quantum computing business experimentation in organizations globally and across industries. Accenture’s experience and skills in quantum, coupled with its ability to design and create customized industry solutions tailored to IonQ’s quantum computing technology, will help more companies innovate and become quantum ready. The exploration of quantum in business is growing rapidly, driven by the anticipated business value and competitive advantage it promises to deliver. Quantum computing’s vast potential … More →
The post Accenture partners with IonQ to accelerate quantum computing business experimentation appeared first on Help Net Security.
Industrial Defender announced a new partnership with Diverse Solutions Engineering to enhance cybersecurity within the oil, gas and petrochemical sectors. As cyberattacks, such as the ransomware attack against Colonial Pipeline, continue to dominate the news cycle, there is a growing rise in safety concerns should a malicious actor gain access to an oil, gas, or petrochemical company’s network. Coupled with the recent announcement of new cybersecurity standards from the Transportation Security Administration (TSA) and Occupational … More →
The post Industrial Defender partners with Diverse Solutions Engineering to elevate OT cybersecurity appeared first on Help Net Security.
It’s an eternal question among IT organizations: how do you keep corporate data and devices safe without hampering the user experience – particularly in the world of hybrid work? For Synopsys the answer was clear: Citrix Systems. As it organizes around flexible work, Synopsys, is using the company’s digital workspace platform and secure access solutions to overcome the challenges that distributed IT and work models are creating. These Citrix solutions provide secure and reliable access … More →
The post Synopsys protects corporate assets with Citrix workspace solutions appeared first on Help Net Security.
Daily information security news with a focus on enterprise security.
Subscribe to Help Net Security feed