credentials

Strategies for combating AI-enhanced BEC attacks

Strategies for combating AI-enhanced BEC attacks 2024-05-21 at 07:31 By Mirko Zorz In this Help Net Security interview, Robert Haist, CISO at TeamViewer, discusses how AI is being leveraged by cybercriminals to enhance the effectiveness of BEC scams. How is AI being leveraged by cybercriminals to enhance the effectiveness of BEC scams? BEC attacks are …

Strategies for combating AI-enhanced BEC attacks Read More »

React to this headline:

Loading spinner

CISA warns about Sisense data breach

CISA warns about Sisense data breach 2024-04-11 at 17:31 By Zeljka Zorz Business intelligence / data analytics software vendor Sisense has apparently suffered a data breach that spurred the company and the US Cybersecurity and Infrastructure Security Agency to push the company’s customers to “reset credentials and secrets potentially exposed to, or used to access, …

CISA warns about Sisense data breach Read More »

React to this headline:

Loading spinner

Strengthening defenses against nation-state and for-profit cyber attacks

Strengthening defenses against nation-state and for-profit cyber attacks 2024-04-04 at 06:32 By Help Net Security There is an urgent need to secure tactical, operational, and strategic critical assets from the edge to the core. In this Help Net Security video, Geoffrey Mattson, CEO of Xage Security, discusses the steps enterprises and critical infrastructure must take …

Strengthening defenses against nation-state and for-profit cyber attacks Read More »

React to this headline:

Loading spinner

How much does cloud-based identity expand your attack surface?

How much does cloud-based identity expand your attack surface? 2024-03-29 at 08:01 By Help Net Security We all know using a cloud-based identity provider (IdP) expands your attack surface, but just how big does that attack surface get? And can we even know for sure? As Michael Jordan once said, “Get the fundamentals down, and …

How much does cloud-based identity expand your attack surface? Read More »

React to this headline:

Loading spinner

Key MITRE ATT&CK techniques used by cyber attackers

Key MITRE ATT&CK techniques used by cyber attackers 2024-03-15 at 11:01 By Help Net Security While the threat landscape continues to shift and evolve, attackers’ motivations do not, according to a Red Canary report. The classic tools and techniques adversaries deploy remain consistent–with some notable exceptions. The report tracked MITRE ATT&CK techniques that adversaries abuse …

Key MITRE ATT&CK techniques used by cyber attackers Read More »

React to this headline:

Loading spinner

Securing the future: Addressing cybersecurity challenges in the education sector

Securing the future: Addressing cybersecurity challenges in the education sector 2024-03-08 at 07:03 By Help Net Security In this Help Net Security video, Kory Daniels, CISO at Trustwave, shines a light on the impact the current threat environment can have for both universities and students. Key findings from a recent Trustwave report include: – 1.8 …

Securing the future: Addressing cybersecurity challenges in the education sector Read More »

React to this headline:

Loading spinner

Using AI to reduce false positives in secrets scanners

Using AI to reduce false positives in secrets scanners 2024-02-27 at 08:02 By Help Net Security As development environments grow more complex, applications increasingly communicate with many external services. When a software development project communicates with an external service, it utilizes a token or “secret” for authentication. These tokens are the glue that keeps any …

Using AI to reduce false positives in secrets scanners Read More »

React to this headline:

Loading spinner

The old, not the new: Basic security issues still biggest threat to enterprises

The old, not the new: Basic security issues still biggest threat to enterprises 2024-02-23 at 08:01 By Help Net Security In 2023, cybercriminals saw more opportunities to “log in” versus hack into corporate networks through valid accounts – making this tactic a preferred weapon for threat actors, according to IBM’s 2024 X-Force Threat Intelligence Index. …

The old, not the new: Basic security issues still biggest threat to enterprises Read More »

React to this headline:

Loading spinner

Secure email gateways struggle to keep pace with sophisticated phishing campaigns

Secure email gateways struggle to keep pace with sophisticated phishing campaigns 2024-02-23 at 07:02 By Help Net Security In 2023, malicious email threats bypassing secure email gateways (SEGs) increased by more than 100%, according to Cofense. In just two years, Cofense identified over 1.5 million malicious emails bypassing their customers’ SEGs, signaling a 37% increase …

Secure email gateways struggle to keep pace with sophisticated phishing campaigns Read More »

React to this headline:

