Don’t miss

Apple patches another iOS zero-day under attack (CVE-2023-42824)

0-day, apple, Don't miss, Hot stuff, iOS, iPad, News, security update, vulnerability /

Apple patches another iOS zero-day under attack (CVE-2023-42824) 05/10/2023 at 13:47 By Helga Labus Apple has released a security update for iOS and iPadOS to fix another zero-day vulnerability (CVE-2023-42824) exploited in the wild. About the vulnerability (CVE-2023-42824) CVE-2023-42824 is a kernel vulnerability that could allow a local threat actor to elevate its privileges on […]

React to this headline:

Loading spinner

Apple patches another iOS zero-day under attack (CVE-2023-42824) Read More »

Critical Atlassian Confluence zero-day exploited by attackers (CVE-2023-22515)

0-day, Atlassian, Atlassian Confluence, Don't miss, Hot stuff, News, Rapid7, security update, vulnerability /

Critical Atlassian Confluence zero-day exploited by attackers (CVE-2023-22515) 05/10/2023 at 13:02 By Helga Labus Atlassian has fixed a critical zero-day vulnerability (CVE-2023-22515) in Confluence Data Center and Server that is being exploited in the wild. “Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited

React to this headline:

Loading spinner

Critical Atlassian Confluence zero-day exploited by attackers (CVE-2023-22515) Read More »

Eyes everywhere: How to safely navigate the IoT video revolution

cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Internet of Things, IoT, Nabto, News, opinion, passwords, Privacy, software /

Eyes everywhere: How to safely navigate the IoT video revolution 05/10/2023 at 12:31 By Help Net Security Cameras are coming to a connected device near you. Cheap image sensors from old mobile phones are flooding the market and bringing video to the Internet of Things (IoT). Vacuum cleaners, bird feeders, connected cars and even smart

React to this headline:

Loading spinner

Eyes everywhere: How to safely navigate the IoT video revolution Read More »

High-business-impact outages are incredibly expensive

Cloud, cloud computing, cybersecurity, data, data analysis, Don't miss, Hot stuff, New Relic, professional, software, Video /

High-business-impact outages are incredibly expensive 05/10/2023 at 07:01 By Help Net Security In this Help Net Security video, Peter Pezaris, Chief Strategy and Design Officer at New Relic, discusses observability adoption and how full-stack observability leads to better service-level metrics, such as fewer, shorter outages and lower outage costs. 32% of respondents to a recent

React to this headline:

Loading spinner

High-business-impact outages are incredibly expensive Read More »

Backdoored Android phones, TVs used for ad fraud – and worse!

Android, backdoor, data theft, Don't miss, fraud, Hot stuff, HUMAN Security, iOS, mobile apps, News, smart tv, smartphones /

Backdoored Android phones, TVs used for ad fraud – and worse! 04/10/2023 at 19:46 By Help Net Security A key monetization mechanism of a sophisticated series of cybercriminal operations involving backdoored off-brand mobile and CTV Android devices has been disrupted, Human Security has announced. The company’s Satori Threat Intelligence and Research Team observed more than

React to this headline:

Loading spinner

Backdoored Android phones, TVs used for ad fraud – and worse! Read More »

Qualcomm patches 3 actively exploited zero-days

0-day, Don't miss, drivers, Hot stuff, News, Qualcomm, security update, vulnerability /

Qualcomm patches 3 actively exploited zero-days 04/10/2023 at 16:46 By Helga Labus Qualcomm has fixed three actively exploited vulnerabilities (CVE-2023-33106, CVE-2023-33107, CVE-2023-33063) in its Adreno GPU and Compute DSP drivers. Vulnerabilities exploited in Qualcomm GPU and DSP drivers The US-based semiconductor company has been notified by Google Threat Analysis Group and Google Project Zero that

React to this headline:

Loading spinner

Qualcomm patches 3 actively exploited zero-days Read More »

Google unveils stricter anti-spam rules for bulk email senders

Don't miss, Gmail, Google, Hot stuff, News, phishing, spam /

Google unveils stricter anti-spam rules for bulk email senders 04/10/2023 at 13:17 By Helga Labus To keep Gmail users’ inboxes “safer and more spam-free”, Google is introducing new requirements for bulk senders (of commercial email). “Last year we started requiring that emails sent to a Gmail address must have some form of authentication. And we’ve

