Security News

Lastest stories from HelpNetSecurity

• New infosec products of the week: March 31, 2023
  March 31, 2023 by Help Net Security
  Here’s a look at the most interesting products from the past week, featuring releases from BreachLock, HackNotice, LOKKER, Nile, and Tausight. HackNotice Actions helps people to understand the extent of their data exposure HackNotice is offering additional tailored protection via its new service, HackNotice Actions. Further empowering employees, HackNotice Actions reaches out to any company […]
• Overcoming obstacles to introduce zero-trust security in established systems
  March 31, 2023 by Mirko Zorz
  In this Help Net Security interview, Michal Cizek, CEO at GoodAccess, discusses the crucial balance between leveraging distributed resources and maintaining top-notch security measures. With the growing remote work trend, Cizek highlights the importance of implementing a zero-trust security model, emphasizing the complexities and challenges of such an endeavor. How can organizations make the most […]
• The foundation of a holistic identity security strategy
  March 31, 2023 by Help Net Security
  Only 9% of organizations are taking an agile, holistic and mature approach to securing identities throughout their hybrid and multi-cloud environments, according to CyberArk. A critical path for cyber resilience The data-driven model identifies 9% of organizations as those with the most mature and holistic identity security strategies. These transformative organizations have a well-rounded focus […]
• Cloud diversification brings complex data management challenges
  March 31, 2023 by Help Net Security
  As IT infrastructure becomes more diverse, organizations face the challenge of integrating data management and control, according to Nutanix. The research showed that the majority of IT teams leverage more than one IT infrastructure, a trend that’s expected to intensify in the future, but struggle with visibility of data across environments with only 40% reporting […]
• OSC&R open software supply chain attack framework now on GitHub
  March 31, 2023 by Help Net Security
  OSC&R (Open Software Supply Chain Attack Reference) is an open framework for understanding and evaluating software supply chain security threats. It has received the endorsement of former U.S. NSA Director Admiral Mike Rogers, and is now available on GitHub. Spearheaded by OX Security, OSC&R is a MITRE-like framework designed to provide a common language and […]
• Ransomware gangs are exploiting IBM Aspera Faspex RCE flaw (CVE-2022-47986)
  March 30, 2023 by Zeljka Zorz
  Attackers are exploiting a critical vulnerability (CVE-2022-47986) in the IBM Aspera Faspex centralized file transfer solution to breach organizations. About CVE-2022-47986 IBM Aspera Faspex is used by organizations to allow employees to quickly and securely exchange files with each other. (The files are uploaded to and downloaded from a centralized Aspera transfer server.) CVE-2022-47986 is […]