Inconsistent security strategies fuel third-party threats
47% of organizations have experienced a data breach or cyberattack over the past 12 months that involved a third-party accessing their network, according to Imprivata…
Category: HelpnetSecurity
New infosec products of the week: February 14, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Armor, EchoMark, Netwrix, Palo Alto Networks, and Socure. Palo Alto…
North Korean hackers spotted using ClickFix tactic to deliver malware
North Korean state-sponsored group Kimsuky (aka Emerald Sleet, aka VELVET CHOLLIMA) is attempting to deliver malware to South Korean targets by leveraging the so-called “ClickFix”…
Palo Alto Networks Cortex Cloud applies AI-driven insights to reduce risk and prevent threats
Palo Alto Networks introduced Cortex Cloud, the next version of Prisma Cloud, that natively brings together new releases of its cloud detection and response (CDR)…
Sandworm APT’s initial access subgroup hits organizations accross the globe
A subgroup of Russia’s Sandworm APT has been working to achieve initial and persistent access to the IT networks of organizations working in economic sectors…
PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108)
Palo Alto Networks has fixed a high-severity authentication bypass vulnerability (CVE-2025-0108) in the management web interface of its next-gen firewalls, a proof-of-concept exploit (PoC) for…
Salvador Tech releases Edge-Recovery Platform
Salvador Tech introduced a Edge-Recovery Platform, a leap forward in comprehensive cyber resilience in the Operational Technology (OT) and Industrial Control Systems (ICS) landscape. This…
The UK’s secret iCloud backdoor request: A dangerous step toward Orwellian mass surveillance
The United Kingdom government has secretly requested that Apple build a backdoor into its iCloud service, granting the government unrestricted access to users’ private data.…
Over 3 million Fortune 500 employee accounts compromised since 2022
More than three million employee-linked corporate accounts were compromised between 2022 and 2024 across Fortune 500 companies, according to Enzoic. This surge is fueled by…
Making sense of database complexity
IT leaders are grappling with increasingly complex database environments. According to a new survey from Redgate, key concerns include protecting sensitive data, navigating regulatory compliance,…
Socure RiskOS boosts identity verification and fraud prevention
Socure announced its new RiskOS platform. RiskOS builds on Socure’s strategic acquisition of Effectiv by integrating its sophisticated orchestration and decisioning engine with Socure’s identity verification and…
Netwrix simplifies managing vendor and third-party access
Netwrix released the new component of Netwrix Privilege Secure, which simplifies secure remote access for distributed workforces and third-party vendors. The new add-on reduces the…