Loading spinner

Attack velocity surges with average breakout time down to only 62 minutes

Attack velocity surges with average breakout time down to only 62 minutes 2024-02-22 at 07:31 By Help Net Security The speed of cyberattacks continues to accelerate at an alarming rate, according to CrowdStrike. Adversaries increasingly exploit stolen credentials The speed of cyberattacks continues to accelerate at an alarming rate. The report indicates that the average …

Attack velocity surges with average breakout time down to only 62 minutes Read More »

React to this headline:

Loading spinner

Understanding the tactics of stealthy hunter-killer malware

Understanding the tactics of stealthy hunter-killer malware 2024-02-15 at 06:31 By Help Net Security Picus Security has revealed a rise in hunter-killer malware, highlighting a significant shift in adversaries’ capability to pinpoint and thwart advanced enterprise defenses, including next-gen firewalls, antivirus programs, and EDR systems. There was a 333% increase in malware that can actively …

Understanding the tactics of stealthy hunter-killer malware Read More »

React to this headline:

Loading spinner

AnyDesk has been hacked, users urged to change passwords

AnyDesk has been hacked, users urged to change passwords 2024-02-05 at 14:31 By Zeljka Zorz AnyDesk Software GmbH, the German company behind the widely used (and misused) remote desktop application of the same name, has confirmed they’ve been hacked and their production systems have been compromised. The statement was published on Friday evening and lacks …

AnyDesk has been hacked, users urged to change passwords Read More »

React to this headline:

Loading spinner

WhatsApp, Slack, Teams, and other messaging platforms face constant security risks

WhatsApp, Slack, Teams, and other messaging platforms face constant security risks 12/12/2023 at 07:03 By Help Net Security 42% of businesses report employees with BYOD devices in business settings that use tools like WhatsApp have led to new security incidents, according to SafeGuard Cyber. Messaging platforms like WhatsApp, Telegram, Slack, and Teams face constant threats, …

WhatsApp, Slack, Teams, and other messaging platforms face constant security risks Read More »

React to this headline:

Loading spinner

Infostealers and the high value of stolen data

Infostealers and the high value of stolen data 13/11/2023 at 08:35 By Help Net Security The risk of personal and professional data being stolen by nefarious actors looms larger than ever, according to Trend Micro. Understanding the risks associated with data theft, which include identity theft, financial loss, reputational harm, and the potential misuse of …

Infostealers and the high value of stolen data Read More »

React to this headline:

Loading spinner

Sumo Logic discloses potential breach via compromised AWS credential

Sumo Logic discloses potential breach via compromised AWS credential 08/11/2023 at 14:49 By Helga Labus Cloud-native big data and security analytics firm Sumo Logic is investigating a potential security incident within their platform, the company revealed on Tuesday. The Sumo Logic incident “On Friday, November 3rd, 2023, Sumo Logic discovered evidence of a potential security …

Sumo Logic discloses potential breach via compromised AWS credential Read More »

React to this headline:

Loading spinner

How global password practices are changing

How global password practices are changing 06/11/2023 at 09:33 By Help Net Security Password health and hygiene improved globally over the past year, reducing the risk of account takeover for consumers and businesses, according to Dashlane. Password reuse remains prevalent, however, leaving user accounts particularly vulnerable to password-spraying attacks if they’re not protected by strong …

How global password practices are changing Read More »

React to this headline:

Loading spinner

How human behavior research informs security strategies

How human behavior research informs security strategies 02/11/2023 at 08:01 By Mirko Zorz In this Help Net Security interview, Kai Roer, CEO at Praxis Security Labs, explores the theoretical underpinnings, practical implications, and the crucial role of human behavior in cybersecurity. Roer explains why a comprehensive understanding of human complexity is paramount in today’s security …

How human behavior research informs security strategies Read More »

React to this headline:

Loading spinner

IAM Credentials in Public GitHub Repositories Harvested in Minutes

IAM Credentials in Public GitHub Repositories Harvested in Minutes 31/10/2023 at 18:49 By Ionut Arghire A threat actor is reportedly harvesting IAM credentials from public GitHub repositories within five minutes of exposure. The post IAM Credentials in Public GitHub Repositories Harvested in Minutes appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS …

IAM Credentials in Public GitHub Repositories Harvested in Minutes Read More »

React to this headline:

Loading spinner

How passkeys are changing the face of authentication

How passkeys are changing the face of authentication 23/10/2023 at 08:05 By Help Net Security As passwordless identity becomes mainstream, the term “passkey” is quickly becoming a new buzzword in cybersecurity. But what exactly is a passkey and why do we need them? A passkey is a digital credential that can only be used by …

How passkeys are changing the face of authentication Read More »

React to this headline:

Loading spinner
Scroll to Top