Category Archives: Industry News

Zscaler B2B reduces the attack surface introduced by customer-facing apps

Zscaler, the leader in cloud security, today announced Zscaler B2B, a new innovation that solves a long-standing problem businesses face when exposing their applications to their customers, suppliers and manufacturers. Zscaler B2B is a unique solution that reduces the attack surface introduced by customer-facing applications that are exposed on the internet. Built with the fundamentals of a service-initiated zero trust network access (ZTNA) architecture, Zscaler B2B enables authorized customers to view applications, based on business … More

The post Zscaler B2B reduces the attack surface introduced by customer-facing apps appeared first on Help Net Security.

Ubisecure IDaaS: Solve complex identity management challenges

Ubisecure launched its new IDaaS product to help developers take applications to market faster with streamlined and secure digital identity functionality in web, mobile and single page applications. The new IDaaS offering is API-based which allows businesses to solve complex identity management challenges. APIs provide on-demand expertise that would otherwise require resource-heavy in-house development. By leveraging APIs, organisations are essentially plugging in standards-based, customisable functionality to their existing technology, with a wealth of knowledge and … More

The post Ubisecure IDaaS: Solve complex identity management challenges appeared first on Help Net Security.

Odo Security unveils agentless, cloud-native platform that allows secure access management

Odo Security unveiled an agentless, cloud-native platform that allows IT and DevOps engineers to easily manage secure access to any application, server, database and environment located on-premises or in the cloud. “According to our primary research, the chief inhibitor to the adoption of effective access controls is an inability to integrate solutions with essential IT investments,” noted Steve Brasen, research director with analyst firm Enterprise Management Associates. “Odo Security has developed an elegant approach that … More

The post Odo Security unveils agentless, cloud-native platform that allows secure access management appeared first on Help Net Security.

New investment round sets Acronis valuation to over 1 billion dollars

Acronis announced a $147 million investment round led by Goldman Sachs. The investment round sets the valuation of the company to over one billion dollars and enables Acronis to expand its engineering team in Singapore, Bulgaria and Arizona, build additional data centers, and grow through acquisitions. Additionally, Acronis will use the capital to accelerate the business growth in North America in partnership with Acronis SCS, an independent software vendor and distributor for the public sector. … More

The post New investment round sets Acronis valuation to over 1 billion dollars appeared first on Help Net Security.

nCipher launches nShield as a Service, a cloud-based hardware security module

nCipher Security, an Entrust Datacard company, announces nShield as a Service, a cloud-based hardware security module (HSM) service that allows organisations to protect sensitive data and applications and helps meet compliance mandates – simply and efficiently, using on-demand cryptography. “Organisations embracing cloud-first strategies require cloud-first encryption,” said Peter Galvin, vice president of strategy, nCipher Security. “This means remote, automated management at scale, and flexible access control both in the cloud and onsite. nShield as a … More

The post nCipher launches nShield as a Service, a cloud-based hardware security module appeared first on Help Net Security.

Oracle’s data management portfolio innovations help businesses protect and capitalize on their data

Oracle announced major new innovations across its data management portfolio that make it easier, faster, and safer for customers to run their mission critical workloads everywhere – in the cloud, on-premises, and via Exadata Cloud at Customer. Oracle continues to deliver the world’s most comprehensive data management solutions, including the industry’s first and only self-driving database, Oracle Autonomous Database. “Oracle’s passion in helping customers solve tomorrow’s problems through technological investment and innovation is unparalleled,” said … More

The post Oracle’s data management portfolio innovations help businesses protect and capitalize on their data appeared first on Help Net Security.

ManageEngine Applications Manager now supports performance monitoring for Oracle Cloud Infrastructure

ManageEngine, the IT management division of Zoho Corporation, announced that Applications Manager, its server, cloud and application performance monitoring solution, now supports performance monitoring for Oracle Cloud Infrastructure (OCI). This enables IT operations teams to gain visibility into the health and performance of the OCI Compute service. Additionally, Applications Manager virtualization monitoring module now supports Oracle VM. ManageEngine is demonstrating the latest capabilities of Applications Manager in booth 1905 at Oracle OpenWorld 2019, being held … More

The post ManageEngine Applications Manager now supports performance monitoring for Oracle Cloud Infrastructure appeared first on Help Net Security.

