cybersecurity

Adversaries exploit trends, target popular GenAI apps

Adversaries exploit trends, target popular GenAI apps 2024-01-18 at 06:01 By Help Net Security More than 10% of enterprise employees access at least one generative AI application every month, compared to just 2% a year ago, according to Netskope. In 2023, ChatGPT was the most popular generative AI application, accounting for 7% of enterprise usage. […]

Adversaries exploit trends, target popular GenAI apps Read More »

Security considerations during layoffs: Advice from an MSSP

Security considerations during layoffs: Advice from an MSSP 2024-01-17 at 08:01 By Help Net Security Navigating layoffs is complex and difficult for many reasons. Not only do human resources and direct managers bear the onus of responsibility when conducting exit conversations, but security teams should also make the necessary preparations for monitoring anomalies in employee

Security considerations during layoffs: Advice from an MSSP Read More »

The right strategy for effective cybersecurity awareness

The right strategy for effective cybersecurity awareness 2024-01-17 at 07:31 By Helga Labus Employees play a significant role in safeguarding organizational assets. With a constantly evolving threat landscape, cybersecurity awareness training is an essential component in creating a good security culture. Why cybersecurity awareness training? 81% of organizations were hit by malware, phishing, and password

The right strategy for effective cybersecurity awareness Read More »

CISOs’ crucial role in aligning security goals with enterprise expectations

CISOs’ crucial role in aligning security goals with enterprise expectations 2024-01-17 at 07:01 By Mirko Zorz In this Help Net Security interview, Chris Mixter, Vice President, Analyst at Gartner, discusses the dynamic world of CISOs and how their roles have evolved significantly over the years. He outlines the critical skills for CISOs in 2024, addresses

CISOs’ crucial role in aligning security goals with enterprise expectations Read More »

Best practices to mitigate alert fatigue

Best practices to mitigate alert fatigue 2024-01-17 at 06:32 By Help Net Security In this Help Net Security video, Peter Manev, Chief Strategy Officer at Stamus Networks, discusses a pervasive problem plaguing security analysts called “alert fatigue,” – which occurs when security teams become desensitized to an overwhelming volume of alerts, causing them to miss

Best practices to mitigate alert fatigue Read More »

3 ways to combat rising OAuth SaaS attacks

3 ways to combat rising OAuth SaaS attacks 2024-01-16 at 07:31 By Help Net Security OAuth attacks are on the rise. In December, the Microsoft Threat Intelligence team observed threat actors misusing OAuth apps to take over a cloud server and mine cryptocurrency, establish persistence following business email compromise and launch spam activity using the

3 ways to combat rising OAuth SaaS attacks Read More »

10 cybersecurity frameworks you need to know about

10 cybersecurity frameworks you need to know about 2024-01-16 at 07:01 By Help Net Security As cyber threats grow more sophisticated, understanding and implementing robust cybersecurity frameworks is crucial for organizations of all sizes. This article lists the most essential cybersecurity frameworks developed to guide businesses and governments in safeguarding their digital assets. From the

10 cybersecurity frameworks you need to know about Read More »

Tsurugi Linux: Tailoring user experience for digital forensics and OSINT investigations

Tsurugi Linux: Tailoring user experience for digital forensics and OSINT investigations 2024-01-16 at 06:31 By Mirko Zorz Tsurugi Linux is a heavily customized open-source distribution focused on supporting DFIR investigations. The project focuses mainly on live forensics analysis, post-mortem analysis, and digital evidence acquisition. Users can also perform malware analysis, OSINT and computer vision activities.

Tsurugi Linux: Tailoring user experience for digital forensics and OSINT investigations Read More »

Flipping the BEC funnel: Phishing in the age of GenAI

Flipping the BEC funnel: Phishing in the age of GenAI 2024-01-15 at 08:02 By Help Net Security For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic (and usually poorly-written) email and fire it out to thousands of recipients in the hope that a few might take the

Flipping the BEC funnel: Phishing in the age of GenAI Read More »

Preventing insider access from leaking to malicious actors

Preventing insider access from leaking to malicious actors 2024-01-15 at 07:32 By Help Net Security In this Help Net Security video, John Morello, CTO of Gutsy, discusses the often-overlooked aspect of cybersecurity – the offboarding process. He outlines the real-world implications and potential impact on an organization’s security posture if off-boarding isn’t handled thoroughly. The

Preventing insider access from leaking to malicious actors Read More »

