Don’t miss

SEC adopts new cybersecurity incident disclosure rules for companies

Don't miss, Government, News, regulation, USA /

SEC adopts new cybersecurity incident disclosure rules for companies 26/07/2023 at 21:01 By Help Net Security The Securities and Exchange Commission (SEC) today adopted rules requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy, and governance. The Commission also adopted […]

React to this headline:

Loading spinner

SEC adopts new cybersecurity incident disclosure rules for companies Read More »

MikroTik vulnerability could be used to hijack 900,000 routers (CVE-2023-30799)

Don't miss, Hot stuff, Margin Research, mikrotik, News, router, VulnCheck, vulnerability /

MikroTik vulnerability could be used to hijack 900,000 routers (CVE-2023-30799) 26/07/2023 at 16:47 By Zeljka Zorz A privilege escalation vulnerability (CVE-2023-30799) could allow attackers to commandeer up to 900,000 MikroTik routers, says VulnCheck researcher Jacob Baines. While exploting it does require authentication, acquiring credentials to access the routers is not that difficult. “RouterOS [the underlying

React to this headline:

Loading spinner

MikroTik vulnerability could be used to hijack 900,000 routers (CVE-2023-30799) Read More »

Enterprises should layer-up security to avoid legal repercussions

CISO, cybersecurity, data breach, Don't miss, Expert analysis, Hot stuff, Jotform, News, opinion /

Enterprises should layer-up security to avoid legal repercussions 26/07/2023 at 08:03 By Help Net Security The role of CISO these days requires a strong moral compass: You have to be the one speaking up for the protection of customer data and be ready to handle uncomfortable situations such as pressure to downplay an actual breach.

React to this headline:

Loading spinner

Enterprises should layer-up security to avoid legal repercussions Read More »

Overcoming the cybersecurity talent shortage with upskilling initiatives

certification, critical infrastructure, cybersecurity, cybersecurity talent, Don't miss, education, Features, Government, Hot stuff, MACH37, machine learning, News, opinion, training /

Overcoming the cybersecurity talent shortage with upskilling initiatives 26/07/2023 at 07:31 By Mirko Zorz In this Help Net Security interview, Dr. Lindsey Polley de Lopez, Director of Cyber & Space Intelligence at MACH37, proposes strategies for companies, educational institutions, and governments on how to address the ongoing shortage of cybersecurity talent through the introduction of

React to this headline:

Loading spinner

Overcoming the cybersecurity talent shortage with upskilling initiatives Read More »

Product showcase: Stellar Toolkit for Exchange – Restore Exchange Database

disaster recovery, Don't miss, Exchange, Hot stuff, Microsoft, Microsoft 365, Microsoft Exchange, News, Product showcase, software, Stellar /

Product showcase: Stellar Toolkit for Exchange – Restore Exchange Database 26/07/2023 at 07:02 By Help Net Security Time is of the essence when it comes to recovery after Exchange Server failure or database corruption, as organizations depend on emails for their day-to-day business communication. The more the delay in restoring services and recovering data, the

React to this headline:

Loading spinner

Product showcase: Stellar Toolkit for Exchange – Restore Exchange Database Read More »

Ivanti zero-day exploited to target Norwegian government (CVE-2023-35078)

0-day, data theft, Don't miss, endpoint management, enterprise, Government, Hot stuff, Ivanti, MobileIron, News, Norway, security update /

Ivanti zero-day exploited to target Norwegian government (CVE-2023-35078) 25/07/2023 at 13:37 By Zeljka Zorz A zero-day vulnerability (CVE-2023-35078) affecting Ivanti Endpoint Manager Mobile (EPMM) has been exploited to carry out an attack that affected 12 Norwegian ministries, the Norwegian National Security Authority (NSM) has confirmed on Tuesday. What is known about the attacks? On Monday,

React to this headline:

Loading spinner

Ivanti zero-day exploited to target Norwegian government (CVE-2023-35078) Read More »

Apple fixes exploited zero-day in all of its OSes (CVE-2023-38606)

0-day, apple, Don't miss, Hot stuff, iOS, iPad, Kaspersky, macOS, News, security update, vulnerability /