React to this headline:

Loading spinner

Google unveils stricter anti-spam rules for bulk email senders Read More »

Cybertech Europe 2023 video walkthrough

Accenture, Armis, Atlantica, Cisco, Cloudflare, Cyber Guru, CyberArk, Cybergym, Cybertech Europe 2023, Cybertech Global, DGS, Don't miss, Forcepoint, Hot stuff, IBM Security, KnowBe4, Lutech, ManageEngine, Netgroup, Palo Alto Networks, Qualys, Recorded Future, SentinelOne, Sysdig, Trend Micro, Video, XM Cyber, Zscaler /

Cybertech Europe 2023 video walkthrough 04/10/2023 at 12:31 By Help Net Security In this Help Net Security video, we take you inside Cybertech Europe 2023 at La Nuvola Convention Center in Rome. The video features the following vendors: Accenture, Armis, Atlantica, Cisco, Cloudflare, CyberArk, Cyber Guru, Cybergym, DGS, Forcepoint, IBM Security, KnowBe4, Lutech, ManageEngine, Netgroup,

React to this headline:

Loading spinner

Cybertech Europe 2023 video walkthrough Read More »

Making privacy sustainable: Incorporating privacy into the ESG agenda

BH Consulting, Compliance, data breach, Don't miss, EU, Expert analysis, Expert corner, framework, GDPR, Hot stuff, IoT, legislation, News, opinion, Privacy, regulation, Risk Management, USA /

Making privacy sustainable: Incorporating privacy into the ESG agenda 04/10/2023 at 08:02 By Help Net Security Data breaches have been rising in frequency and magnitude over the last two decades. In fact, the Identity Theft Resource Centre (ITRC) found that between 2005 and 2020, data breach events in the US alone increased from 57 to

React to this headline:

Loading spinner

Making privacy sustainable: Incorporating privacy into the ESG agenda Read More »

Tackling cyber risks head-on using security questionnaires

Artificial Intelligence, cyber risk, cybersecurity, Data Protection, Don't miss, Features, framework, Hot stuff, News, opinion, remediation, risk assessment, Risk Management, Skypher, standards, supply chain /

Tackling cyber risks head-on using security questionnaires 04/10/2023 at 07:33 By Mirko Zorz In this Help Net Security interview, Gaspard de Lacroix-Vaubois, CEO at Skypher, talks about the implementation of security questionnaires and how they facilitate assessments and accountability across all participants in the technology supply chain, fostering trust and safeguarding sensitive data. Many organizations

React to this headline:

Loading spinner

Tackling cyber risks head-on using security questionnaires Read More »

Understanding the layers of LLM security for business integration

Artificial Intelligence, ChatGPT, cybersecurity, data, Don't miss, generative AI, Hot stuff, Privacy, Video, Wipro /

Understanding the layers of LLM security for business integration 04/10/2023 at 07:01 By Help Net Security In this Help Net Security video, Ivana Bartoletti, Global Privacy Officer at Wipro, discusses how organizations should deal with and deploy LLMs securely. Those who push the apocalypse scenario of monster machines taking over the world and destroying humans

React to this headline:

Loading spinner

Understanding the layers of LLM security for business integration Read More »

Zero-day in Arm GPU drivers exploited in targeted attacks (CVE-2023-4211)

0-day, Android, Arm, Don't miss, firmware, Google, Hot stuff, Huawei, News, Samsung, security update, smartphones /

Zero-day in Arm GPU drivers exploited in targeted attacks (CVE-2023-4211) 03/10/2023 at 14:16 By Zeljka Zorz A vulnerability (CVE-2023-4211) in the kernel drivers for several Mali GPUs “may be under limited, targeted exploitation,” British semiconductor manufacturer Arm has confirmed on Monday, when it released drivers updated with patches. Arm’s Mali GPUs are used on a

React to this headline:

Loading spinner

Zero-day in Arm GPU drivers exploited in targeted attacks (CVE-2023-4211) Read More »

Evolving conversations: Cybersecurity as a business risk

attacks, BEC scams, boardroom, CISO, Cloud, collaboration, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Insider Threat, investment, News, opinion, Ransomware, strategy, Trustwave /

