Eastern Europe

Mirantis has acquired Shipa to add automated application discovery, operations, security, and observability to the Lens Kubernetes Platform. Lens helps eliminate Kubernetes complexity accelerating mainstream developer adoption and empowers users to easily...

OneSpan has agreed to acquire ProvenDB to provide a trust model for high assurance contracts and documents. ProvenDB will extend the capabilities of OneSpan's Transaction Cloud Platform to both public and private blockchains and serve as a modern tech...

Here's a look at the most interesting products from the past week, featuring releases from Perimeter 81, SpyCloud, ThreatConnect, Venafi, and Wallarm. SpyCloud Compass identifies infected devices accessing critical workforce apps SpyCloud Compass enab...

Ransomware has lately been the primary method of monetization for threat actors. Still, research has revealed a slight decrease in ransomware attacks and ransomware payments this past year, suggesting cybercriminals are evolving their strategies. Threat a...

80% of organizations increased their use of open source software over the last 12 months, according to Perforce Software and the Open Source Initiative. Four out of five companies rely on OSS for a wide range of business-critical applications including da...

Enterprises are going all-in on cloud storage, with average stored capacity in the public cloud expected to reach 43% of their total storage footprint by 2024, and the vast majority (84%) are increasing their budgets to make that a reality, according to W...

Cloud Range has introduced Cloud Range for Critical Infrastructure—the live-fire simulation training specifically designed to proactively train and prepare incident responders (IR) and security operations (SOC) teams in operational technology (OT) a...

Ermetic has extended its Cloud Native Application Protection Platform (CNAPP) with cloud workload protection capabilities that enable customers to detect, prevent and remediate security risks in virtual machines, containers and serverless functions. Using...

Iron Bow Technologies acquired GuardSight, a cybersecurity operations as a service (SECOPS), and managed detection and response (MDR) company that serves businesses and organizations across the U.S. The acquisition of GuardSight will enhance Iron Bow'...

Prove Identity appointed Amanda Fennell as the company's Chief Information Security Officer (CISO) and Chief Information Officer (CIO). Fennell, who most recently served as the CISO & CIO at Relativity, brings over twenty years of security industry ex...

Europol supported the German, Dutch and US authorities in taking down the infrastructure of the prolific HIVE ransomware. This international operation involved authorities from 13 countries in total. Law enforcement identified the decryption keys and shar...

Akamai researchers have published a PoC exploit for a critical vulnerability (CVE-2022-34689) in Windows CryptoAPI, which validates public key certificates. "An attacker could manipulate an existing public x.509 certificate to spoof their identity and...

Ubuntu Pro, Canonical's comprehensive subscription for secure open source and compliance, is now generally available. Ubuntu Pro helps teams get timely CVE patches, harden their systems at scale and remain compliant with regimes such as FedRAMP, HIPAA...

Tricking users at targeted organizations into installing legitimate remote monitoring and management (RMM) software has become a familiar pattern employed by financially motivated attackers. No organization is spared, not even agencies of the US federal c...

Open-source software enables better security for both large and small organizations. It is the foundation of today's society and is found throughout a modern application stack, from the operating system to networking functions. It's estimated that...

A language-generating AI model called ChatGPT, available for free, has taken the internet by storm. While AI has the potential to help IT and security teams become more efficient, it also enables threat actors to develop malware. In this interview with He...

The first half of 2022 saw fewer compromises reported due in part to Russia-based cybercriminals distracted by the war in Ukraine and volatility in the cryptocurrency markets, according to the Identity Theft Resource Center. However, data compromises stea...

With continued transition to cloud services to support remote work, the threat of malware continues to grow, expanding each company's attack surface. The first half of 2022 saw 2.8 billion malware attacks in which more than 270,000 "never-seen-bef...

SpyCloud launched Compass, a transformative solution to help enterprises detect and respond to the initial precursors to ransomware attacks. Compass provides definitive evidence that data siphoned by malware infections is in cybercriminals' hands and ...

Lupovis has released Prowl, new platform capabilities designed to help security analysts automatically identify bot traffic from malicious human threat actors, to help reduce the time they waste investigating false positives. False positives are flagged b...

PKWARE has released its newest data discovery and protection solution, PK Secure Email. This Microsoft Outlook add-in automatically discovers sensitive information in email message body, subject line, and attachment and prompts policy-driven protection ac...

Halo Security recently implemented a new feature to reduce the noise and improve attack surface visibility, helping customers identify active threats in the wild — known exploited vulnerabilities (KEVs) from the Cybersecurity and Infrastructure Secu...

ThreatConnect released ThreatConnect Platform 7.0 designed specifically for TI Ops. The new release increases the effectiveness of threat intelligence analysts and security operations teams by bringing together the power of human analysis, ML-powered anal...

Malwarebytes has announced the upcoming Malwarebytes Mobile Security for Business, extending its endpoint protection capabilities to professional mobile devices. From corporate organizations to educational institutions, the increasing number of connected ...

Strata has closed a $26M Series B round of financing led by Telstra Ventures with participation from existing investors Menlo Ventures, Forgepoint Capital and Innovating Capital. The company has developed, Maverics, the distributed identity orchestration ...

