Help Net Security

A software supply chain attack has lead to the publication of malicious versions of Solana’s web3.js library on the npm registry. Just like the recent Lottie Player supply chain compromise, this attack was reportedly made possible due to compromised (phished) npm.js account credentials. What happened? “Earlier today, a publish-access account was compromised for @solana/web3.js, a JavaScript library that is commonly used by Solana [decentralized apps]. This allowed an attacker to publish unauthorized and malicious packages … More →

The post Solana’s popular web3.js library backdoored in supply chain compromise appeared first on Help Net Security.

A targeted hunt on 2,500 mobile devices for indicators of compromise associated with mercenary spyware has revealed that its use is not as rare as one would hope. The results of the hunt Earlier this year, iVerify added a “Mobile Threat Hunting” feature to its mobile device security solution for Android-based phones and iPhones and urged users to try it out. 2,500 of them did, and six (possibly seven) discovered that they’ve been infected with … More →

The post How widespread is mercenary spyware? More than you think appeared first on Help Net Security.

Password policies are a cornerstone of cybersecurity for any organization. A good password policy ensures every end user has a strong and unique password, significantly reducing the risk of unauthorized access and data breaches. These policies not only protect sensitive data but also align with best practices and compliance requirements, such as those outlined by NIST. Specops research has found that passwords are still used by 88% of organizations. So even if they can cause … More →

The post Product showcase: Securing Active Directory passwords with Specops Password Policy appeared first on Help Net Security.

Researchers have published a proof-of-concept (PoC) exploit for CVE-2024-8785, a critical remote code execution vulnerability affecting Progress WhatsUp Gold, a popular network monitoring solution for enterprises. CVE-2024-8785 and the PoC exploit CVE-2024-8785 stems from the incorrect use of a privileged application programming interface (API) that may allow attackers to overwrite the Windows Registry. The API endpoint in question – NmAPI.exe – can be exploited by unauthenticated, remote attackers to change an existing registry value or … More →

The post PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) appeared first on Help Net Security.

Fortinet announced FortiAppSec Cloud, a new cloud-delivered platform that integrates key web application security and performance management tools into a single offering. The platform streamlines web and API security, advanced bot defense, and global server load balancing, among other capabilities, so customers can confidently secure and manage their hybrid and multi-cloud environments. “Web applications are foundational to the success of modern enterprises, but they are extremely challenging to secure, leaving businesses with a substantial attack … More →

The post FortiAppSec Cloud simplifies web application security management appeared first on Help Net Security.

AttackIQ announced AttackIQ Flex 3.0, agentless security control validation that integrates natively with Splunk to deliver a fully seamless user experience. A growing need for efficient and accurate threat detection As cyber threats grow more sophisticated, organizations are struggling to detect and mitigate breaches. In 2024, it takes organizations on average about 10 days to detect an attacker, while it only takes an adversary mere hours to accomplish their objective. Meanwhile, most organizations’ threat detection … More →

The post AttackIQ Flex 3.0 empowers security teams to take control of their detection strategies appeared first on Help Net Security.

Veeam Software released Veeam Data Platform v12.3. This release encompasses three key objectives for enterprises: protecting identity and access management with support for backing up Microsoft Entra ID, powering proactive threat analysis with Recon Scanner and Veeam Threat Hunter, and utilizing Generative AI to deliver more intelligent protection of enterprise data with advanced reporting powered by Veeam Intelligence. In addition, Veeam Data Platform v12.3 expands data portability by offering complete Nutanix AHV protection with application-aware … More →

The post Veeam Data Platform v12.3 encompasses three key objectives for enterprises appeared first on Help Net Security.

Elastic announced Elastic Security now offers expanded cloud detection and response (CDR) capabilities from a single SIEM to reduce tool fragmentation and streamline cloud security. The additional features include agentless ingestion, cloud asset inventory, extended protections, and graph view that enables out-of-the-box correlation and context enrichment using customers’ existing data. Legacy security solutions have complex workflows and lack cloud-specific context, making them inadequate for the scale and complexity of cloud environments. Using standalone CDR tools … More →

The post Elastic expands cloud detection and response capabilities from a single SIEM appeared first on Help Net Security.

Veza announced Veza Access Requests product, enabling organizations to reduce the risk of identity-based threats with automated access policy intelligence for application access. Veza Access Requests ensures that users requesting access are automatically provisioned according to the principle of least privilege from day one. For the first-time ever, access requests are now built on the power of permissions – the purest form of access – to help organizations truly embrace identity transformation towards the principle … More →

The post Veza Access Requests reduces the risk of identity-based threats appeared first on Help Net Security.

42Gears launched SureAccess, a Zero Trust Network Access (ZTNA) solution. This solution reinforces the company’s commitment to enterprise security by ensuring that only authenticated users and verified devices can access corporate resources from anywhere, anytime. “SureAccess represents our response to evolving security challenges, offering organizations a robust solution that verifies every access attempt, regardless of location or device,” said Onkar Singh, CEO of 42Gears. SureAccess (42Gears’ ZTNA solution) is designed to protect organizations from unauthorized access, data breaches, … More →

The post 42Gears SureAccess secures organizations from unauthorized access appeared first on Help Net Security.