Apple fixes exploited zero-day in all of its OSes (CVE-2023-38606) 25/07/2023 at 12:57 By Helga Labus Apple has patched an exploited zero-day kernel vulnerability (CVE-2023-38606) in iOS, iPadOS, macOS, watchOS and tvOS. CVE-2023-38606 fix has been backported In early July, Apple fixed an actively exploited zero-day vulnerability (CVE-2023-37450) in WebKit. The vulnerability has been patched

React to this headline:

Loading spinner

Apple fixes exploited zero-day in all of its OSes (CVE-2023-38606) Read More »

Inspiring secure coding: Strategies to encourage developers’ continuous improvement

Application Security, bug bounty, code, cyber risk, cybersecurity, Don't miss, education, Features, framework, Hot stuff, News, opinion, Secure Code Warrior, security culture, training, vulnerability /

Inspiring secure coding: Strategies to encourage developers’ continuous improvement 25/07/2023 at 07:38 By Mirko Zorz In software development, the importance of secure coding practices cannot be overstated. Fostering a security culture within development teams has become crucial to ensure the integrity and protection of digital systems. To delve deeper into this topic, we had the

React to this headline:

Loading spinner

Inspiring secure coding: Strategies to encourage developers’ continuous improvement Read More »

Converging networking and security with SASE

Cisco, Don't miss, Hot stuff, networking, SASE, strategy, tips, Video /

Converging networking and security with SASE 25/07/2023 at 07:02 By Help Net Security While technology advancements and distributed workforces have created efficiencies and flexibility for companies, they’ve also created overcomplexity, which can increase security risk. 53% of senior IT decision-makers say their IT environment is more complex than it was two years ago. In this

React to this headline:

Loading spinner

Converging networking and security with SASE Read More »

Has the MOVEit hack paid off for Cl0p?

Coveware, cybercrime, data theft, Don't miss, Emsisoft, enterprise, extortion, file-sharing, hack, Hot stuff, KonBriefing Research, News /

Has the MOVEit hack paid off for Cl0p? 24/07/2023 at 17:18 By Zeljka Zorz The number of known Cl0p victims resulting from its Memorial Day attack on vulnerable internet-facing MOVEit Transfer installations has surpassed 420, according to IT market research company KonBriefing Research. The cyber extortion group has lately switched to setting up company-specific leak

React to this headline:

Loading spinner

Has the MOVEit hack paid off for Cl0p? Read More »

US companies commit to safe, transparent AI development

Abnormal Security, Artificial Intelligence, Cado Security, Don't miss, generative AI, Government, Hot stuff, News, research, Risk Management, USA /

US companies commit to safe, transparent AI development 24/07/2023 at 16:30 By Helga Labus Seven US artificial intelligence (AI) giants – Amazon, Anthropic, Google, Inflection, Meta, Microsoft, and OpenAI – have publicly committed to “help move toward safe, secure, and transparent development of AI technology.” The commitments “Companies that are developing these emerging technologies have

React to this headline:

Loading spinner

US companies commit to safe, transparent AI development Read More »

Average cost of a data breach reaches $4.45 million in 2023

Artificial Intelligence, CISO, cybersecurity, data, data breach, Don't miss, Hot stuff, IBM, News, Ransomware, report, survey /

Average cost of a data breach reaches $4.45 million in 2023 24/07/2023 at 11:18 By Help Net Security IBM released its annual Cost of a Data Breach Report, showing the global average cost of a data breach reached $4.45 million in 2023 – an all-time high for the report and a 15% increase over the

React to this headline:

Loading spinner

Average cost of a data breach reaches $4.45 million in 2023 Read More »

Bridging the cybersecurity skills gap through cyber range training

attacks, Cloud Range, critical infrastructure, cyber resilience, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, SOC, threats, training /

Bridging the cybersecurity skills gap through cyber range training 24/07/2023 at 07:31 By Mirko Zorz In this Help Net Security interview, Debbie Gordon, CEO of Cloud Range explains the concept of a cyber range, its crucial role in preparing for real-world cyber threats, and the importance of realism in cyber training scenarios. Gordon also discusses

React to this headline:

Loading spinner

Bridging the cybersecurity skills gap through cyber range training Read More »

Strengthening the weakest links in the digital supply chain

CISO, cybersecurity, Don't miss, Hot stuff, how-to, strategy, supply chain, tips, Video /

