#1 Trusted Cybersecurity News Platform Followed by 3.45+ million
The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Most Trusted Cyber Security and Computer Security Analysis: cybersecurity software

Improve your security posture with Wazuh, a free and open source XDR

Improve your security posture with Wazuh, a free and open source XDR
Sep 28, 2022
Organizations struggle to find ways to keep a good security posture. This is because it is difficult to create secure system policies and find the right tools that help achieve a good posture. In many cases, organizations work with tools that do not integrate with each other and are expensive to purchase and maintain. Security posture management is a term used to describe the process of identifying and mitigating security misconfigurations and compliance risks in an organization. To maintain a good security posture, organizations should at least do the following: Maintain inventory:  Asset inventory is considered first because it provides a comprehensive list of all IT assets that should be protected. This includes the hardware devices, applications, and services that are being used. Perform vulnerability assessment:  The next step is to perform a vulnerability assessment to identify weaknesses in applications and services. Knowledge of the vulnerabilities help to prioritize risks

Comprehensive, Easy Cybersecurity for Lean IT Security Teams Starts with XDR

Comprehensive, Easy Cybersecurity for Lean IT Security Teams Starts with XDR
Jun 15, 2022
Breaches don't just happen to large enterprises. Threat actors are increasingly targeting small businesses. In fact,  43%  of data breaches involved small to medium-sized businesses. But there is a glaring discrepancy. Larger businesses typically have the budget to keep their lights on if they are breached. Most small businesses ( 83% ), however, don't have the financial resources to recover if they are a victim of an attack.  These small security teams were getting lost in the shuffle...until now.  The rise of XDR  As the threat landscape changes and bad actors continue to evolve their tactics, the industry is responding with new solutions and approaches to the way we do cybersecurity. The most recent evolution of cybersecurity technology is extended detection and response (XDR). There's no doubt you've heard of it. But do you have a firm grasp on what it really is and its unique value? If you shook your head "no" – you aren't alone. Industry exper

As State-Backed Cyber Threats Grow, Here's How the World Is Reacting

As State-Backed Cyber Threats Grow, Here's How the World Is Reacting
Apr 15, 2022
With the ongoing conflict in Eurasia, cyberwarfare is inevitably making its presence felt. The fight is not only being fought on the fields. There is also a big battle happening in cyberspace. Several cyber-attacks have been reported over the past months. Notably, cyber attacks backed by state actors are becoming prominent. There have been reports of a rise of ransomware and other malware attacks such as  Cyclops Blink ,  HermeticWiper , and  BlackCat . These target businesses as well as government institutions and nonprofit organizations. There have been cases of several attempts to shut down online communications and IT infrastructure. The ongoing list of  significant cyber incidents  curated by the Center for Strategic and International Studies (CSIS) shows that the number of major incidents in January 2022 is 100% higher compared to the same period in the previous year. With the recent activities in cyberspace impacted by the emergence of the geopolitical tumult in February, it

Use This Definitive RFP Template to Effectively Evaluate XDR solutions

Use This Definitive RFP Template to Effectively Evaluate XDR solutions
Mar 23, 2022
A new class of security tools is emerging that promises to significantly improve the effectiveness and efficiency of threat detection and response. Emerging Extended Detection and Response (XDR) solutions aim to aggregate and correlate telemetry from multiple detection controls and then synthesize response actions. XDR has been referred to as the next step in the evolution of Endpoint Detection and Response (EDR) solutions. Because XDR represents a new solution category, there is no single accepted definition of what capabilities and features should (and shouldn't) be included. Each provider approaches XDR with different strengths and perspectives on how what an XDR solution should include. Therefore, selecting an XDR provider is quite challenging as organizations must organize and prioritize a wide range of capabilities that can differ significantly between providers. Cynet is now addressing this need with the Definitive RFP Template for XDR solutions ( download here ),

How Wazuh Can Improve Digital Security for Businesses

How Wazuh Can Improve Digital Security for Businesses
Jan 28, 2022
2021 was a year peppered by cyberattacks, with numerous data breaches happening. Not only that, but ransomware has also become a prominent player in the hackers' world. Now, more than ever, it's important for enterprises to step up cybersecurity measures. They can do this through several pieces of technology, such as an open-source security platform like Wazuh .  Wazuh is a free and open source security platform that unifies XDR and SIEM capabilities, which not only enables companies to detect sophisticated threats, but can also help immensely in preventing data breaches and leaks from happening. As a result, it can save businesses from costly fixes that can ultimately end in their closure. It is also possible to integrate Wazuh with a number of external services and tools. Some of them are VirusTotal, YARA, Amazon Macie, Slack, and Fortigate Firewall. Consequently, companies can improve their security against hackers from penetrating their networks. What's great abou

Rising Demand for DDoS Protection Software Market By 2020-2028

Rising Demand for DDoS Protection Software Market By 2020-2028
Mar 15, 2021
Distributed Denial of Service (DDoS) attack is a malicious form of attack that disrupts the regular network traffic by overwhelming the website with more traffic than the server can handle. The main aim of this kind of cyberattack is to render the website inoperable. Over recent years, these kinds of attacks are increasing, fueling the demand for the  best DDoS protection  software solutions. Many unplanned data center outages are owing to DDoS attacks. The threat of DDoS is due to access to easy-to-use tools and the profit potential through extortion.  The attacks target businesses directly, leading to substantial financial and personal losses, making it critical to have robust DDoS protection software solutions in place. According to the report of  Market Research Inc , the DDoS protection Software Market is predicted to reach +14% CAGR by 2020 – 2028.  Important Statistics to illustrate the growing demand for DDoS Software Solutions Demand for the DDoS software market is on th

Why do companies fail to stop breaches despite soaring IT security investment?

