Don’t miss

Exposed: Russian military Unit 29155 does digital sabotage, espionage

CISA, cyber espionage, cyber sabotage, cyber war, cybercriminals, disruption, Don't miss, hacker, Hot stuff, Justice Department, NATO, News, Russian Federation, Ukraine, USA /

Exposed: Russian military Unit 29155 does digital sabotage, espionage 2024-09-06 at 17:01 By Zeljka Zorz The US Department of Justice has named five Russian computer hackers as members of Unit 29155 – i.e., the 161st Specialist Training Center of the Russian General Staff Main Intelligence Directorate (GRU) – which they deem resposible for the 2022 […]

React to this headline:

Loading spinner

Exposed: Russian military Unit 29155 does digital sabotage, espionage Read More »

Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195)

Apache OFBiz, CVE, Don't miss, enterprise, Hot stuff, News, open source, Rapid7, vulnerability, web application /

Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195) 2024-09-06 at 13:02 By Zeljka Zorz For the fourth time in the last five months, Apache OFBiz users have been advised to upgrade their installations to fix a critical flaw (CVE-2024-45195) that could lead to unauthenticated remote code execution. About CVE-2024-45195 Apache OFBiz is an open-source suite

React to this headline:

Loading spinner

Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195) Read More »

September 2024 Patch Tuesday forecast: Downgrade is the new exploit

Adobe, apple, Chrome, cybersecurity, Don't miss, Expert analysis, Expert corner, Firefox, Hot stuff, Ivanti, Microsoft, Mozilla, News, Patch Tuesday, patching, Windows /

September 2024 Patch Tuesday forecast: Downgrade is the new exploit 2024-09-06 at 08:16 By Help Net Security I asked for a calm August 2024 Patch Tuesday in last month’s forecast article and that came to pass. The updates released were limited to the regular operating systems and all forms of Office applications. Six zero-day vulnerabilities

React to this headline:

Loading spinner

September 2024 Patch Tuesday forecast: Downgrade is the new exploit Read More »

Human firewalls are essential to keeping SaaS environments safe

cybersecurity, data security, Don't miss, Expert analysis, Expert corner, Hot stuff, Metomic, News, opinion, SaaS, strategy /

Human firewalls are essential to keeping SaaS environments safe 2024-09-06 at 08:01 By Help Net Security Businesses run on SaaS solutions: nearly every business function relies on multiple cloud-based tech platforms and collaborative work tools like Slack, Google Workspace apps, Jira, Zendesk and others. We recently surveyed security leaders and CISOs on top data security

React to this headline:

Loading spinner

Human firewalls are essential to keeping SaaS environments safe Read More »

Respotter: Open-source Responder honeypot

Don't miss, News /

Respotter: Open-source Responder honeypot 2024-09-06 at 07:31 By Mirko Zorz Respotter is an open-source honeypot designed to detect attackers when they launch Responder within your environment. This application identifies active instances of Responder by exploiting its behavior when responding to any DNS query. Respotter leverages LLMNR, mDNS, and NBNS protocols to query a non-existent hostname

React to this headline:

Loading spinner

Respotter: Open-source Responder honeypot Read More »

The true cost of cybercrime for your business

At-Bay, Cayosoft, Cisco, Coalition, cybercrime, Don't miss, Experian, Fortinet, Hack The Box, IDC, McAfee, News, report, Resilience Insurance, Sophos, survey, Trustpair, Veeam Software, Zayo Group, Zscaler /

The true cost of cybercrime for your business 2024-09-06 at 07:01 By Help Net Security As cybercriminals continue to refine their methods, blending traditional strategies with new technologies, the financial toll on individuals and organizations has reached alarming levels. Businesses are also grappling with mounting cybercrime costs from ransomware and DDoS attacks, which can inflict

React to this headline:

Loading spinner

The true cost of cybercrime for your business Read More »

Microchip Technology confirms theft of employee data

cyberattack, data theft, Don't miss, Hot stuff, Microchip Technology, News, Ransomware, Semiconductors, USA /

