credentials

Risk related to non-human identities: Believe the hype, reject the FUD

access control, credentials, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, identity, identity management, News, opinion, Sweet Security /

Risk related to non-human identities: Believe the hype, reject the FUD 2024-07-15 at 08:01 By Help Net Security The hype surrounding unmanaged and exposed non-human identities (NHIs), or machine-to-machine credentials – such as service accounts, system accounts, certificates and API keys – has recently skyrocketed. A steady stream of NHI-related breaches is causing some of […]

React to this headline:

Loading spinner

Risk related to non-human identities: Believe the hype, reject the FUD Read More »

From passwords to passkeys: Enhancing security and user satisfaction

authentication, Compliance, credentials, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, passwordless, passwords, regulation, Stytch /

From passwords to passkeys: Enhancing security and user satisfaction 2024-06-20 at 07:01 By Mirko Zorz In this Help Net Security interview, Julianna Lamb, Stytch CTO, discusses the advantages of passwordless authentication. Eliminating passwords reduces data breaches and improves user experience by simplifying the login process. Lamb also addresses the technical challenges and economic implications of

React to this headline:

Loading spinner

From passwords to passkeys: Enhancing security and user satisfaction Read More »

Medibank breach: Security failures revealed (lack of MFA among them)

Australia, credentials, data breach, Don't miss, extortion, Hot stuff, Medibank, MFA, News /

Medibank breach: Security failures revealed (lack of MFA among them) 2024-06-18 at 17:31 By Zeljka Zorz The 2022 Medibank data breach / extortion attack perpetrated by the REvil ransomware group started by the attackers leveraging login credentials stolen from a private computer of an employee of a Medibank’s IT contractor. According to a statement by

React to this headline:

Loading spinner

Medibank breach: Security failures revealed (lack of MFA among them) Read More »

The number of known Snowflake customer data breaches is rising

cloud security, credentials, data breach, data theft, Don't miss, enterprise, extortion, Hot stuff, News, Snowflake /

The number of known Snowflake customer data breaches is rising 2024-06-10 at 15:46 By Zeljka Zorz LendingTree subsidiary QuoteWizard and automotive parts provider Advance Auto Parts have been revealed as victims of attackers who are trying to sell data stolen from Snowflake-hosted cloud databases. Snowflake says that their investigation is still ongoing, but continues to

React to this headline:

Loading spinner

The number of known Snowflake customer data breaches is rising Read More »

Snowflake compromised? Attackers exploit stolen credentials

credentials, data breach, data theft, Don't miss, enterprise, extortion, Hot stuff, Hudson Rock, Mitiga, News, Snowflake /

Snowflake compromised? Attackers exploit stolen credentials 2024-05-31 at 22:17 By Zeljka Zorz Have attackers compromised Snowflake or just their customers’ accounts and databases? Conflicting claims muddy the situation. What is Snowflake? Snowflake is cloud-based data storage and analytics company based in the US, and claims nearly 9,500 organizations around the world as customers. “From an

React to this headline:

Loading spinner

Snowflake compromised? Attackers exploit stolen credentials Read More »

Product showcase: Alert – Data breach detector for your email, credit card, and ID

credentials, data breach, Don't miss, email security, Hot stuff, News, Product showcase, Surfshark /

Product showcase: Alert – Data breach detector for your email, credit card, and ID 2024-05-24 at 08:31 By Help Net Security Compared to the last quarter of 2023, data breaches rose from 81M to 435M in Q1 2024. That’s a 5-fold increase in just a few months. One of the most common ways data breaches

React to this headline:

Loading spinner

Product showcase: Alert – Data breach detector for your email, credit card, and ID Read More »

Strategies for combating AI-enhanced BEC attacks

access management, Artificial Intelligence, BEC scams, credentials, cybercrime, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, remote working, scams, strategy, TeamViewer /

Strategies for combating AI-enhanced BEC attacks 2024-05-21 at 07:31 By Mirko Zorz In this Help Net Security interview, Robert Haist, CISO at TeamViewer, discusses how AI is being leveraged by cybercriminals to enhance the effectiveness of BEC scams. How is AI being leveraged by cybercriminals to enhance the effectiveness of BEC scams? BEC attacks are

React to this headline:

Loading spinner

Strategies for combating AI-enhanced BEC attacks Read More »

CISA warns about Sisense data breach

CISA, credentials, data breach, Don't miss, Hot stuff, News, Sisense /

CISA warns about Sisense data breach 2024-04-11 at 17:31 By Zeljka Zorz Business intelligence / data analytics software vendor Sisense has apparently suffered a data breach that spurred the company and the US Cybersecurity and Infrastructure Security Agency to push the company’s customers to “reset credentials and secrets potentially exposed to, or used to access,

React to this headline:

Loading spinner

CISA warns about Sisense data breach Read More »

Strengthening defenses against nation-state and for-profit cyber attacks

access management, credentials, critical infrastructure, cyberattacks, cybersecurity, Don't miss, Hot stuff, identity, MFA, Video, Xage Security /

Strengthening defenses against nation-state and for-profit cyber attacks 2024-04-04 at 06:32 By Help Net Security There is an urgent need to secure tactical, operational, and strategic critical assets from the edge to the core. In this Help Net Security video, Geoffrey Mattson, CEO of Xage Security, discusses the steps enterprises and critical infrastructure must take

React to this headline:

Loading spinner

Strengthening defenses against nation-state and for-profit cyber attacks Read More »