Adalanche: Open-source Active Directory ACL visualizer, explorer

Adalanche: Open-source Active Directory ACL visualizer, explorer 2024-01-15 at 07:01 By Mirko Zorz Adalanche provides immediate insights into the permissions of users and groups within an Active Directory. It’s an effective open-source tool for visualizing and investigating potential account, machine, or domain takeovers. Additionally, it helps identify and display any misconfigurations. What unique features make

Adalanche: Open-source Active Directory ACL visualizer, explorer Read More »

Key elements for a successful cyber risk management strategy

Key elements for a successful cyber risk management strategy 2024-01-15 at 06:32 By Mirko Zorz In this Help Net Security interview, Yoav Nathaniel, CEO at Silk Security, discusses the evolution of cyber risk management strategies and practices, uncovering common mistakes and highlighting key components for successful risk resolution. Nathaniel anticipates a growing pressure on organizations

Key elements for a successful cyber risk management strategy Read More »

Cloud security predictions for 2024

Cloud security predictions for 2024 2024-01-12 at 07:31 By Help Net Security As we reflect on the cybersecurity landscape and the trajectories of threat vectors, it’s evident that we’re on the cusp of a paradigm shift in cloud security. Businesses and cybersecurity professionals must stay abreast of these changes, adapting their strategies to ensure a

Cloud security predictions for 2024 Read More »

Cyber budgets and the VC landscape in 2024

Cyber budgets and the VC landscape in 2024 2024-01-12 at 06:31 By Help Net Security In this Help Net Security video, Marcus Bartram, General Partner at Telstra Ventures, discusses his 2024 cybersecurity predictions: The U.S. will be in a recession by Q4 2024, and tech companies will continue reducing their workforce. Still, VCs will be

Cyber budgets and the VC landscape in 2024 Read More »

Purple teaming and the role of threat categorization

Purple teaming and the role of threat categorization 2024-01-11 at 07:31 By Help Net Security Organizations constantly work to ensure optimal threat detection and prevention across their systems. One question gets asked repeatedly: “Can we detect the threats we’re supposed to be able to detect?” Red team assessment, penetration testing, and even purple team assessments

Purple teaming and the role of threat categorization Read More »

Embracing offensive cybersecurity tactics for defense against dynamic threats

Embracing offensive cybersecurity tactics for defense against dynamic threats 2024-01-11 at 07:02 By Mirko Zorz In this Help Net Security, Alexander Hagenah, Head of Cyber Controls at SIX, discusses the critical steps in creating effective offensive security operations and their impact on organizational security strategies. What are the critical steps in creating effective offensive security

Embracing offensive cybersecurity tactics for defense against dynamic threats Read More »

The expanding scope of CISO duties in 2024

The expanding scope of CISO duties in 2024 2024-01-11 at 06:32 By Help Net Security In this Help Net Security video, Bindu Sundaresan, Director at AT&T Cybersecurity, discusses the ongoing changes we’ll see from the CISO role as digital transformation efforts continue. It is now a position that leads cross-functional teams to match the speed

The expanding scope of CISO duties in 2024 Read More »

APIs are increasingly becoming attractive targets

APIs are increasingly becoming attractive targets 2024-01-11 at 06:01 By Help Net Security APIs, a technology that underpins today’s most used sites and apps, are being leveraged by businesses more than ever—ultimately opening the door to more online threats than seen before, according to Cloudflare. APIs power the digital world—our phones, smartwatches, banking systems and

APIs are increasingly becoming attractive targets Read More »

Top LLM vulnerabilities and how to mitigate the associated risk

Top LLM vulnerabilities and how to mitigate the associated risk 2024-01-10 at 07:31 By Help Net Security As large language models (LLMs) become more prevalent, a comprehensive understanding of the LLM threat landscape remains elusive. But this uncertainty doesn’t mean progress should grind to a halt: Exploring AI is essential to staying competitive, meaning CISOs

Top LLM vulnerabilities and how to mitigate the associated risk Read More »

Fly Catcher: Detect aircraft spoofing by monitoring for malicious signals

Fly Catcher: Detect aircraft spoofing by monitoring for malicious signals 2024-01-10 at 07:02 By Mirko Zorz Fly Catcher is an open-source device that can detect aircraft spoofing by monitoring for malicious ADS-B signals in the 1090MHz frequency. Angelina Tsuboi, the developer of Fly Catcher, is an enthusiastic pilot, cybersecurity researcher, and tinkerer. She was driven

Fly Catcher: Detect aircraft spoofing by monitoring for malicious signals Read More »

Scroll to Top