Forescout Technologies has unveiled that Barry Mainz will join the company as CEO, effective immediately. Barry Mainz brings more than 25 years of experience in executive leadership across infrastructure software and cybersecurity companies. Mainz has ser...

LogicGate has hired Nicholas Kathmann as its CISO to help scale the company's information security program, manage its external system security, drive platform security innovations and engage with LogicGate customers on security management. "To bu...

Crypto.com has been certified with ISO 27017 for security in the cloud and ISO 27018 for privacy protection in the cloud as audited by SGS, an internationally-recognized certification authority. These two certifications, both firsts for a digital asset pl...

The hackers who breached Riot Games last week are asking for $10 million not to leak the stolen source code for the company's popular League of Legends online game. The company has also confirmed that source code for TFT (Teamfight Tactics) and a lega...

VMware has fixed two critical (CVE-2022-31706, CVE-2022-31704) and two important (CVE-2022-31710, CVE-2022-31711) security vulnerabilities in VMware vRealize Log Insight, its multi-cloud solution for centralized log management, operational visibility and ...

Quantum computing poses a great opportunity but also a great threat to internet security; certain mathematical problems that form the basis of today's most popular cryptographic algorithms will be much easier to solve with quantum than with "class...

According to the FBI's 2021 Internet Crime Report, business email compromise (BEC) accounted for almost a third of the country's $6.9 billion in cyber losses that year around $2.4 billion. In surprisingly sharp contrast, ransomware attacks account...

The cybersecurity skills shortage is a global problem, but each region including Europe or, more specifically, the EU has distinct problems it has to tackle to solve it. In this Help Net Security Dritan Saliovski, Director Nordic Head of Cyber M&A, Transa...

Despite a difficult economic environment, organizations continue to invest in privacy, with spending up significantly from $1.2 million just three years ago to $2.7 million this year, according to Cisco. Yet, 92 percent of respondents believe their organi...

As part of the Venafi Control Plane for machine identities, TLS Protect for Kubernetes enables security and platform teams to easily and securely manage cloud native machine identities, such as TLS, mTLS and SPIFFE, across all of an enterprise's multi...

Datto introduced its second-generation family of cloud managed switches, along with global expansion of the early access for its secure remote access solution, Datto Secure Edge. These new networking solutions complement Datto's existing product lines...

GoTo (formerly LogMeIn) has confirmed on Monday that attackers have stolen customers' encrypted backups from a third-party cloud storage service related to its Central, Pro, join.me, Hamachi, and RemotelyAnywhere offerings. However, the attackers have...

Apple has released security updates for macOS, iOS, iPadOS and watchOS, patching among other things a type confusion flaw in the WebKit component (CVE-2022-42856) that could be exploited for remote code execution on older iPhones and iPads running iOS v12...

Arctic Wolf launched Arctic Wolf Incident Response (IR) JumpStart Retainer, an incident response offering that helps organizations proactively plan for cyber incidents without losing valuable time to remediation and the high upfront costs of traditional i...

Hillstone Networks latest upgrade of its operating system, Hillstone StoneOS 5.5R10, delivers AI-based threat protection, centralized zero trust control and management, and further simplification of security operations and system optimization, among over ...

ioSafe introduced the ioSafe 1522+, a five-bay network attached storage (NAS) device for businesses of all sizes, including those with remote locations in fire and flood-prone areas. "The 1522+ is the next proof point in our commitment to delivering t...

It has been observed that attackers will attempt to start exploiting vulnerabilities within the first fifteen minutes of their disclosure. As the time to patch gets shorter, organizations need to be more pragmatic when it comes to remediating vulnerabilit...

In this Help Net Security video, Carlos Fernandez, Security Researcher at Sonatype, talks about how their AI system caught packages that attack Python developers with a unique tactic. Sonatype calls them RAT mutants because they're a mix of remote acc...

In March 2023, Zagreb will be added to the (already long) list of cities where information security professionals and enthusiasts can share their knowledge with peers at a Security BSides conference. We've talked with BSidesZG organizer Ante Jurjevic ...

The National Security Agency (NSA) published guidance to help Department of Defense (DoD) and other system administrators identify and mitigate security issues associated with a transition to Internet Protocol version 6 (IPv6). IPv6 Security Guidance high...

Linor spends her days working with cybersecurity founders at her Venture Capital firm. Gaining insight into their experiences over the course of building these relationships and supporting the brick-laying of their visions, she shares observations on the ...

The European Union Agency for Cybersecurity (ENISA) has made available Awareness Raising in a Box (AR-in-a-BOX), a "do it yourself" toolbox to help organizations in their quest to create and implement a custom security awareness raising program. T...

IoT remains the biggest hurdle in achieving an effective zero-trust security posture across an organization. In this Help Net Security video, Denny LeCompte, CEO at Portnox, discusses how IoT has been difficult to profile accurately and why zero trust str...

The sheer volume of reported ICS vulnerabilities and CVEs may cause critical infrastructure asset owners to feel overwhelmed, or need help knowing where to begin, according to SynSaber. The report analyzes the 920+ CVEs released by CISA in the second half...

An EMA survey of 129 software development professionals uncovered that for those using code scanning tools, only 10% of organizations prevented a higher percentage of vulnerabilities than organizations not using code scanning tools, while continuous train...