SafeLine is an open-source and self-hosted Web Application Firewall (WAF) that protects websites from cyber attacks. “SafeLine WAF was created to protect web applications for small and medium-sized enterprises from cyber threats by monitoring and filtering HTTP/HTTPS traffic. More importantly, with the widespread use of Gen AI, automated website traffic has become increasingly overwhelming, negatively impacting the normal user experience and business operations. Therefore, we aim to create a WAF with robust anti-bot and anti-HTTP … More →

The post SafeLine: Open-source web application firewall (WAF) appeared first on Help Net Security.

In this Help Net Security interview, Niv Braun, CEO at Noma Security, discusses the difficulties security teams face due to the fragmented nature of AI processes, tools, and teams across the data and AI lifecycle. Braun also shares insights on how organizations can address these challenges and improve their AI security posture. How is the growing AI model sprawl impacting governance, and what strategies are being implemented to mitigate compliance risks? The new focus on … More →

The post Securing AI’s new frontier: Visibility, governance, and mitigating compliance risks appeared first on Help Net Security.

The geographic distribution of open-source contributions introduces geopolitical risks that organizations must urgently consider, especially with rising nation-state attacks, according to Lineaje. Open-source code risks rise with anonymous contributions Microsoft estimates that its customers face 600 million cyberattacks daily, 24% of which are nation-state attackers targeting the IT sector. With software supporting increasingly vital systems, the origin of code has become a matter of national and economic security. 34% of open-source contributions come from the … More →

The post 70% of open-source components are poorly or no longer maintained appeared first on Help Net Security.

High-risk access exists throughout the workplace, in almost every job role, proving that the time has come for organizations to re-think the way they protect their workforce, according to CyberArk. CyberArk surveyed 14,003 employees in the UK, USA, France, Germany, Australia and Singapore to uncover workforce behaviors that security teams are most keen to put a stop to. Employees depend on privileged access to complete daily tasks These days, almost all employees have some kind … More →

The post 65% of office workers bypass cybersecurity to boost productivity appeared first on Help Net Security.

Veeam has fixed two vulnerabilities in Veeam Service Provider Console (VSPC), one of which (CVE-2024-42448) may allow remote attackers to achieve code exection on the VSPC server machine. The vulnerabilities Veeam Service Provider Console is a cloud-enabled platform that allows enterprises to manage and monitor backup operations across their offices. It’s also used by service providers to deliver Backup-as-a-Service (BaaS) and Disaster Recovery-as-a-Service (DRaaS) services to customers. The solution uses management agents to interact with … More →

The post Veeam plugs serious holes in Service Provider Console (CVE-2024-42448, CVE-2024-42449) appeared first on Help Net Security.

A joint investigation team involving French and Dutch authorities has taken down Matrix, yet another end-to-end encrypted chat service created for criminals. Matrix (Source: Dutch Police) The Matrix encrypted chat service Matrix – also know as Mactrix, Totalsec, X-quantum, and Q-safe – was first identified by Dutch authorities on the phone of a criminal convicted for the murder of Dutch crime journalist Peter R. de Vries in 2021, and the discovery prompted an investigation into … More →

The post Police takes down Matrix encrypted chat service used by criminals appeared first on Help Net Security.

The cyber world needs your expertise. However, the security leaders of tomorrow require a broad set of skills that job experience alone does not arm you with. What do organizations demand? And how can you acquire the technical and soft skills that drive business prosperity? Download the whitepaper to: Overcome cybersecurity challenges putting enterprise success at risk Make a positive and lasting impact Explore the 9 key characteristics of effective leaders in the field Fill … More →

The post Whitepaper: 9 traits of effective cybersecurity leaders of tomorrow appeared first on Help Net Security.

N2WS has unveiled new enhancements to its cloud-native backup and disaster recovery (BDR) platform. These updates empower enterprises and managed service providers (MSPs) to address the growing threats of ransomware and other malicious attacks while cutting operational costs, streamlining cross-cloud and multi-cloud data management, and maximizing the potential of their cloud investments without stressing budgets. Despite the advancements in cybersecurity strategies and the growth of security products over the years, the latest data paints a … More →

The post N2WS platform enhancements improve restore time for enterprises and MSPs appeared first on Help Net Security.

Sweet Security introduces unified Cloud Native Detection and Response platform, designed to transform the way organizations protect their cloud environments in real time. Sweet’s platform integrates the capabilities of Application Detection and Response (ADR), Cloud Detection and Response (CDR), and Cloud Workload Protection Platform (CWPP) into one comprehensive solution. This approach delivers detection and response capabilities, unifying insights from every layer of the cloud stack. “The Sweet team has worked tirelessly to build a platform … More →

The post Sweet Security helps organizations protect their cloud environments appeared first on Help Net Security.

Phishers have come up with a new trick for bypassing email security systems: corrupted MS Office documents. The spam campaign Malware hunting service Any.Run has warned last week about email campaigns luring users with promises of payments, benefits and end-of-the-year bonuses. Recipients are instructed to dowload the attached document – an archive file (ZIP) or an MS Office file (e.g., DOCX) – and open it, but the file is corrupted. The recipients are then prompted … More →

The post Phishers send corrupted documents to bypass email security appeared first on Help Net Security.