Microchip Technology confirms theft of employee data 2024-09-05 at 12:31 By Zeljka Zorz US-based semiconductor manufacturer Microchip Technology has confirmed that the cyberattack it suffered in August 2024 resulted in the theft of data, including “employee contact information and some encrypted and hashed passwords.” The breach was claimed later that month by the Play ransomware

React to this headline:

Loading spinner

Microchip Technology confirms theft of employee data Read More »

The future of automotive cybersecurity: Treating vehicles as endpoints

automotive security, connected cars, cyber risk, Don't miss, Features, Hot stuff, managed security, News, Nuspire Networks, opinion /

The future of automotive cybersecurity: Treating vehicles as endpoints 2024-09-05 at 07:31 By Zeljka Zorz The automotive industry is facing many of the same cybersecurity risks and threats that successful organizations in other sectors are up against, but it’s also battling some distinct ones. In this Help Net Security interview, Josh Smith, Principal Threat Analyst

React to this headline:

Loading spinner

The future of automotive cybersecurity: Treating vehicles as endpoints Read More »

How to gamify cybersecurity preparedness

cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, skill development, strategy, Tanium, training /

How to gamify cybersecurity preparedness 2024-09-05 at 07:01 By Help Net Security Organizations’ preparedness and resilience against threats isn’t keeping pace with cybercriminals’ advancements. Some CEOs still believe that cybersecurity requires episodic intervention rather than ongoing attention. That isn’t the reality for many companies; cyber threat preparedness requires a concerted training effort, so cybersecurity teams

React to this headline:

Loading spinner

How to gamify cybersecurity preparedness Read More »

Enterprise DSPM for Fortune 500 – 1touch.io is your go-to solution

1touch.io, Don't miss, News, Video /

Enterprise DSPM for Fortune 500 – 1touch.io is your go-to solution 2024-09-05 at 06:31 By Help Net Security In this Help Net Security video, Jesse Sedler, VP of Product at 1touch.io, provides a compelling overview of the company’s innovative data security posture management solutions. Founded in 2017 by industry veterans, 1touch.io leverages cutting-edge AI to

React to this headline:

Loading spinner

Enterprise DSPM for Fortune 500 – 1touch.io is your go-to solution Read More »

North Korean hackers’ social engineering tricks

Cryptocurrency, Cryptocurrency Exchange, Don't miss, government-backed attacks, Hot stuff, News, North Korea, social engineering /

North Korean hackers’ social engineering tricks 2024-09-04 at 15:31 By Zeljka Zorz “North Korean malicious cyber actors conducted research on a variety of targets connected to cryptocurrency exchange-traded funds (ETFs) over the last several months,” the FBI has warned through a public service announcement. This suggests that they are likely to target companies associated with

React to this headline:

Loading spinner

North Korean hackers’ social engineering tricks Read More »

Vulnerability allows Yubico security keys to be cloned

Don't miss, Encryption, hardware, Hot stuff, Infineon Technologies, MFA, News, research, security key, Yubico /

Vulnerability allows Yubico security keys to be cloned 2024-09-04 at 13:31 By Zeljka Zorz Researchers have unearthed a cryptographic vulnerability in popular Yubico (FIDO) hardware security keys and modules that may allow attackers to clone the devices. But the news is not as catastrophic as it may seem at first glance. “The attacker would need

React to this headline:

Loading spinner

Vulnerability allows Yubico security keys to be cloned Read More »

Protecting national interests: Balancing cybersecurity and operational realities

Beyond Blue, CISO, critical infrastructure, cybersecurity, Don't miss, Features, GCHQ, Government, Hot stuff, NCSC, News, opinion, strategy, tips /

Protecting national interests: Balancing cybersecurity and operational realities 2024-09-04 at 07:31 By Mirko Zorz With cyber threats becoming increasingly sophisticated and targeting critical infrastructure, in this Help Net Security interview, David Ferbrache, managing director of Beyond Blue, discusses the current state of cybersecurity readiness and resilience. Ferbrache talks about the complexities of managing both traditional