Strengthening the weakest links in the digital supply chain 24/07/2023 at 07:05 By Help Net Security In this Help Net Security video, Marc Gaffan, CEO at IONIX, discusses how businesses’ biggest cybersecurity mistake is not protecting the full external attack surface that continues to expand to include a businesses’ entire digital supply chain. This is

React to this headline:

Loading spinner

Strengthening the weakest links in the digital supply chain Read More »

North Korean hackers targeted tech companies through JumpCloud and GitHub

APT, CrowdStrike, Don't miss, GitHub, government-backed attacks, Hot stuff, JumpCloud, Mandiant, News, North Korea, social engineering, spear-phishing /

North Korean hackers targeted tech companies through JumpCloud and GitHub 21/07/2023 at 16:03 By Helga Labus North Korean state-sponsored hackers have been linked to two recent cyberattack campaigns: one involving a spear-phishing attack on JumpCloud and the other targeting tech employees on GitHub through a social engineering campaign. The JumpCloud intrusion On June 27, JumpCloud

React to this headline:

Loading spinner

North Korean hackers targeted tech companies through JumpCloud and GitHub Read More »

Citrix ADC zero-day exploitatation: CISA releases details about attack on CI organization (CVE-2023-3519)

0-day, CISA, Citrix, critical infrastructure, Don't miss, GreyNoise, Hot stuff, Incident Response, News /

Citrix ADC zero-day exploitatation: CISA releases details about attack on CI organization (CVE-2023-3519) 21/07/2023 at 14:19 By Zeljka Zorz The exploitation of the Citrix NetScaler ADC zero-day vulnerability (CVE-2023-3519) was first spotted by a critical infrastructure organization, who reported it to the Cybersecurity and Infrastructure Security Agency (CISA). “In June 2023, threat actors exploited this

React to this headline:

Loading spinner

Citrix ADC zero-day exploitatation: CISA releases details about attack on CI organization (CVE-2023-3519) Read More »

How healthcare organizations should measure their device security success

CISO, cybersecurity, Don't miss, healthcare, Hot stuff, security ROI, strategy, Video /

How healthcare organizations should measure their device security success 21/07/2023 at 07:04 By Help Net Security In this Help Net Security video, Chris Westphal, Head of Product Marketing at Ordr, discusses how healthcare organizations should measure their device security success and where they should be concentrating their future security investments. The post How healthcare organizations

React to this headline:

Loading spinner

How healthcare organizations should measure their device security success Read More »

CISOs are making cybersecurity a business problem

cyber resilience, cybersecurity, data breach, Don't miss, investment, ISG, News, report, risk assessment, threats, zero trust /

CISOs are making cybersecurity a business problem 21/07/2023 at 06:02 By Help Net Security U.S. enterprises are responding to growing cybersecurity threats by working to make the best use of tools and services to ensure business resilience, according to ISG. Enterprises face growing cybersecurity threats The report for the U.S. finds that the U.S. security

React to this headline:

Loading spinner

CISOs are making cybersecurity a business problem Read More »

Microsoft Exchange servers compromised by Turla APT

APT, backdoor, cyber espionage, data theft, Don't miss, Hot stuff, Microsoft, News, Ukraine /

Microsoft Exchange servers compromised by Turla APT 20/07/2023 at 15:17 By Helga Labus Turla has been targeting defense sector organizations in Ukraine and Eastern Europe with DeliveryCheck and Kazuar backdoors / infostealers and has been using compromised Microsoft Exchange servers to control them. Turla APT Turla (aka Secret Blizzard, Snake, UAC-0003) is a sophisticated and

React to this headline:

Loading spinner

Microsoft Exchange servers compromised by Turla APT Read More »

Thanks Storm-0558! Microsoft to expand default access to cloud logs

APT, CISA, cloud security, Don't miss, enterprise, Government, government-backed attacks, Hot stuff, logging, Microsoft, Microsoft 365, News /

Thanks Storm-0558! Microsoft to expand default access to cloud logs 20/07/2023 at 13:31 By Zeljka Zorz Starting in September 2023, more federal government and commercial Microsoft customers will have access to expanded cloud logging capabilities at no additional charge, Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA) have announced on Wednesday. The announcements come

React to this headline:

Loading spinner

Thanks Storm-0558! Microsoft to expand default access to cloud logs Read More »

Scroll to Top