GenAI models are easily compromised 2024-08-22 at 06:01 By Help Net Security 95% of cybersecurity experts express low confidence in GenAI security measures while red team data shows anyone can easily hack GenAI models, according to Lakera. Attack methods specific to GenAI, or prompt attacks, are easily used by anyone to manipulate the applications, gain […]
GenAI models are easily compromised Read More »
Food security: Accelerating national protections around critical infrastructure 2024-08-21 at 06:31 By Help Net Security In this Help Net Security video, Mike Lexa, CISO and Global VP of IT Infrastructure and Operations at CNH, discusses how the federal government is taking food security more seriously and what steps must be taken to prioritize security measures.
Food security: Accelerating national protections around critical infrastructure Read More »
New phishing method targets Android and iPhone users 2024-08-20 at 17:33 By Help Net Security ESET researchers discovered an uncommon type of phishing campaign targeting Android and iPhone users. They analyzed a case observed in the wild that targeted clients of a prominent Czech bank. PWA phishing flow (Source: ESET) This technique is noteworthy because
New phishing method targets Android and iPhone users Read More »
Strategies for security leaders: Building a positive cybersecurity culture 2024-08-20 at 07:32 By Help Net Security Culture is a catalyst for security success. It can significantly reduce cybersecurity risks and boost cybersecurity resilience of any organization. Culture can also greatly enhance the perceived value, relevance and reputation of the cybersecurity function. So how can security
Strategies for security leaders: Building a positive cybersecurity culture Read More »
AI for application security: Balancing automation with human oversight 2024-08-20 at 07:01 By Mirko Zorz In this Help Net Security interview, Kyle Wickert, Worldwide Strategic Architect at AlgoSec, discusses the role of AI in application security, exploring how it’s transforming threat detection and response. Wickert talks about integrating security testing throughout the development lifecycle, the
AI for application security: Balancing automation with human oversight Read More »
Cybercriminals exploit file sharing services to advance phishing attacks 2024-08-20 at 06:01 By Help Net Security Threat actors use popular file-hosting or e-signature solutions as a disguise to manipulate their targets into revealing private information or downloading malware, according to Abnormal Security. A file-sharing phishing attack is a unique type of phishing threat in which
Cybercriminals exploit file sharing services to advance phishing attacks Read More »
To improve your cybersecurity posture, focus on the data 2024-08-19 at 07:31 By Help Net Security Effectively converging, managing and using enterprise data is a huge undertaking. Enterprises have vast hoards of data, but those hoards exist within siloed systems and applications, and it requires a lot of manual effort by highly skilled data scientists,
To improve your cybersecurity posture, focus on the data Read More »
Protecting academic assets: How higher education can enhance cybersecurity 2024-08-19 at 06:31 By Help Net Security Cyber attacks against higher education institutions increased by 70% in 2023. This is largely due to legacy endpoint security management and practices, limited IT support staff, and overwhelming amounts of data, much of which is PII (personally identifiable information).
Protecting academic assets: How higher education can enhance cybersecurity Read More »
Common API security issues: From exposed secrets to unauthorized access 2024-08-19 at 06:01 By Help Net Security Despite their role in connecting applications and driving innovation, APIs often suffer from serious security vulnerabilities. Recent investigations reveal that many organizations are struggling with exposed secrets such as passwords and API keys, which attackers frequently misuse. The
Common API security issues: From exposed secrets to unauthorized access Read More »
Observations from Black Hat USA 2024, BSidesLV, and DEF CON 32 2024-08-16 at 12:46 By Help Net Security I recently spent six days in Las Vegas attending DEF CON, BsidesLV, and Black Hat USA 2024, where I had the opportunity to engage with and learn from some of the top security experts in the world.
