YARA: Open-source tool for malware research 2024-10-09 at 08:01 By Help Net Security YARA is a powerful tool designed primarily to aid malware researchers in identifying and categorizing malware samples, though its applications are broader. The tool enables users to create detailed descriptions, or “rules,” for malware families or any other target based on textual […]
YARA: Open-source tool for malware research Read More »
Cultivating a security-first mindset: Key leadership actions 2024-10-09 at 07:31 By Mirko Zorz In this Help Net Security interview, Emily Wienhold, Cyber Education Specialist at Optiv, discusses how business leaders can promote a security-first culture within their organizations. Wienhold also discusses strategies for maintaining ongoing cybersecurity awareness and making security protocols accessible to non-technical staff.
Cultivating a security-first mindset: Key leadership actions Read More »
GoldenJackal APT group breaches air-gapped systems in Europe 2024-10-09 at 07:01 By Help Net Security ESET researchers have discovered a series of attacks that took place in Europe from May 2022 to March 2024, where the attackers used a toolset capable of targeting air-gapped systems, in a governmental organization of a European Union country. Cyberespionage
GoldenJackal APT group breaches air-gapped systems in Europe Read More »
30% of customer-facing APIs are completely unprotected 2024-10-09 at 06:34 By Help Net Security 70% of customer-facing APIs are secured using HTTPS, leaving nearly one-third of these APIs completely unprotected, according to F5. This is a stark contrast to the 90% of web pages that are now accessed via HTTPS, following the push for secure
30% of customer-facing APIs are completely unprotected Read More »
The role of self-sovereign identity in enterprises 2024-10-08 at 07:31 By Help Net Security As personal data becomes increasingly commodified and centralized, the need for individuals to reclaim control over their identities has never been more urgent. Meanwhile, traditional identity systems used by enterprises often expose sensitive information to unnecessary risk, leaving both users and
The role of self-sovereign identity in enterprises Read More »
How hybrid workforces are reshaping authentication strategies 2024-10-08 at 07:01 By Mirko Zorz In this Help Net Security interview, Brian Pontarelli, CEO at FusionAuth, discusses the evolving authentication challenges posed by the rise of hybrid and remote workforces. He advocates for zero trust strategies, including MFA and behavioral biometrics, to enhance security while maintaining productivity.
How hybrid workforces are reshaping authentication strategies Read More »
Websites are losing the fight against bot attacks 2024-10-08 at 06:01 By Help Net Security The discovery that 95% of advanced bot attacks go undetected points to a weakness in current detection and mitigation strategies. This suggests that while some organizations may have basic defenses, they are ill-equipped to handle more sophisticated attacks, such as
Websites are losing the fight against bot attacks Read More »
The case for enterprise exposure management 2024-10-07 at 08:01 By Help Net Security For several years, external attack surface management (EASM) has been an important focus for many security organizations and the vendors that serve them. EASM, attempting to discover the full extent of an organization’s external attack surface and remediate issues, had broad purview,
The case for enterprise exposure management Read More »
Transforming cloud security with real-time visibility 2024-10-07 at 07:31 By Mirko Zorz In this Help Net Security interview, Amiram Shachar, CEO at Upwind, discusses the complexities of cloud security in hybrid and multi-cloud environments. He outlines the need for deep visibility into configurations and real-time insights to achieve a balance between agility and security. Shachar
Transforming cloud security with real-time visibility Read More »
SOC teams are frustrated with their security tools 2024-10-07 at 06:31 By Help Net Security Security operations center (SOC) practitioners believe they are losing the battle detecting and prioritizing real threats – due to too many siloed tools and a lack of accurate attack signal, according to Vectra AI. They cite a growing distrust in
SOC teams are frustrated with their security tools Read More »
Best practices for implementing threat exposure management, reducing cyber risk exposure 2024-10-04 at 07:16 By Mirko Zorz In this Help Net Security interview, Sanaz Yashar, CEO at Zafran, discusses the role of threat exposure management (TEM) in modern cybersecurity strategies. As traditional vulnerability management evolves, TEM addresses the overwhelming risks arising from expanded attack surfaces
Best practices for implementing threat exposure management, reducing cyber risk exposure Read More »
Cybercriminals capitalize on poorly configured cloud environments 2024-10-04 at 06:31 By Help Net Security Off-the-shelf offensive security tools and poorly configured cloud environments create openings in the attack surface, according to Elastic. Adversaries are utilizing off-the-shelf tools Offensive security tools (OSTs), including Cobalt Strike and Metasploit, made up ~54% of observed malware alerts. The most
Cybercriminals capitalize on poorly configured cloud environments Read More »
Three hard truths hindering cloud-native detection and response 2024-10-03 at 08:01 By Help Net Security According to Gartner, the market for cloud computing services is expected to reach $675 billion in 2024. Companies are shifting from testing the waters of cloud computing to making substantive investments in cloud-native IT, and attackers are shifting with them.
Three hard truths hindering cloud-native detection and response Read More »
Spotting AI-generated scams: Red flags to watch for 2024-10-03 at 07:32 By Mirko Zorz In this Help Net Security interview, Andrius Popovas, Chief Risk Officer at Mano Bank, discusses the most prevalent AI-driven fraud schemes, such as phishing attacks and deepfakes. He explains how AI manipulates videos and audio to deceive victims and highlights key
Spotting AI-generated scams: Red flags to watch for Read More »
15% of office workers use unsanctioned GenAI tools 2024-10-03 at 06:31 By Help Net Security Rigid security protocols — such as complex authentication processes and highly restrictive access controls — can frustrate employees, slow productivity and lead to unsafe workarounds, according to Ivanti. Understanding workplace behavior key to strengthening security In fact, one in two
15% of office workers use unsanctioned GenAI tools Read More »
Enhancing firewall management with automation tools 2024-10-02 at 08:01 By Mirko Zorz In this Help Net Security interview, Raymond Brancato, CEO at Tufin, discusses the considerations organizations must weigh when selecting a next-generation firewall to effectively balance security needs with network performance. What factors should organizations prioritize when selecting a next-generation firewall to balance security
Enhancing firewall management with automation tools Read More »
Suricata: Open-source network analysis and threat detection 2024-10-02 at 07:31 By Help Net Security Suricata is an open-source network intrusion detection system (IDS), intrusion prevention system (IPS), and network security monitoring engine. Suricata features Suricata offers comprehensive capabilities for network security monitoring (NSM), including logging HTTP requests, capturing and storing TLS certificates, and extracting files
Suricata: Open-source network analysis and threat detection Read More »
What bots mean for businesses and consumers 2024-10-02 at 06:31 By Help Net Security Simple bots have existed since the early to mid-2000s when organizations had no means to protect themselves or their website’s users from them. Yet today, despite having tools to protect against these simple bots, two in three organizations have made no
What bots mean for businesses and consumers Read More »
Cybersecurity hiring slows, pros’ stress levels rise 2024-10-02 at 06:01 By Help Net Security 66% of cybersecurity professionals say their role is more stressful now than it was five years ago, according to ISACA. Major contributors to rising stress levels among cybersecurity professionals According to the data, the top reasons for increased stress among cybersecurity
Cybersecurity hiring slows, pros’ stress levels rise Read More »
3 easy microsegmentation projects 2024-10-01 at 07:31 By Help Net Security Like many large-scale network security projects, microsegmentation can seem complex, time-consuming, and expensive. It involves managing intricate details about inter-device service connectivity. One web server should connect to specific databases but not to others, or load balancers should connect to some web servers while
3 easy microsegmentation projects Read More »