Help Net Security

New infosec products of the week: April 4, 2025

April 4, 2025 add comment
Here’s a look at the most interesting products from the past week, featuring releases from 1touch.io, Bitsight, Bluefin, CyberQP, and Exabeam. Exabeam Nova accelerates threat detection and response By... Read more »

Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)

April 3, 2025 add comment
A suspected Chinese APT group has exploited CVE-2025-22457 – a buffer overflow bug that was previously thought not to be exploitable – to compromise appliances running Ivanti Connect Secure... Read more »

Bitsight Identity Intelligence provides visibility into compromised accounts

April 3, 2025 add comment
Bitsight launched Bitsight Identity Intelligence, a new, standalone threat intelligence module designed to help security teams detect compromised credentials, prevent unauthorized access, and proactively mitigate risk across their extended... Read more »

Attackers are leveraging Cisco Smart Licensing Utility static admin credentials (CVE-2024-20439)

April 3, 2025 add comment
CVE-2024-20439, a static credential vulnerability in the Cisco Smart Licensing Utility, is being exploited by attackers in the wild, CISA has confirmed on Monday by adding the flaw to... Read more »

Phishers are increasingly impersonating electronic toll collection companies

April 3, 2025 add comment
Steam was the most imitated brands by phishers in the first quarter of 2025, followed by Microsoft and Facebook/Meta, Guardio researchers have revealed. “Historically, the #1 spot has been... Read more »

Corgea BLAST uncovers hidden vulnerabilities in code

April 3, 2025 add comment
Corgea launches BLAST (Business Logic Application Testing), its AI-driven cybersecurity platform designed to address the risks associated with hidden code vulnerabilities, human error, and security flaws introduced by AI-assisted... Read more »

1touch.io helps organizations safeguard sensitive data

April 3, 2025 add comment
1touch.io launched the next-generation Enterprise Data Security Posture Management (DSPM) platform, a solution designed specifically for hybrid, multi-cloud, on-premises, and mainframe environments. By integrating continuous data discovery, real-time access... Read more »

Bluefin simplifies network tokenization access and management for merchants

April 3, 2025 add comment
Bluefin announced the addition of network tokenization capabilities to its ShieldConex Tokenization as a Service and Orchestration platforms, enabling merchants to directly provision network-issued payment tokens from card brands... Read more »

CyberQP launches Zero Trust Helpdesk Security Platform

April 3, 2025 add comment
CyberQP has launched its Zero Trust Helpdesk Security Platform—combining QGuard for Privileged Access Management (PAM) and QDesk for End-User Access Management (EUAM). This unified solution helps IT teams reduce... Read more »

Beware fake AutoCAD, SketchUp sites dropping malware

April 3, 2025 add comment
Malware peddlers are saddling users with the TookPS downloader and the Lapmon and TeviRat backdoors via malicious sites that mimic official ones and ostensibly offer legitimate software for download,... Read more »
Subscribe to our Newsletter