React to this headline:

Loading spinner

Protecting national interests: Balancing cybersecurity and operational realities Read More »

OpenBAS: Open-source breach and attack simulation platform

Don't miss, Filigran, GitHub, Hot stuff, News, open source, software /

OpenBAS: Open-source breach and attack simulation platform 2024-09-04 at 07:02 By Mirko Zorz OpenBAS is an open-source platform that enables organizations to plan, schedule, and execute crisis exercises, adversary simulations, and breach simulations. Compliant with ISO 22398 standards, OpenBAS is built as a modern web application featuring a user-centric interface and a RESTful API. The

React to this headline:

Loading spinner

OpenBAS: Open-source breach and attack simulation platform Read More »

Cybersecurity jobs available right now: September 4, 2024

cybersecurity jobs, Don't miss, Hot stuff, News /

Cybersecurity jobs available right now: September 4, 2024 2024-09-04 at 06:31 By Mirko Zorz Cyber Systems Operations United States Air Force | USA | On-site – View job details The United States Air Force is looking for a Cyber Systems Operations Specialist to design, install, and support systems to ensure they operate properly and remain

React to this headline:

Loading spinner

Cybersecurity jobs available right now: September 4, 2024 Read More »

Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261)

access point, consumer, Don't miss, firewall, Hot stuff, ISP, News, router, security update, SMBs, vulnerability, Zyxel /

Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261) 2024-09-03 at 16:01 By Zeljka Zorz Zyxel has patched a myriad of vulnerabilities in its various networking devices, including a critical one (CVE-2024-7261) that may allow unauthenticated attackers to execute OS commands on many Zyxel access points (APs) and security routers by

React to this headline:

Loading spinner

Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261) Read More »

Transport for London is dealing with a cyber security incident

Closed Door Security, cyberattack, Don't miss, Hot stuff, News, transportation, UK /

Transport for London is dealing with a cyber security incident 2024-09-03 at 12:46 By Zeljka Zorz Transport for London (TfL) has sent out notifications to customers on Sunday evening saying that they “are currently dealing with an ongoing cyber security incident.” The government body that manages most of the transport network of United Kingdom’s capital

React to this headline:

Loading spinner

Transport for London is dealing with a cyber security incident Read More »

Managing low-code/no-code security risks

cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, Nokod Security, opinion, Risk Management, strategy, vulnerability management /

Managing low-code/no-code security risks 2024-09-03 at 07:31 By Help Net Security Continuous threat exposure management (CTEM) – a concept introduced by Gartner – monitors cybersecurity threats continuously rather than intermittently. This five-stage framework (scoping, discovery, prioritization, validation, and mobilization) allows organizations to constantly assess and manage their security posture, reduce exposure to threats, and integrate

React to this headline:

Loading spinner

Managing low-code/no-code security risks Read More »

How ransomware tactics are shifting, and what it means for your business

attacks, CISO, cybercrime, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Ransomware, strategy, threats, WithSecure /

How ransomware tactics are shifting, and what it means for your business 2024-09-03 at 07:01 By Mirko Zorz In this Help Net Security interview, Tim West, Director of Threat Intelligence and Outreach at WithSecure, discusses Ransomware-as-a-Service (RaaS) with a focus on how these cybercriminal operations are adapting to increased competition, shifting structures, and a fragmented

React to this headline:

Loading spinner

How ransomware tactics are shifting, and what it means for your business Read More »

The attack with many names: SMS Toll Fraud

cybercrime, cybersecurity, Don't miss, fraud, Hot stuff, News, scams, Video /

The attack with many names: SMS Toll Fraud 2024-09-03 at 06:31 By Help Net Security Bad actors leverage premium-rate phone numbers and bots to steal billions of dollars from businesses. In this Help Net Security video, Frank Teruel, CFO at Arkose Labs, discusses how to spot and stop them. The post The attack with many

React to this headline:

Loading spinner

The attack with many names: SMS Toll Fraud Read More »

Scroll to Top