McAfee and Oracle deliver SIEM performance capabilities in the cloud

McAfee, the device-to-cloud cybersecurity company, announced an extended relationship with Oracle to deliver security incident and events management (SIEM) performance capabilities in the cloud. With this collaboration, the McAfee Enterprise Security Manager (McAfee ESM) technology running on Oracle Cloud Infrastructure will increase the rate of data ingestion of events per second by more than 16 times. This increase in performance enables security operations center teams to more effectively and cost efficiently secure enterprise environments against … More

The post McAfee and Oracle deliver SIEM performance capabilities in the cloud appeared first on Help Net Security.

Quest Toad for Oracle reduces disruptive and expensive unplanned development cycles

Quest Software, a global systems management, data protection and security software provider, announced major updates for Toad for Oracle, an intuitive database management toolset that makes it easy to perform essential database development and administration tasks. Now available from the Quest Information Management business, Toad for Oracle 13.2 includes a new utPLSQL unit test creation module that makes it easy for database developers to incorporate unit testing into their database development processes, ensuring they are … More

The post Quest Toad for Oracle reduces disruptive and expensive unplanned development cycles appeared first on Help Net Security.

Pentest secures contract with global techn corp, Xcina Consulting becomes preferred supplier

Shearwater Group, the organizational resilience group, announces that its group company, Pentest has secured a one-year contract with a global technology corporation worth in excess of US$1 million. At the same time, Xcina Consulting, another Shearwater group company has also signed a ‘Master Consulting Agreement’ and become a preferred supplier to the same organization. Under the terms of the contract, Pentest will deliver a framework for the provision of vulnerability assessment and penetration testing services … More

The post Pentest secures contract with global techn corp, Xcina Consulting becomes preferred supplier appeared first on Help Net Security.

ImmuniWeb Discovery diminishes application security complexity and operational costs

ImmuniWeb, a global application security testing and security ratings company, is thrilled to announce the launch of ImmuniWeb Discovery that now offers: continuous discovery of external digital web assets actionable security ratings of asset hackability and attractiveness continuous web security testing, best practices and compliance monitoring (PCI DSS, GDPR) continuous monitoring of data leaks, source code exposure, phishing and domain squatting monthly subscription starting at $99 per organization ImmuniWeb Discovery substantially diminishes application security complexity … More

The post ImmuniWeb Discovery diminishes application security complexity and operational costs appeared first on Help Net Security.

Telia Carrier implemets RPKI, reducing the risk of accidental route leaks

Telia Carrier has announced, that it has implemented RPKI – a technology that validates and secures critical route updates or BGP announcements on its #1 ranked global Internet backbone. BGP is the central nervous system of the Internet and RPKI reduces the risk of accidental route leaks, or even hijacks, which can result in critical outages or fraudulent traffic manipulation. Internet connectivity has become an indispensable part of our everyday lives and the networks at … More

The post Telia Carrier implemets RPKI, reducing the risk of accidental route leaks appeared first on Help Net Security.

Accenture supports Exxaro to digitally transform its business and unlock new revenue streams

Accenture has collaborated with Exxaro, one of South Africa’s leading coal producers, to help digitally transform its business and unlock new revenue streams by managing the migration of its SAP solutions, and other centrally-run applications used by Exxaro business units, to Microsoft Azure. This supports Exxaro’s ambition to establish a secure, agile, cost-effective and scalable platform that will improve business processes and continuity. Accenture created a cloud transformation strategy for Exxaro that defined the business … More

The post Accenture supports Exxaro to digitally transform its business and unlock new revenue streams appeared first on Help Net Security.

Open source breach and attack simulation tool Infection Monkey gets new features

Guardicore, a leader in internal data center and cloud security, unveiled new capabilities for its Infection Monkey that make it the industry’s first Zero Trust assessment tool. Added features extend the functionality of the already successful Infection Monkey, a free, open source breach and attack simulation tool used by thousands to demonstrate and analyze their environments against lateral movement and attacks. The latest version of Infection Monkey enables both enterprise security leaders and network engineers … More

The post Open source breach and attack simulation tool Infection Monkey gets new features appeared first on Help Net Security.

Irdeto launches Trusted Home enabling CSPs to secure the entire smart home beyond the router

Consumer demand for IoT devices is growing rapidly as they look to make the most of connectivity and the smart home. However, the increase in IoT devices also increases the number of security vulnerabilities and creates challenges for communication service providers (CSPs) and consumers alike around control of the smart home. To address these challenges, Irdeto has launched Trusted Home which enables CSPs to secure the entire smart home beyond the router, increase ARPU by … More

The post Irdeto launches Trusted Home enabling CSPs to secure the entire smart home beyond the router appeared first on Help Net Security.

