Managing the risks of unstructured data growth
Locating and identifying sensitive data, including defense-in-depth strategies where a series of mechanisms are layered to protect valuable information, should be a critical component of…
Category: HelpnetSecurity
Rookout’s Snapshots: The fourth pillar of observability for more secure applications
Liran Haimovitch, CTO and co-founder of Rookout, with his extensive background in cybersecurity within the Israeli government, has a unique perspective on the importance of…
Passbolt: Open-source password manager for security-conscious organizations
In this Help Net Security interview, Kevin Muller, CEO at Passbolt, delves into the critical concerns linked to password usage, outlines how the Passbolt password…
Millions still exposed despite available fixes
Although KEV catalog vulnerabilities are frequent targets of APT Groups, a large and exploitable attack surface remains due to software vendors’ lack of awareness and…
Week in review: 3CX supply chain attack, ChatGPT data leak
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Visa fraud expert outlines the many faces of payment ecosystem…
OSC&R open software supply chain attack framework now on GitHub
OSC&R (Open Software Supply Chain Attack Reference) is an open framework for understanding and evaluating software supply chain security threats. It has received the endorsement…
The foundation of a holistic identity security strategy
Only 9% of organizations are taking an agile, holistic and mature approach to securing identities throughout their hybrid and multi-cloud environments, according to CyberArk. A…
Overcoming obstacles to introduce zero-trust security in established systems
In this Help Net Security interview, Michal Cizek, CEO at GoodAccess, discusses the crucial balance between leveraging distributed resources and maintaining top-notch security measures. With…
New infosec products of the week: March 31, 2023
Here’s a look at the most interesting products from the past week, featuring releases from BreachLock, HackNotice, LOKKER, Nile, and Tausight. HackNotice Actions helps people…
Cloud diversification brings complex data management challenges
As IT infrastructure becomes more diverse, organizations face the challenge of integrating data management and control, according to Nutanix. The research showed that the majority…
Intruder unveils API scanning to help organizations reduce exposure
Intruder updates its cloud-based vulnerability management service, allowing organisations of all sizes to secure their APIs by automatically detecting vulnerabilities, gaps, security weaknesses, and misconfigurations…
Ransomware gangs are exploiting IBM Aspera Faspex RCE flaw (CVE-2022-47986)
Attackers are exploiting a critical vulnerability (CVE-2022-47986) in the IBM Aspera Faspex centralized file transfer solution to breach organizations. About CVE-2022-47986 IBM Aspera Faspex is…