Search results for: vulnerability

HelpSystems acquires Beyond Security to expand cyber protection portfolio

Beyond Security’s cloud-based products enable hundreds of organizations to easily scan their growing, complex environments for network or application vulnerabilities. The team and solutions from Beyond Security will fit into HelpSystems’ popular infrastructure protection portfolio featuring Digital Defense, Core Security, and Cobalt Strike. “Our global customers trust us to provide them with powerful, reliable security software to protect their data and infrastructure from malicious adversaries,” said Kate Bolseth, CEO, HelpSystems. “Beyond Security meets strong demand … More

RidgeBot 3.4: Allowing users to validate security risks in their internal networks

Ridge Security announces new capabilities in RidgeBot 3.4, for post-exploitation validation. This new release further differentiates RidgeBot from vulnerability scanners and 1-step auto-exploitation tools that are currently available and strengthens RidgeBot’s position as a true risk-based vulnerability management platform. Post-exploitation operations are advanced hacking techniques, often utilized by an APT (Advanced Persistent Threat) attacks, including the notorious DarkSide hacker group that recently targeted the Colonial Pipeline. Post-exploitation refers to the phase of operation after a … More

Cisco to acquire Kenna Security to help customers improve their security posture

Kenna’s risk-based vulnerability management technology enables organizations to work cross-functionally to rapidly identify, prioritize and remediate cyber risks. With this acquisition, Cisco will transform the way security and IT teams collaborate to reduce the attack surface and the time it takes to detect and respond. The ability to prioritize vulnerabilities based on threat intelligence and business impact has never been more important. The world and the way we work is dynamic, and organizations are struggling … More

backup

Maximizing a hybrid cloud approach with colocation

As a multi-tenant cloud environment, the public cloud offers companies with vast amounts of data a highly affordable option. However, it also presents a number of limitations including reliability challenges, a lack of control and transparency, and information security issues. First, uptime reliability can be a major issue for public cloud architectures. Popular cloud platforms – including Google Cloud, Microsoft Azure, Amazon AWS, and IBM Cloud – typically offer a 99.99% uptime guarantee, but relying … More

hand

When exploit code precedes a patch, attackers gain a massive head start

Cybersecurity researchers that publicize exploit code used in cyberattacks are giving a clear and unequivocal advantage to attackers, new research conducted by Kenna Security and Cyentia Institute has found. “This data-driven research, built over the course of several years, should remove any doubt,” said Ed Bellis, CTO of Kenna Security. “Practices that have long been central to the cybersecurity ecosystem, that many of us thought were beneficial, are in fact harmful to defenders.” Exploit code … More

NetSPI raises $90M to fuel innovation, growth, global expansion and product innovation

NetSPI announced it has raised $90 million in growth funding led by KKR, with participation from Ten Eleven Ventures. The investment will be used to further accelerate NetSPI’s rapid growth by expanding the company’s cyber security and client experience teams, investing in product innovation, and deepening operations across U.S. and international markets. “The reality is that cyber security attacks today are inevitable and put organizations at grave risk,” said NetSPI President and Chief Executive Officer … More

Acronis Cyber Protect

Product Showcase: Acronis Cyber Protect

Considering the breadth and diversity of attacks facing today’s organizations, it’s no wonder cybersercurity and IT professionals are relying on an ever expanding arsenal of new tools and technologies. A recent survey revealed that nearly 80% of organizations now have up to 10 different protection and cybersecurity tools and agents running simultaneously – including continuous data protection, vulnerability assessments, URL filtering, automated patch management, etc. The issue is that all of these services are delivered … More

Top security threats for power plants and how to proactively avoid them

Power plants are one of the most vitally important components of modern civilization’s infrastructure. A disruption in energy production impacts all aspects of society from healthcare to national security. Eliminating a country’s ability to generate energy is a powerful weapon that demands effective defensive measures. At one time, power plant security only involved physically protecting facilities and generating equipment. The computerization of the industry has made it exponentially more challenging to maintain power plant security. … More

HackerOne partners with SecurityScorecard to evaluate corporate and supply chain cyber risk

HackerOne and SecurityScorecard announced an integrated solution that uses hacker-powered security signals and data as a leading indicator for evaluating corporate and supply chain cyber risk. With this integration, SecurityScorecard users will gain visibility into relevant security issues and ‘hacker activity’ for vendor Scorecards before they can be exploited and receive actionable Insights in a single pane of glass. By seamlessly integrating the HackerOne API into the SecurityScorecard platform, users will now be able to … More

Patch Tuesday

May 2021 Patch Tuesday: Adobe fixes exploited Reader 0-day, Microsoft patches 55 holes

On this May 2021 Patch Tuesday: Adobe has fixed a Reader flaw exploited in attacks in the wild, as well as delivered security updates for eleven other products, including Magento, Adobe InDesign, Adobe After Effects, Adobe Creative Cloud Desktop Application, and others Microsoft has plugged 55 security holes, none actively exploited SAP has released 14 new and updated security patches Adobe updates Adobe has released security updates for 12 of its products, fixing a total of … More

Trend Micro and Snyk launch SaaS solution to improve visibility and tracking automation

Trend Micro launched a new, co-built SaaS solution with Snyk. It’s designed to provide continuous insight into open source vulnerabilities for enhanced risk management to drive data-driven decisions. Trend Micro Cloud One – Open Source Security by Snyk is the newest Cloud One service and the first partner addition to the platform, which is available through the channel as well as AWS Marketplace. This is the first service that provides visibility into open source software … More

analyst

The best CISOs think like Batman, not Superman

Many CISOs see themselves as Superman — soaring overhead, cape fluttering, and ready to swoop in and save the day at a moment’s notice if a crisis arises. There have been entire summits and award ceremonies based around the idea of CISOs as superheroes, and there’s even a web tool that will let you figure out your own “security superhero” alter ego. But the best CISOs aren’t superheroes — or at least, not superheroes cut … More