Evolving conversations: Cybersecurity as a business risk 03/10/2023 at 08:03 By Help Net Security Board members often lack technical expertise and may not fully grasp cyber risks. On the other hand, CISOs are more accustomed to interfacing with IT staff. This is understandable; the board is responsible for guiding high-level decision-making. They rarely become involved

React to this headline:

Loading spinner

Evolving conversations: Cybersecurity as a business risk Read More »

CISO’s compass: Mastering tech, inspiring teams, and confronting risk

CISO, Compliance, cyber insurance, cybersecurity, data, Don't miss, Features, Hot stuff, law, News, opinion, Privacy, regulation, Risk Management, skill development, Skillsoft, strategy /

CISO’s compass: Mastering tech, inspiring teams, and confronting risk 03/10/2023 at 07:32 By Mirko Zorz In this Help Net Security interview, Okey Obudulu, CISO at Skillsoft, talks about the increasing complexity of the CISO role and challenges they face. He discusses the business environment, tech innovation, the evolving regulatory landscape, limited resources, and budgets. Obudulu

React to this headline:

Loading spinner

CISO’s compass: Mastering tech, inspiring teams, and confronting risk Read More »

GenAI in software surges despite risks

Artificial Intelligence, code, cybersecurity, DevOps, Don't miss, generative AI, Hot stuff, open source, software, Sonatype, Video, vulnerability /

GenAI in software surges despite risks 03/10/2023 at 07:05 By Help Net Security In this Help Net Security video, Ilkka Turunen, Field CTO at Sonatype, discusses how generative AI influences and impacts software engineers’ work and the software development lifecycle. According to a recent Sonatype survey of 800 developers (DevOps) and application security (SecOps) leaders,

React to this headline:

Loading spinner

GenAI in software surges despite risks Read More »

Chalk: Open-source software security and infrastructure visibility tool

Crash Override, cybersecurity, Don't miss, GitHub, News, software, software development /

Chalk: Open-source software security and infrastructure visibility tool 03/10/2023 at 06:32 By Mirko Zorz Chalk is a free, open-source tool that helps improve software security. You add a single line to your build script, and it will automatically collect and inject metadata into every build artifact: source code, binaries, and containers. Gaining visibility Chalk enables

React to this headline:

Loading spinner

Chalk: Open-source software security and infrastructure visibility tool Read More »

Critical zero-days in Exim revealed, only 3 have been fixed

0-day, Don't miss, email security, Exim, Hot stuff, Linux, News, security update, Trend Micro, vulnerability disclosure, WatchTowr /

Critical zero-days in Exim revealed, only 3 have been fixed 02/10/2023 at 17:03 By Zeljka Zorz Six zero-days in Exim, the most widely used mail transfer agent (MTA), have been revealed by Trend Micro’s Zero Day Initiative (ZDI) last Wednesday. Due to what seems to be insufficient information and poor communication, fixes for only three

React to this headline:

Loading spinner

Critical zero-days in Exim revealed, only 3 have been fixed Read More »

Critical vulnerability in WS_FTP Server exploited by attackers (CVE-2023-40044)

Assetnote, Don't miss, file-sharing, Hot stuff, News, Progress, Rapid7, security update, vulnerability /

Critical vulnerability in WS_FTP Server exploited by attackers (CVE-2023-40044) 02/10/2023 at 14:17 By Helga Labus Progress Software, the company behind the recently hacked MOVEit file-sharing tool, has recently fixed two critical vulnerabilities (CVE-2023-40044, CVE-2023-42657) in WS_FTP Server, another popular secure file transfer solution. Proof-of-concept code for CVE-2023-40044 has been available since Friday, and Rapid7 researchers

React to this headline:

Loading spinner

Critical vulnerability in WS_FTP Server exploited by attackers (CVE-2023-40044) Read More »

Most dual ransomware attacks occur within 48 hours

Don't miss, Emsisoft, FBI, Hot stuff, News, Ransomware, Sophos, Symantec, trends /

Most dual ransomware attacks occur within 48 hours 02/10/2023 at 12:16 By Helga Labus Since July 2023, the Federal Bureau of Investigation (FBI) has noticed a new trend: dual ransomware attacks on the same victim, occurring in close proximity of one another. Dual ransomware attacks Dual ransomware attacks are when against the same victim occurr

React to this headline:

Loading spinner

Most dual ransomware attacks occur within 48 hours Read More »

Scroll to Top