Search results for: vulnerability

Acquisitions

Tenable acquires Bit Discovery to help organizations minimize cyber exposure

Tenable Holdings announced that it has signed an agreement to acquire Bit Discovery, a provider of external attack surface management (EASM). Combining Tenable’s Cyber Exposure solutions with Bit Discovery’s EASM capabilities will provide customers with a differentiated 360-degree view of the modern attack surface – both inside out and outside in – to identify and eliminate areas of known and unknown security risk. Discovering and gaining insight into every part of a business’s digital footprint … More

Money

ARMO raises $30 million to offer a complete open source security solution for the Kubernetes community

ARMO announced $30M in funding for the end-to-end open source Kubernetes security platform. The Series A investment, led by Tiger Global with Hyperwise Ventures and participation from existing investors, Pitango First and Peled Ventures, will ensure an open, transparent and fully customizable security solution for the entire Kubernetes community. Kubernetes, the open source container orchestration solution, has become the de-facto operating system for cloud-native applications, making Kubernetes security more essential than ever. However, there is … More

Money

Intigriti raises more than €21 million to help ethical hackers uncover cyber security threats

Intigriti has raised €21,133,700 million in a Series B round, closing the largest funding for a crowdsourced security platform in Europe to date. The round was led by Octopus Ventures, one of Europe’s largest and most active early-stage investors. Germany-based fund EnBW New Ventures is also participating in the round, alongside previous investors and Intigriti’s largest shareholder, ETF Partners. Results acted as exclusive financial adviser to Intigriti. Intigriti’s global cybersecurity platform connects organizations with ethical … More

security platform

Contrast Security provides Red Hat OpenShift users with cloud-native automation

Contrast Security announced the introduction of cloud-native automation for users leveraging Red Hat OpenShift, an enterprise Kubernetes platform. Red Hat OpenShift users can now deploy containerized applications with embedded security features within a native continuous integration and continuous delivery (CI/CD) pipelines. This enables Red Hat OpenShift users to retain scalability, while adding automated security testing and protection as a routine part of the software delivery process. These added capabilities result in minimized manual configuration, reduction … More

security platform

BreachBits BreachRisk helps organizations to understand and measure cyber risk

BreachBits has announced BreachRisk, a new standard to understand, measure and communicate cyber risk. Built by U.S. military cyber warfare veterans and based on the same methods used by hackers, BreachRisk allows individual companies, insurers, portfolio managers and others to continuously assess an organization’s likelihood of a data breach while quantifying and communicating their risk reduction with a simplified cyber risk score. “Our goal is to help organizations confront the rising tide of ransomware and … More

week in review

Week in review: Outdated open source, the role of the lawyer in cybersecurity

Here’s an overview of some of last week’s most interesting news, articles and interviews: The changing role of the CCO: Champion of innovation and business continuity In this interview with Help Net Security, Simon Winchester, VP Worldwide Advanced Technologies at Jumio, talks about the changing role of the chief compliance officer (CCO) and how to alleviate some of its burdens in today’s highly regulated world. 81% of codebases contain known open source vulnerabilities Synopsys released … More

shark

New threat groups and malware families emerging

Mandiant announced the findings of an annual report that provides timely data and insights based on frontline investigations and remediations of high-impact cyber attacks worldwide. The 2022 report––which tracks investigation metrics between October 1, 2020 and December 31, 2021—reveals that while significant progress has been made in threat detection and response, adversaries are still innovating and adapting to achieve their mission in targeted environments. Global median dwell time drops to three weeks According to the … More

security platform

Vicarius Nmap Scan Analysis helps security professionals identify high risk assets

Vicarius released a new free offering—Nmap Scan Analysis—to make vulnerability assessment, prioritization, and remediation available to security professionals, IT admins, and pentesters that utilize Nmap. Nmap can be found in nearly every network administrator’s arsenal, as one of the most versatile tools for port scanning, network discovery, and security auditing. Nmap helps security and IT professionals understand what hosts are available, what services they offer, the operating systems they’re running, and what software versions are … More

security platform

Ubuntu 22.04 LTS released, delivers enterprise-grade security

Canonical Ubuntu 22.04 LTS is now generally available, featuring significant leaps forward in cloud confidential computing, real-time kernel for industrial applications, and enterprise Active Directory, PCI-DSS, HIPAA, FIPS and FedRAMP compliance – raising the bar for open source from cloud to edge, IoT and workstations. Canonical partners with industry leaders to deliver enterprise-grade security, long-term maintenance and support on all major architectures, hardware and clouds. Confidential Computing and Arm drive public cloud innovation Ubuntu is … More

shark

Vulnerabilities that kept security leaders busy in Q1 2022

In this video for Help Net Security, Yotam Perkal, VP of Research at Rezilion, talks about the most critical vulnerabilities published during Q1 2022, and the relevant remediation and mitigation steps you need to take. The first quarter of 2022 was packed with new vulnerabilities, and some are still impacting organizations worldwide. The most significant one is the Log4Shell vulnerability, which was published in December 2021, but it still affects organizations and is expected to … More

bomb

How fast do cybercriminals capitalize on new security weaknesses?

Threat intelligence analysts at Skybox Research Lab uncovered a 42% increase in new ransomware programs targeting known vulnerabilities in 2021. The report revealed how quickly cybercriminals capitalize on new security weaknesses – shrinking the window that organizations have to remediate vulnerabilities ahead of an attack. Record-breaking growth in new vulnerabilities With 20,175 new vulnerabilities published in 2021, Skybox Research Lab witnessed the most vulnerabilities ever reported in a single year. And these new vulnerabilities are … More

security platform

Prevailion ARKTOS allows companies to test their network security against real world malware threats

Prevailion launched ARKTOS, a malware replication platform that allows companies to safely test their network security readiness against the world’s most challenging early-stage malware. “Precursor attacks are one of the biggest failures in corporate security today and this is exactly what ARKTOS is designed to address,” said Karim Hijazi, CEO of Prevailion and a former contractor for the US intelligence community. “Most ransomware infections happen days, weeks or months after the initial network breach, so … More