Security News

What are some patch management best practices and techniques? Following patch management "Golden rules" such as patching on test machines and organizing rollout beforehand.

As organizations in the healthcare sector continue to be a prime target for ransomware gangs and CISA warns about a vulnerability in a healthcare-specific platform being leveraged by attackers, the Advanced Research Projects Agency for Health has announced the Universal PatchinG and Remediation for Autonomous DEfense program aimed at developing a vulnerability management platform for healthcare IT teams. CVE-2023-43208, an easily exploitable unauthenticated remote code execution vulnerability affecting NextGen HealthCare's Mirth Connect data integration platform, has been patched by the company and publicly disclosed by Horizon3.

Since the first edition of The Ultimate SaaS Security Posture Management (SSPM) Checklist was released three years ago, the corporate SaaS sprawl has been growing at a double-digit pace. In large...

Best encryption key management software compared Software Highlight security features Deployment experience Free plan or free trial Starting price Microsoft Azure Key Vault: Best overall FIPS 140-2 Level 2 hardware security module encryption Initial setup can be tricky Free trial Flat rate of $0.03 per 10,000 operations. GnuPG: Best for PGP encryption PGP encryption, auditing and compliance capabilities Easy to use, especially for command line users Free Free Seahorse: Best for a user-friendly interface Auto-saving passwords to a keyring Lacks documentation for casual users Free Free Google Cloud Key Management: Best for a cloud-based option Provides an external key manager that allows granular control over data Easy to use None $0.06 per month HashiCorp Vault: Best for secret keys Open-source and self-hosted; dynamic secrets/just-in-time secrets Can be complex; takes time to learn Free with limited features.

In the last decade, there has been a growing disconnect between front-line analysts and senior management in IT and Cybersecurity. Well-documented challenges facing modern analysts revolve around...

In this Help Net Security video, Itamar Sher, CEO of Seal Security, discusses how AI affects the risk and operational aspects of managing vulnerabilities in open-source software. One of the core issues around open-source vulnerability patch management has been the coupling between security patches and other code changes.

Veeam fixes RCE flaw in backup management platformVeeam has patched a high-severity vulnerability in Veeam Service Provider Console and is urging customers to implement the patch. May 2024 Patch Tuesday forecast: A reminder of recent threats and impactThe thunderstorms of April patches have passed, and it has been pretty calm leading up to May 2024 Patch Tuesday.

Veeam has patched a high-severity vulnerability in Veeam Service Provider Console and is urging customers to implement the patch. Veeam Service Provider Console is a cloud platform used by managed services providers and enterprises to manage and monitor data backup operations.

In this Help Net Security video, Brad Hibbert, Chief Strategy Officer and Chief Operating Officer for Prevalent, discusses five interesting findings from a recent industry study on third-party risk management and what he thinks they mean for cybersecurity professionals and their companies' TPRM programs. Prevalent's 2024 Third-Party Risk Management Study found that 61% of companies experienced a third-party data breach or cybersecurity incident last year.

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more...