The case for enterprise exposure management
For several years, external attack surface management (EASM) has been an important focus for many security organizations and the vendors that serve them. EASM, attempting to …
Transforming cloud security with real-time visibility
In this Help Net Security interview, Amiram Shachar, CEO at Upwind, discusses the complexities of cloud security in hybrid and multi-cloud environments. He outlines the need …
Rspamd: Open-source spam filtering system
Rspamd is an open-source spam filtering and email processing framework designed to evaluate messages based on a wide range of rules, including regular expressions, statistical …
SOC teams are frustrated with their security tools
Security operations center (SOC) practitioners believe they are losing the battle detecting and prioritizing real threats – due to too many siloed tools and a lack of accurate …
Meet the shared responsibility model with new CIS resources
You can’t fulfill your end of the shared responsibility model if you don’t emphasize secure configurations. Depending on the cloud services you’re using, …
Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: October 2024 Patch Tuesday forecast: Recall can be recalled October arrived, …
100+ domains seized to stymie Russian Star Blizzard hackers
Microsoft and the US Justice Department have seized over 100 domains used by Star Blizzard, a Russian nation-state threat actor. “Between January 2023 and August 2024, …
October 2024 Patch Tuesday forecast: Recall can be recalled
October 2024 Patch Tuesday is now live: Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) October arrived, and Microsoft started the month …
Best practices for implementing threat exposure management, reducing cyber risk exposure
In this Help Net Security interview, Sanaz Yashar, CEO at Zafran, discusses the role of threat exposure management (TEM) in modern cybersecurity strategies. As traditional …
MaLDAPtive: Open-source framework for LDAP SearchFilter parsing, obfuscation, and more!
MaLDAPtive is an open-source framework for LDAP SearchFilter parsing, obfuscation, deobfuscation, and detection. At its core, the project features a custom-built C# LDAP …
Cybercriminals capitalize on poorly configured cloud environments
Off-the-shelf offensive security tools and poorly configured cloud environments create openings in the attack surface, according to Elastic. Adversaries are utilizing …
New infosec products of the week: October 4, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Balbix, Halcyon, Metomic, Red Sift, SAFE Security, Veeam Software, and Legit …