TSYS Authentication Platform helps companies fight synthetic and account takeover fraud

TSYS announced a new authentication product that provides unprecedented real-time verification of customer identities. The new offering, the TSYS Authentication Platform, relies on customer experience data collected from direct cardholder touchpoints and integrates into TSYS clients’ existing authentication systems. TSYS Authentication Platform is available in Europe and will be launched in North America in 2020. The new product is designed to verify that a person is who he or she claims to be, reducing application, … More

The post TSYS Authentication Platform helps companies fight synthetic and account takeover fraud appeared first on Help Net Security.

HITRUST issues guidance for relying on work of internal audit departments in CSF assessments

HITRUST, a leading data protection standards development and certification organization, released updated guidance for placing reliance on the results of previously performed audits, assessments, and inspections. These policy and methodology updates create opportunities for greater assessment efficiency and customer cost savings. HITRUST has historically afforded two opportunities for External Assessors (formerly referred to as HITRUST CSF Assessors) to rely on the results of previously performed control testing, one being Inheritance of the results of other … More

The post HITRUST issues guidance for relying on work of internal audit departments in CSF assessments appeared first on Help Net Security.

New Razberi features use deep packet inspection to monitor video quality and camera security

Razberi Technologies has extended its Razberi Monitor solution with new video health monitoring features. Razberi leverages its patent-pending deep packet inspection technology to assure security professionals that their cameras are providing secure and reliable audio and video streams. Razberi’s latest software automatically reboots cameras and sends alerts when problems are detected. Razberi Monitor provides complete system health and cyber monitoring solutions for video surveillance systems. Razberi Monitor integrates video health with award-winning Razberi CameraDefense for … More

The post New Razberi features use deep packet inspection to monitor video quality and camera security appeared first on Help Net Security.

Easy NX Connect for Egnyte enables fast and secure file sharing

Fujitsu Computer Products of America, the established leader in document imaging, announced a new integration with the FUJITSU fi-7300NX document scanner and Egnyte. Easy NX Connect for Egnyte is a convenient software license that enables organizations to scan directly to Egnyte via a quick tap and scan into a secure, sharable workflow. Easy NX Connect for Egnyte includes NFC authentication and direct integration into Egnyte’s Enterprise File Sharing and Content Governance platform. In conjunction with … More

The post Easy NX Connect for Egnyte enables fast and secure file sharing appeared first on Help Net Security.

Bank Mayapada chooses NICE Actimize to update its AML compliance programs

NICE Actimize, a NICE business and the leader in autonomous financial crime management, has been chosen by PT Bank Mayapada Internasional, Tbk, Jakarta, Indonesia, to launch full-scale improvements within its financial crime operations with anti-money laundering compliance and investigation management solutions that employ artificial intelligence and machine learning technology. To more effectively meet the needs of its regulators, Bank Mayapada will implement an array of components from NICE Actimize’s Autonomous Anti-Money laundering portfolio, including Suspicious … More

The post Bank Mayapada chooses NICE Actimize to update its AML compliance programs appeared first on Help Net Security.

Oliver Wyman and Next Peak offer a broader and enhanced range of advisory and operational services

Global management consulting firm Oliver Wyman and Next Peak, an operational cyber defense consulting company, announced a new collaboration to offer a broader and enhanced range of advisory and operational services to clients focused on defending and improving resilience against global cyber threats. “At a time when cyber threats are becoming increasingly common, more dangerous, and more sophisticated, leaders across all industries are looking for ways to protect their companies,” said Michael Zeltkevic, Partner and … More

The post Oliver Wyman and Next Peak offer a broader and enhanced range of advisory and operational services appeared first on Help Net Security.

Snowflake and FedResults partnership provides cloud-based solutions for government

Snowflake, the data warehouse built for the cloud, announced that it has a public sector distribution relationship with FedResults, a government-focused IT provider. This partnership will enable Snowflake and FedResults to provide secure, powerful, flexible cloud data warehouse and analytics solutions to federal agencies. Bloomberg Government analysts project that the U.S. Federal Government will invest more than $93B in information technology programs in fiscal year 2020. The 2019 Federal Cloud Computing Strategy, Cloud Smart is … More

The post Snowflake and FedResults partnership provides cloud-based solutions for government appeared first on Help Net Security.

