Search results for: vulnerability

week in review

Week in review: Cisco hacked, Kali Linux 2022.3 released, Black Hat USA 2022

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Black Hat USA 2022 coverage Check out our microsite for related news, photos, product releases, and more. Understanding your attack surface is key to recognizing what you are defending In this interview with Help Net Security, Marc Castejon, CEO at Silent Breach, discusses what organizations should be worried about at the moment, and what technologies they should focus in the … More

New infosec products of the week: August 12, 2022

Here’s a look at the most interesting products from the past week, featuring releases from Concentric, Cymulate, Deepfence, Halo Security, NetRise, SimSpace, and Traceable AI. Cymulate improves risk visibility for businesses with new analytics capabilities Cymulate XSPM streamlines the influx of information by focusing on attack-based data to evaluate exposed assets, validate security control efficacy, and assess end-to-end kill chain resilience. The pre-loaded and customizable dynamic dashboards and reports provide an instantaneous understanding of any … More

security platform

Dynatrace platform enhancements detect vulnerabilities in runtime environments

Dynatrace has extended its Application Security Module to detect and protect against vulnerabilities in runtime environments, including the Java Virtual Machine (JVM), Node.js runtime, and .NET CLR. In addition, Dynatrace has extended its support to applications running in Go. With these enhancements, the Dynatrace platform becomes the solution providing visibility and vulnerability analytics across the entire application stack, which includes custom code, open-source and third-party libraries, language runtimes, container runtimes, and container orchestrators. Dynatrace not … More

security platform

Tidal Cyber Community Edition platform enables businesses to optimize their cyber defenses

Tidal Cyber has launched Community Edition, SaaS threat-informed defense platform. The Tidal Platform enables businesses to assess, organize and optimize their cyber defenses based on a deep understanding of the threats and adversaries that are most relevant to them. Tidal’s Community Edition enables security analysts to apply the knowledge of adversary behaviors, as defined by the MITRE ATT&CK knowledge base and additional open-source threat intelligence sources, to their environment. Beyond this, the platform also enables … More

Money

Mesh Security raises $4.5 million to help companies drive zero trust in the cloud

Israeli cloud cybersecurity startup Mesh Security has announced a $4.5 million seed round with the Zero Trust Posture Management (ZTPM) solution. Mesh Security makes it simple for companies to implement a Zero Trust Architecture (ZTA) security in the cloud. Additionally, Mesh reveals a security risk in identity platform Okta and over 100 other vendors, allowing attackers to bypass MFA or impersonate, exposing companies’ sensitive data and potential business disruption. The hyperconnectivity created by the expansion … More

Appointments

Ken Naumann joins NetWitness as CEO

NetWitness welcomes Ken Naumann as the new Chief Executive Officer. “NetWitness has long prided itself on forging the frontier of extended detection and response capabilities, which is becoming increasingly universal amid an industry renaissance that prioritizes investment in threat detection,” said Rohit Ghai, CEO of RSA Group. “With decades of experience in enterprise tech and cybersecurity, Ken brings the right mix of growth, strategy and diligence to take NetWitness to the next level.”, Ghai continued. … More

application

Checkmarx API Security identifies shadow and zombie APIs during software development

In Las Vegas, at Black Hat USA 2022, Checkmarx has released Checkmarx API Security, the “shift-left” API security solution. Building on the launch of Checkmarx Fusion, which prioritizes and correlates vulnerability data from across different AppSec engines, Checkmarx API Security is delivered as part of the platform Checkmarx One. The developer workflow-oriented solution inventories even shadow and zombie APIs as part of the inventory and remediation solution to secure the entire API lifecycle. According to … More

email

Which malware delivery techniques are currently favored by attackers?

A wave of cybercriminals spreading malware families – including QakBot, IceID, Emotet, and RedLine Stealer – are shifting to shortcut (LNK) files for email malware delivery. Shortcuts are replacing Office macros – which are starting to be blocked by default in Office – as a way for attackers to get a foothold within networks by tricking users into infecting their PCs with malware. Keeping up with changes in the email threat landscape HP Wolf Security’s … More

SAP

Why SAP systems need to be brought into the cybersecurity fold

SAP’s status as a leading business process management software provider is undeniable. Today, the company serves over 230 million cloud users and 99 of the top 100 companies in the world with the largest cloud portfolio of any provider, comprising more than 100 solutions covering all business functions. Touching 77% of all transactions and thought to store 70% of all corporate data, SAP systems are a fundamental digital cog in the global economy. But SAP … More

security platform

ActZero Ransomware Readiness Assessment strenghtens ransomware defense for SMEs

ActZero has launched a Ransomware Readiness Assessment for small and medium-sized enterprises (SMEs). The program simulates a ransomware attack sequence, which can expose vulnerabilities and lateral pathways left open by existing tools. With this valuable visibility businesses can start reducing risk immediately. Adversaries expect small businesses to lack proper ransomware defenses. With ActZero MDR, they can now prove them wrong. Adversaries are turning up the pressure on their victims, demanding average ransoms nearing $1M, and … More

Handshake

Mirantis collaborates with Nuaware to eliminate Kubernetes complexity for developers

Mirantis has partnered with Nuaware to deliver Lens, the Kubernetes platform. Mirantis recently launched Lens Pro with features for enterprise users that simplify the developer experience working with Kubernetes – adding on-demand live support, easy setup for container image scanning and vulnerability reporting, and a built-in local Kubernetes cluster. Lens Pro is an opportunity for channel partners to realize recurring revenues through subscription-based packaging and pricing. “Nuaware can help us extend our reach to new … More

lock

Deepfence ThreatMapper 1.4 empowers organizations to visualize cloud native threat landscape

Today, at Black Hat USA 2022, Deepfence announced the 1.4 release of its open source project ThreatMapper, cloud native offering that expands attack path visualization, adds cloud security posture management, and now includes the cloud native, YARA-based malware scanner. ThreatMapper is an open platform for scanning, mapping, and ranking vulnerabilities in running pods, images, hosts, and repositories. ThreatMapper scans for known and unknown vulnerabilities, secrets, cloud misconfigurations and then puts those findings in context. With … More