Observations from Black Hat USA 2024, BSidesLV, and DEF CON 32 Read More »
Business and tech consolidation opens doors for cybercriminals 2024-08-16 at 07:36 By Help Net Security Cyber threats continued to intensify in the first half of 2024 as cybercriminals exploited security gaps from growing business and technological consolidation, according to Resilience. Consolidation in business and tech fuels new third-party risks Rebounding merger and acquisition (M&A) activity
Business and tech consolidation opens doors for cybercriminals Read More »
74% of IT professionals worry AI tools will replace them 2024-08-15 at 07:31 By Help Net Security 56% of security professionals are concerned about AI-powered threats, according to Pluralsight. Many organizations lack structured AI training Over half of surveyed technologists are either extremely concerned or moderately concerned about AI-powered threats, with only 6% saying they
74% of IT professionals worry AI tools will replace them Read More »
How passkeys eliminate password management headaches 2024-08-15 at 07:01 By Mirko Zorz In this Help Net Security interview, David Cottingham, President at rf IDEAS, discusses the key benefits organizations can expect when implementing passkeys. Cottingham addresses the misconceptions surrounding the adoption of passkeys, particularly in the B2B landscape. What are the key benefits that organizations
How passkeys eliminate password management headaches Read More »
The AI balancing act: Unlocking potential, dealing with security issues, complexity 2024-08-15 at 06:31 By Help Net Security The rapid integration of AI and GenAI technologies creates a complex mix of challenges and opportunities for organizations. While the potential benefits are clear, many companies struggle with AI literacy, cautious adoption, and the risks of immature
The AI balancing act: Unlocking potential, dealing with security issues, complexity Read More »
Delta vs. CrowdStrike: The duties vendors owe to customers – or do they? 2024-08-14 at 08:01 By Help Net Security In a potentially groundbreaking dispute, Delta Air Lines is threatening to sue CrowdStrike, a leading cybersecurity firm, for alleged negligence and breach of contract. This case brings to the forefront critical questions about the duties
Delta vs. CrowdStrike: The duties vendors owe to customers – or do they? Read More »
Current attacks, targets, and other threat landscape trends 2024-08-14 at 06:31 By Help Net Security In this Help Net Security video, Kendall McKay, Strategic Lead, Cyber Threat Intelligence at Cisco Talos, discusses the trends that Cisco Talos incident response observed in incident response engagements from Q2 2024, which covers April to June. While the attacks
Current attacks, targets, and other threat landscape trends Read More »
International investigation shuts down Radar/Dispossessor ransomware group 2024-08-13 at 12:01 By Help Net Security FBI Cleveland announced the disruption of “Radar/Dispossessor”—the criminal ransomware group led by the online moniker “Brain”—and the dismantling of three U.S. servers, three United Kingdom servers, 18 German servers, eight U.S.-based criminal domains, and one German-based criminal domain. Since its inception
International investigation shuts down Radar/Dispossessor ransomware group Read More »
Browser backdoors: Securing the new frontline of shadow IT 2024-08-13 at 07:31 By Help Net Security Browser extensions are a prime target for cybercriminals. And this isn’t just a consumer problem – it’s a new frontier in enterprises’ battle against shadow IT. Ultimately, more extension permissions result in potentially bigger attack surfaces. Research shows that
Browser backdoors: Securing the new frontline of shadow IT Read More »
Key metrics for monitoring and improving ZTNA implementations 2024-08-13 at 07:01 By Mirko Zorz In this Help Net Security interview, Dean Hamilton, CTO at Wilson Perumal & Company, discusses the complexities of zero trust network access (ZTNA) implementation, focusing on balancing security with operational efficiency. Hamilton highlights strategic planning, collaboration between IT and business leaders,
Key metrics for monitoring and improving ZTNA implementations Read More »
How CIOs, CTOs, and CISOs view cyber risks differently 2024-08-13 at 06:31 By Help Net Security C-suite executives face a unique challenge: aligning their priorities between driving technological innovation and ensuring business resilience while managing ever-evolving cyber threats from criminals adept at exploiting the latest technologies, according to LevelBlue. This balancing act highlights the complexity
How CIOs, CTOs, and CISOs view cyber risks differently Read More »