Digital River brings its payments, tax and compliance capabilities to Salesforce AppExchange

Digital River announced it has launched an integration to bring its payments, tax and compliance capabilities to Salesforce AppExchange, empowering customers to connect with their customers and partners in entirely new ways. The integration of Salesforce Commerce Cloud and Digital River lets brands create efficient online buying experiences with a solution designed to grow revenue, expand internationally and help protect brands from risks associated with selling online. The on-demand shopping experience is now ingrained in … More

The post Digital River brings its payments, tax and compliance capabilities to Salesforce AppExchange appeared first on Help Net Security.

HID Global acquires HydrantID to secure enterprise data, IT systems, networks, and the IoT

HID Global, a worldwide leader in trusted identity solutions, announced that it has acquired HydrantID, a provider of management and automation services to secure enterprise organizations’ data, IT systems, networks, and the Internet of Things (IoT). Specializing in public key infrastructure (PKI) as a service, HydrantID has issued over three million PKI credentials and secured over 125,000 domains – a perfect complement to HID’s IdenTrust business, which is the world’s leading digital certification authority. HydrantID … More

The post HID Global acquires HydrantID to secure enterprise data, IT systems, networks, and the IoT appeared first on Help Net Security.

Odaseva records growth and supports over a trillion documents in Salesforce

Odaseva, the unified cloud data protection, compliance and operations platform for enterprises running Salesforce as a business-critical application, announced that it has seen triple year over year growth, and after only seven years of operation, supports a staggering one trillion Salesforce records, with over 10 million enterprise-level internal Salesforce customers. Odaseva’s explosive growth is in part due to the influx of new data privacy and governance laws such as GDPR or CCPA, demanding that businesses … More

The post Odaseva records growth and supports over a trillion documents in Salesforce appeared first on Help Net Security.

C2A Security collaborates with NXP to develop a comprehensive automotive security solution

C2A Security, a global leader in automotive cybersecurity, announced a comprehensive automotive security solution, developed in collaboration with NXP, utilizing NXP Semiconductors’ secure CAN (Controller Area Network) transceivers. Designed to provide comprehensive protection to help automotive OEMs get the upper hand on some of the most sophisticated cyberattacks, the solution combines C2A´s cybersecurity software and NXP´s secure CAN transceivers. Working in collaboration with NXP Semiconductors, the teams identified possible CAN bus-related attack vectors for perimeter … More

The post C2A Security collaborates with NXP to develop a comprehensive automotive security solution appeared first on Help Net Security.

Sectigo integrates with five DevOps configuration management and container orchestration platforms

Sectigo, the world’s largest commercial Certificate Authority (CA) and a provider of purpose-built and automated PKI management solutions, released integrations with five of the most popular DevOps configuration management and container orchestration platforms. The additions of Docker, Kubernetes, Ansible, Terraform, and soon HashiCorp Vault, deliver the industry’s most comprehensive PKI solution for DevOps. This unique combination of solutions will immediately help IT teams ensure their DevOps environments follow accepted security practices, meet compliance and auditability … More

The post Sectigo integrates with five DevOps configuration management and container orchestration platforms appeared first on Help Net Security.

More than 4M customer systems worldwide now automated by Red Hat Ansible Automation

Red Hat, the world’s leading provider of open source solutions, announced that more than four million customer systems worldwide are now automated by Red Hat Ansible Automation. Customers, including Energy Market Company, Microsoft, Reserve Bank of New Zealand and Surescripts all use Red Hat Ansible Automation to automate and orchestrate their IT operations, helping to expand automation across IT stacks. According to a blog post by Chris Gardner with Forrester Research, who was the author … More

The post More than 4M customer systems worldwide now automated by Red Hat Ansible Automation appeared first on Help Net Security.

This Week in Security News: Ransomware Campaigns Persist with WannaCry as Most Common

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how a total of 118 new ransomware families emerged in the first half of 2018, but only 47 new ones debuted in the first six months of this year, according to Trend Micro’s 2019 Mid-Year security report. Also, read on about how Trend Micro was once again named a Leader in Gartner’s 2019 Magic Quadrant.

