New infosec products of the week: February 23, 2024

Here's a look at the most interesting products from the past week, featuring releases from ManageEngine, Metomic, Pindrop, and Truffle Security.
Pindrop Pulse offers protection against audio deepfakes.
Pindrop Pulse's ability to detect deepfakes provides organizations and their customers protection against a variety of voice attacks, including recorded voice replay, synthetic voice, automated voice chatbot, voice modulation, and voice conversion.
ManageEngine unveils ML-powered exploit triad analytics feature.
ManageEngine released an ML-powered exploit triad analytics feature in its SIEM solution, Log360.
Now, enterprises can knowledgeably trace the path of adversaries and mitigate breaches by providing complete contextual visibility into the exploit triad: users, entities and processes.
Metomic launches human firewall features to scale data security workflows.
Metomic announced that it's rolling out its new suite of human firewall features for SaaS apps like Google, Slack and MS Teams.
The new features will enable security and compliance teams to scale their data security workflows by involving employees directly in the risk remediation process.
TruffleHog: Open-source solution for scanning secrets.
TruffleHog is an open-source scanner that identifies and addresses exposed secrets throughout your entire technology stack.
Besides scanning normal files, TruffleHog decodes dozens of encodings, including base64, zip files, docx files, and many more, and scans them for secrets.
CVE Prioritizer: Open-source tool to prioritize vulnerability patching.
CVE Prioritizer is an open-source tool designed to assist in prioritizing the patching of vulnerabilities.
It integrates data from CVSS, EPSS, and CISA's KEV catalog to offer insights into the probability of exploitation and the potential effects of vulnerabilities on your systems.


This Cyber News was published on www.helpnetsecurity.com. Publication date: Fri, 23 Feb 2024 06:13:06 +0000


