
Attackers can steal NTLM password hashes via calendar invites
A recently patched vulnerability in Microsoft Outlook (CVE-2023-35636) that can be used by attackers to steal users’ NTLM v2 hashes can be exploited by adding two …

New infosec products of the week: December 8, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Atsign, Daon, Global Integrity, Living Security, Panther Labs, Searchlight Cyber, …

Varonis enhances DSPM capabilities with Azure and AWS support
Varonis Systems has expanded capabilities for cloud databases and object storage in AWS and Azure. This release accelerates customers’ data security posture management (DSPM) …

Infosec products of the month: November 2023
Here’s a look at the most interesting products from the past month, featuring releases from: Action1, Amazon, Aqua Security, ARMO, Datadog, Devo Technology, Druva, Entrust, …

Generative AI security: Preventing Microsoft Copilot data exposure
Microsoft Copilot has been called one of the most powerful productivity tools on the planet. Copilot is an AI assistant that lives inside each of your Microsoft 365 apps — …

New infosec products of the week: November 10, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Aqua Security, ARMO, Druva, IRONSCALES, Malwarebytes, and Varonis. Varonis enhances …

Varonis enhances its Microsoft 365 offering to prevent sensitive email exposure
Varonis announced major enhancements to its Microsoft 365 offering, adding more robust capabilities to continuously detect and prevent exposures in the world’s top cloud-based …

New infosec products of the week: January 20, 2023
Here’s a look at the most interesting products from the past week, featuring releases from CloudSEK, Devo Technology, Immuta, Varonis, and Zyxel Networks. CloudSEK BeVigil app …

Varonis strengthens data security with least privilege automation
Varonis introduced least privilege automation for Microsoft 365, Google Drive, and Box — a new capability that continuously removes unnecessary data risk without human …

Varonis and HackerOne launch vulnerability disclosure program
Varonis has launched its public vulnerability disclosure program via HackerOne. The VDP enables the entire HackerOne community to report potential security issues related to …

Average company with data in the cloud faces $28 million in data-breach risk
Hard-to-control collaboration, complex SaaS permissions, and risky misconfigurations — such as admin accounts without multi-factor authentication (MFA) — have left a dangerous …

Black Hat USA 2022 video walkthrough
In this Help Net Security video, we take you inside Black Hat USA 2022 at the Mandalay Bay Convention Center in Las Vegas. The video features the following vendors: Abnormal …
Featured news
Resources
Don't miss
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)
- RIFT: New open-source tool from Microsoft helps analyze Rust malware
- Are we securing AI like the rest of the cloud?
- How exposure-enriched SOC data can cut cyberattacks in half by 2028