Read on:

Trend Micro Named a Leader in 2019 Gartner Magic Quadrant for Endpoint Protection Platforms

Trend was named a Leader in Gartner, Inc.’s 2019 Magic Quadrant for Endpoint Protection Platforms in evaluation of its Apex One endpoint security solution. Trend has been named a Leader in every Gartner Magic Quadrant for this category since 2002.

Three Common Email Security Mistakes that MSPs Make

MSPs can generate recurring revenue by being proactive about educating customers about email threats and how to defeat them—if they avoid three common mistakes: failing to educate customers, placing too much faith on end-user training and leaving service revenue on the table.

WannaCry Remains No. 1 Ransomware Weapon

According to Trend Micro’s 2019 mid-year security report, WannaCry remains the most commonly detected ransomware by far: about 10 times as many machines were found targeted by WannaCry in the first half of this year than all other ransomware variants combined. Bill Malik, vice president of infrastructure strategies at Trend Micro, discusses the prevalence of this ransomware and how it works.

TA505 at it Again: Variety is the Spice of ServHelper and FlawedAmmyy

TA505 continues to show that they intend to wreak as much havoc while maximizing potential profits. Just like in previous operations, this cybercriminal group continues to make small changes for each campaign such as targeting other countries, entities, or the combination of techniques used for deployment.

‘Heatstroke’ Campaign Uses Multistage Phishing Attack to Steal PayPal and Credit Card Information

Heatstroke demonstrates how far phishing techniques have evolved — from merely mimicking legitimate websites and using diversified social engineering tactics — with its use of more sophisticated techniques such as steganography. 

Hackers to Stress-Test Facebook Portal at Hacking Contest

Hackers will soon be able to stress-test the Facebook Portal at the annual Pwn2Own hacking contest, following the introduction of the social media giant’s debut hardware device last year. Introducing the Facebook Portal is part of a push by Trend Micro’s Zero Day Initiative, which runs the contest, to expand the range of home automation devices available to researchers in attendance.

Fortnite Players Targeted by Ransomware via Fake Cheat Tool

An open-source ransomware variant called “Syrk,” based on the source code of the Hidden-Cry ransomware, was found pretending to be a cheat tool that improves the accuracy of a player’s aim and provides visibility over other players’ location on the map. Upon infection, a ransom note will demand payment from victims in exchange for a decryption password.

Cybercriminal Group Silence Has Reportedly Stolen US$4.2 Million from Banks So Far

Contrary to their moniker, the Silence cybercriminal group has been reported to be actively targeting banks and financial institutions in more than 30 countries. Silence reportedly stole US$4.2 million from June 2016 to August 2019. 

US Cyberattack Damaged Iran’s Ability to Target Oil Tankers, Report Says

A database used by Iran’s paramilitary arm to devise attacks against oil tankers was wiped out by a US cyberattack in June, temporarily reducing Tehran’s means of targeting Persian Gulf shipping traffic.

Nemty Ransomware Possibly Spreads through Exposed Remote Desktop Connections

A new ransomware family dubbed “Nemty” for the extension it adds to encrypted files has recently surfaced. According to a report from Bleeping Computer, New York-based reverse engineer Vitali Kremez posits that Nemty is possibly delivered through exposed remote desktop connections.

Abuse of WS-Discovery Protocol Can Lead to Large-Scale DDoS Attacks

Security researchers have discovered that attackers can abuse the Web Services Dynamic Discovery (WS-Discovery) protocol to launch massive distributed denial of service (DDoS) campaigns. These researchers have issued a warning after seeing cybercriminals abuse the WS-Discovery protocol in different DDoS campaigns over the past few months.

Phishing Attack Tricks Instagram Users via Fake 2-Factor Authentication

Although 2FA remains a valid and highly useful tool, Instagram users should not be complacent and rely on it alone, especially when fake 2FA notifications can be used for malicious purposes. In this blog, Trend Micro recommends some best practices users can combine with their existing security tools to help protect against phishing.

Q&A: In a Cloud-Connected World, Cybersecurity is Key

Cloud computing is becoming a critical tool for business, in terms of storing an assessing data. With the increases use of the cloud comes greater security risks. Mark Nunnikhoven, vice president of cloud research at Trend Micro, assesses the solutions.


Will you be following Trend’s best protection practices when playing Fortnite or using Instagram? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.

The post This Week in Security News: Ransomware Campaigns Persist with WannaCry as Most Common appeared first on .