Cyber News related to New infosec products of the week: February 23, 2024

AuditBoard enhances InfoSec Solutions to reduce compliance fatigue across the organization - AuditBoard announced powerful enhancements for its InfoSec Solutions to help organizations meet their IT compliance, cyber risk, and vendor risk management needs in the face of rising risks and increased regulatory requirements. With these new ...
7 months ago Helpnetsecurity.com
Infosec pros sound off on usefulness of higher education The Register - Half of infosec professionals polled by Kaspersky said any cybersecurity knowledge they picked up from their higher education is at best somewhat useful for doing their day jobs. On the other hand, half said the know-how was at least very useful. The ...
10 months ago Go.theregister.com
Infosec pros sound off on usefulness of higher education The Register - Half of infosec professionals polled by Kaspersky said any cybersecurity knowledge they picked up from their higher education is at best somewhat useful for doing their day jobs. On the other hand, half said the know-how was at least very useful. The ...
10 months ago Theregister.com
What is Certified information Security Manager? Definition from SearchSecurity - Certified Information Security Manager is an advanced certification that indicates that an individual possesses the knowledge and experience required to develop and manage an enterprise information security program. CISM is offered by ISACA, a ...
9 months ago Techtarget.com
Week in review: MOVEit auth bypass flaws quitely fixed, open-source Rafel RAT targets Androids - Progress quietly fixes MOVEit auth bypass flawsProgress Software has patched one critical and one high-risk vulnerability in MOVEit, its widely used managed file transfer software product. Open-source Rafel RAT steals info, locks Android devices, ...
5 months ago Helpnetsecurity.com
Week in review: 15 million Trello users' scraped data on sale, attackers can steal NTLM hashes - The reality of hacking threats in connected car systemsIn this Help Net Security interview, Ivan Reedman, Director of Secure Engineering at IOActive, discusses how manufacturers, government regulations, and consumers are adapting to these new ...
10 months ago Helpnetsecurity.com
Week in review: AnyDesk phishing campaign targets employees, Microsoft fixes exploited zero-days - Integrating cybersecurity into vehicle design and manufacturingIn this Help Net Security interview, Yaron Edan, CISO at REE Automotive, discusses the cybersecurity landscape of the automotive industry, mainly focusing on electric and connected ...
10 months ago Helpnetsecurity.com
It was other crims what did it: SBF off hook for FTX hack The Register - Infosec In Brief The recent indictment of a massive SIM-swapping ring may mean convicted crypto conman Sam Bankman-Fried is innocent of at least one allegation still hanging over his head: The theft of more than $400 million in crypto hacked from ...
10 months ago Go.theregister.com
Investigation of Possible Causes of ESXiArgs Ransomware Attacks Suggests VMware is Not at Fault - Edward Hawkins, the High-Profile Product Incident Response Manager at VMware, has denied allegations that two-year-old security flaws have been used in the current ESXiArgs ransomware attacks. Over the weekend, reports surfaced about cybercriminals ...
1 year ago Hackread.com
East Texas hospital network can't receive ambulances because of potential cybersecurity incident - GetTime();if(!(u<=a&&d<=l throw new RangeError("Invalid interval");return r.inclusive?u<=l&&d<=a:ut||isNaN(t. Step):1;if(s<1||isNaN(s throw new RangeError("`options. Step):1;if(l<1||isNaN(l throw new RangeError("`options. GetTime()<=n throw new ...
1 year ago Cnn.com
Wait, infosec isn't a computer science degree requirement? The Register - Comment There's a line in the latest plea from CISA - the US government's cybersecurity agency - to software developers to do a better job of writing secure code that may make you spit out your coffee. Jack Cable, a CISA senior technical advisor, ...
10 months ago Go.theregister.com
Wait, infosec isn't a computer science degree requirement? The Register - Comment There's a line in the latest plea from CISA - the US government's cybersecurity agency - to software developers to do a better job of writing secure code that may make you spit out your coffee. Jack Cable, a CISA senior technical advisor, ...
10 months ago Theregister.com
$937 Bounty Awarded for Privilege Escalation and Local File Inclusion Vulnerabilities Patched in MasterStudy LMS WordPress Plugin - On February 25th, 2024, during our second Bug Bounty Extravaganza, we received a submission for a Privilege Escalation vulnerability in MasterStudy LMS, a WordPress plugin with more than 10,000 active installations. The next day on February 26th, ...
8 months ago Wordfence.com
A look at Fortinet's week to forget The Register - Security researchers have urged users to patch vulnerable VPNs as soon as possible since the vulnerability is understood to be easily exploitable. The only workaround recommended by Fortinet is to disable the SSL VPN. Disabling webmode won't mitigate ...
10 months ago Go.theregister.com
Join us at InfoSec Jupyterthon 2024 - Jupyter notebooks are continuing to grow in popularity in information security as an alternative or supplement to mainstream security operations center tools. Notebooks can be used interactively for threat detection and response, or as automated ...
10 months ago Microsoft.com
Week in review: Veeam fixes RCE flaw in backup management platform, Patch Tuesday forecast - Veeam fixes RCE flaw in backup management platformVeeam has patched a high-severity vulnerability in Veeam Service Provider Console and is urging customers to implement the patch. May 2024 Patch Tuesday forecast: A reminder of recent threats and ...
7 months ago Helpnetsecurity.com
Week in review: Google fixes yet another Chrome zero-day exploit, YouTube as a cybercrime channel - Google fixes yet another Chrome zero-day exploited in the wildFor the eighth time this year, Google has released an emergency update for its Chrome browser that fixes a zero-day vulnerability with an in-the-wild exploit. Authelia: Open-source ...
6 months ago Helpnetsecurity.com
GitHub Revokes Compromised Code Signing Certificates After Repo Hack - GitHub has recently revealed that unknown attackers have stolen encrypted code-signing certificates for its Desktop and Atom applications after gaining access to some of its development and release planning repositories. The company has found no ...
1 year ago Bleepingcomputer.com
Week in review: Booking.com hotel booking scam, Kali Linux 2023.4 released - Advanced ransomware campaigns expose need for AI-powered cyber defenseIn this Help Net Security interview, Carl Froggett, CIO at Deep Instinct, discusses emerging trends in ransomware attacks, emphasizing the need for businesses to use advanced AI ...
1 year ago Helpnetsecurity.com
New infosec products of the week: February 23, 2024 - Here's a look at the most interesting products from the past week, featuring releases from ManageEngine, Metomic, Pindrop, and Truffle Security. Pindrop Pulse offers protection against audio deepfakes. Pindrop Pulse's ability to detect deepfakes ...
9 months ago Helpnetsecurity.com
Prudential Financial now says 2.5 million impacted by data breach - Prudential Financial, a global financial services company, has revealed that over 2.5 million people had their personal information compromised in a February data breach. According to an 8-K form filed with the U.S. Securities and Exchange ...
5 months ago Bleepingcomputer.com
Week in review: Windows Event Log zero-day, exploited critical Jenkins RCE flaw - Prioritizing cybercrime intelligence for effective decision-making in cybersecurityIn this Help Net Security interview, Alon Gal, CTO at Hudson Rock, discusses integrating cybercrime intelligence into existing security infrastructures. Proactive ...
10 months ago Helpnetsecurity.com
Week in review: Terrapin SSH attack, Mr. Cooper breach - Creating a formula for effective vulnerability prioritizationIn this Help Net Security interview, Michael Gorelik, CTO and Head of Malware Research at Morphisec, provides insights into the business impact of vulnerabilities. EMBA: Open-source ...
11 months ago Helpnetsecurity.com
Week in review: Apache Struts vulnerability exploit attempt, EOL Sophos firewalls get hotfix - SCS 9001 2.0 reveals enhanced controls for global supply chainsIn this Help Net Security interview, Mike Regan, VP of Business Performance at TIA, discusses SCS 9001 Release 2.0, a certifiable standard crafted to assist organizations in ...
1 year ago Helpnetsecurity.com
Week in review: GitLab account takeover flaw, attackers exploiting Ivanti Connect Secure zero-days - Social engineer reveals effective tricks for real-world intrusionsIn this Help Net Security interview, Jayson E. Street, Chief Adversarial Officer at Secure Yeti, discusses intriguing aspects of social engineering and unconventional methods for ...
11 months ago Helpnetsecurity.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)