Why do companies fail to stop breaches despite soaring IT security investment?
Mar 01, 2021
Let's first take a look back at 2020! Adding to the list of difficulties that surfaced last year, 2020 was also grim for personal data protection, as it has marked a new record number of leaked credentials and PI data. A whopping 20 billion records were stolen in a single year, increasing 66% from 12 billion in 2019. Incredibly, this is a 9x increase from the comparatively "small" amount of 2.3 billion records stolen in 2018. This trend seems to fit an exponential curve; even worse, we are yet to see the fallouts from the end of the year "Solorigate" campaign, which has the potential to marginalize even these numbers by the end of 2021. Found among the leaked data are usernames, passwords, credit card numbers, bank account details, healthcare information, and other personal data. Malicious actors utilize these treasure troves of information for fraud and further attacks. In just the first quarter of 2020, the Dutch government managed to lose a hard drive

If You Don't Have A SASE Cloud Service, You Don't Have SASE At All

If You Don't Have A SASE Cloud Service, You Don't Have SASE At All
Nov 05, 2020
The Secure Access Service Edge (or SASE)  has been a very hot buzzword in the past year. A term and category created by Gartner 2019, SASE states that the future of networking and security lies in the convergence of these categories into a single, cloud-based platform. The capabilities that SASE delivers aren't new and include  SD-WAN , threat prevention, remote access, and others that were available from multiple vendors over the years.  So, what is, in fact, new about SASE? This is the main topic for our discussion with Yishay Yovel, Chief Marketing Office at  Cato Networks , one of the first companies that entered the SASE market. THN: Cato had been a big proponent of SASE. Why is SASE important to end customers? Yishay:  SASE is a wake-up call for our industry and IT organizations. IT infrastructure got fragmented with many point solutions that, in turn, created complexity, rigidity, high cost, and increased risk. These are systemic issues. Each point product by itself does

India Witnessed Spike in Cyber Attacks Amidst Covid-19 - Here's Why?

India Witnessed Spike in Cyber Attacks Amidst Covid-19 - Here's Why?
Oct 15, 2020
The COVID-19 outreach is turning out to be not only health, social, and economic hazard but also a cybersecurity crisis. The pandemic has presented new challenges for businesses in the areas of remote collaboration and business continuity. With increased remote working for better business continuity, employees are using numerous Internet tools. As businesses and people have started relying more on technology and are busy fighting with the pandemic, the attackers now have plenty of options to target them more than ever. According to PWC's April report, the number of security threats to the Indian company doubled in March 2020—especially what's more worrying is a 100% rise between March 17 and 20—from Jan 2020. Sanjay Dhotre, the Union Minister of State for Electronics & Information Technology (MeITY),  said  that India has seen over 350,000 cyberattacks in the second quarter, triple the number of recorded events in the first quarter of 2020. He also highlighted that ther

Guide: Scale or Fail — Why MSSPs Need Multitenant Security Solutions

Guide: Scale or Fail — Why MSSPs Need Multitenant Security Solutions
Oct 14, 2020
Managed Security Services Providers (MSSPs) have it rough. They have the burden of protecting their client organizations from cyberattacks, with clients from different industries, different security stacks, and different support requirements. And everything is in a constant state of flux. MSSPs are turning to multitenant solutions to help reduce the complexity of managing multiple security solution instances across their client base. Multitenancy allows various independent instances of a solution to be managed in a single, shared environment. Cybersecurity company Cynet just published an instructive paper on the benefits along with the key considerations MSSPs should evaluate when selecting a multitenant platform ( download here ). Eliminating Information Overload with a Single Pane of Glass Many MSSPs suffer from information whiplash - jumping between screens every time a different client environment needs attention. And, effectively monitoring and responding to the torrent of se

Zenscrape: A Simple Web Scraping Solution for Penetration Testers

Zenscrape: A Simple Web Scraping Solution for Penetration Testers
Sep 17, 2020
Did you ever try extracting any information from any website? Well, if you have then you have surely enacted web scraping functions without even knowing it! To put in simpler terms, Web scraping, or also known as web data extraction, is the process of recouping or sweeping data from web-pages. It is a much faster and easier process of retrieving data without undergoing the time-consuming hassle of manual data extraction methods. Web scraping uses advanced automatic tools to reclaim data from millions and billions of websites. The Basics of Web Scraping First, some common terms you'll need to know: The Crawler: The web crawler or popularly known as a 'spider,' is an automated website scraping tool that skims through the internet for information. The spider usually surfs the internet and follows links, and explores various web pages to gather or "scrape" up any information. The Scraper: A scraper or web scraper is a comprehensive website scraper

A Successful Self-Service Password Reset (SSPR) Project Requires User Adoption

A Successful Self-Service Password Reset (SSPR) Project Requires User Adoption
Sep 10, 2020
IT help desks everywhere are having to adjust to the 'new normal' of supporting mainly remote workers. This is a major shift away from visiting desks across the office and helping ones with traditional IT support processes. Many reasons end-users may contact the helpdesk. However, password related issues are arguably the most common. Since the onset of the global pandemic that began earlier this year, help desks are now dealing with password resets of users who are working remotely. Servicing users who are working remotely and assisting with password resets can be cumbersome and expose organizations to potential security risks. Self-service password reset (SSPR) solutions can significantly assist in providing the tools that remote workers need to service their accounts. However, there can be challenges with enrollment and other issues. Let's take a look at SSPR and see how businesses can manage enrollment compliance. What is Self-Service Password Reset (SSPR)
More Resources

Sign up for free and start receiving your daily dose of cybersecurity news, insights and tips.