How much does cloud-based identity expand your attack surface?

access management, credentials, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, identity, identity management, IS Decisions, News, opinion, Risk Management /

How much does cloud-based identity expand your attack surface? 2024-03-29 at 08:01 By Help Net Security We all know using a cloud-based identity provider (IdP) expands your attack surface, but just how big does that attack surface get? And can we even know for sure? As Michael Jordan once said, “Get the fundamentals down, and

React to this headline:

Loading spinner

How much does cloud-based identity expand your attack surface? Read More »

Key MITRE ATT&CK techniques used by cyber attackers

attacks, Cloud, credentials, cybersecurity, Email, identity, News, Ransomware, Red Canary, report /

Key MITRE ATT&CK techniques used by cyber attackers 2024-03-15 at 11:01 By Help Net Security While the threat landscape continues to shift and evolve, attackers’ motivations do not, according to a Red Canary report. The classic tools and techniques adversaries deploy remain consistent–with some notable exceptions. The report tracked MITRE ATT&CK techniques that adversaries abuse

React to this headline:

Loading spinner

Key MITRE ATT&CK techniques used by cyber attackers Read More »

Securing the future: Addressing cybersecurity challenges in the education sector

credentials, cybersecurity, dark web, Don't miss, education, Email, Hot stuff, Ransomware, Trustwave, Video /

Securing the future: Addressing cybersecurity challenges in the education sector 2024-03-08 at 07:03 By Help Net Security In this Help Net Security video, Kory Daniels, CISO at Trustwave, shines a light on the impact the current threat environment can have for both universities and students. Key findings from a recent Trustwave report include: – 1.8

React to this headline:

Loading spinner

Securing the future: Addressing cybersecurity challenges in the education sector Read More »

Using AI to reduce false positives in secrets scanners

API security, Artificial Intelligence, authentication, credentials, cybersecurity, Don't miss, Expert analysis, Expert corner, Features, Hot stuff, Legit Security, News, opinion, SSH /

Using AI to reduce false positives in secrets scanners 2024-02-27 at 08:02 By Help Net Security As development environments grow more complex, applications increasingly communicate with many external services. When a software development project communicates with an external service, it utilizes a token or “secret” for authentication. These tokens are the glue that keeps any

React to this headline:

Loading spinner

Using AI to reduce false positives in secrets scanners Read More »

The old, not the new: Basic security issues still biggest threat to enterprises

credentials, critical infrastructure, cybercrime, cybersecurity, exploit, generative AI, IBM, IBM X-Force, identity, News, report /

The old, not the new: Basic security issues still biggest threat to enterprises 2024-02-23 at 08:01 By Help Net Security In 2023, cybercriminals saw more opportunities to “log in” versus hack into corporate networks through valid accounts – making this tactic a preferred weapon for threat actors, according to IBM’s 2024 X-Force Threat Intelligence Index.

React to this headline:

Loading spinner

The old, not the new: Basic security issues still biggest threat to enterprises Read More »

Secure email gateways struggle to keep pace with sophisticated phishing campaigns

BEC scams, Cofense, credentials, cybercrime, Email, News, phishing, QR codes, report /

Secure email gateways struggle to keep pace with sophisticated phishing campaigns 2024-02-23 at 07:02 By Help Net Security In 2023, malicious email threats bypassing secure email gateways (SEGs) increased by more than 100%, according to Cofense. In just two years, Cofense identified over 1.5 million malicious emails bypassing their customers’ SEGs, signaling a 37% increase

React to this headline:

Loading spinner

Secure email gateways struggle to keep pace with sophisticated phishing campaigns Read More »

Attack velocity surges with average breakout time down to only 62 minutes

credentials, CrowdStrike, cybercrime, cybersecurity, election security, exploit, generative AI, News, report, survey /

Attack velocity surges with average breakout time down to only 62 minutes 2024-02-22 at 07:31 By Help Net Security The speed of cyberattacks continues to accelerate at an alarming rate, according to CrowdStrike. Adversaries increasingly exploit stolen credentials The speed of cyberattacks continues to accelerate at an alarming rate. The report indicates that the average

React to this headline:

Loading spinner

Attack velocity surges with average breakout time down to only 62 minutes Read More »

Understanding the tactics of stealthy hunter-killer malware

credentials, cybercrime, cybersecurity, machine learning, Malware, News, Picus Security, report, threats /

Understanding the tactics of stealthy hunter-killer malware 2024-02-15 at 06:31 By Help Net Security Picus Security has revealed a rise in hunter-killer malware, highlighting a significant shift in adversaries’ capability to pinpoint and thwart advanced enterprise defenses, including next-gen firewalls, antivirus programs, and EDR systems. There was a 333% increase in malware that can actively

React to this headline:

Loading spinner

Understanding the tactics of stealthy hunter-killer malware Read More »

AnyDesk has been hacked, users urged to change passwords

AnyDesk, certificates, credentials, CrowdStrike, data breach, Don't miss, Hot stuff, News, remote access, Resecurity /

AnyDesk has been hacked, users urged to change passwords 2024-02-05 at 14:31 By Zeljka Zorz AnyDesk Software GmbH, the German company behind the widely used (and misused) remote desktop application of the same name, has confirmed they’ve been hacked and their production systems have been compromised. The statement was published on Friday evening and lacks

React to this headline:

Loading spinner

AnyDesk has been hacked, users urged to change passwords Read More »

Scroll to Top