Guide: Attack Surface Management (ASM) 29/06/2023 at 05:50 By Help Net Security Attack surface expansion is a byproduct of doing business today, especially for enterprises that rely on the cloud. As businesses adapt and scale, the assets and platforms they use inevitably grow and change. This can result in attack surface exposures, both known and […]
React to this headline:
Guide: Attack Surface Management (ASM) Read More »
8Base ransomware group leaks data of 67 victim organizations 28/06/2023 at 16:47 By Helga Labus Lockbit 3.0 is currently the most active ransomware group, NCC Group says in its most recent Threat Pulse report, but new ransomware groups like 8Base and Akira are rising in prominence. Collectively, the various ransomware groups revealed 436 victim organizations
React to this headline:
8Base ransomware group leaks data of 67 victim organizations Read More »
Preparing health systems for cyber risks and insurance coverage 28/06/2023 at 07:32 By Mirko Zorz Our healthcare systems are at risk of infiltration by threat actors, potentially disrupting services, compromising sensitive data, and even jeopardizing patient outcomes. Among the people addressing these challenges is Dennis Fridrich, VP of Cybersecurity at TRIMEDX, who not only understands
React to this headline:
Preparing health systems for cyber risks and insurance coverage Read More »
The magic formula for big data companies to outshine the competition 28/06/2023 at 07:02 By Help Net Security In today’s data-driven world, organizations that can harness the power of big data and derive actionable insights are positioned to succeed. However, the sheer number of big data companies vying for attention has made it crucial for
React to this headline:
The magic formula for big data companies to outshine the competition Read More »
How cyber insurance empowers CISOs 27/06/2023 at 07:03 By Help Net Security In this Help Net Security video, Fawaz Rasheed, Field CISO at VMware, discusses how cyber insurance remains the high tide that rises ships. For organizations choosing to purchase cyber insurance, the requirements set forth towards them are beneficial in advancing their security program.
React to this headline:
How cyber insurance empowers CISOs Read More »
MOVEit compromise affects pension systems, insurers 26/06/2023 at 14:32 By Helga Labus The compromise of PBI Research and The Berwyn Group’s MOVEit installation has resulted in the theft of data belonging to several pension systems and insurance companies – and millions of their users. PBI + Berwyn Group – a population management provider – was
React to this headline:
MOVEit compromise affects pension systems, insurers Read More »
Exploring the persistent threat of cyberattacks on healthcare 26/06/2023 at 07:38 By Mirko Zorz In this Help Net Security interview, Brett Harris, Cybersecurity Officer for the Americas at Siemens Healthineers, discusses the long-term impacts of cyberattacks on healthcare institutions and what healthcare providers can do to protect patients’ personal data and medical devices. Can you
React to this headline:
Exploring the persistent threat of cyberattacks on healthcare Read More »
How hardening Microsoft 365 tenants mitigates potential cloud attacks 26/06/2023 at 07:01 By Help Net Security Moving critical data and workloads to the cloud has significantly changed information security teams. But most don’t have the resources to be successful in their cloud attack modeling—not to mention the deployment of measurable controls to defend against these
React to this headline:
How hardening Microsoft 365 tenants mitigates potential cloud attacks Read More »
5 free online cybersecurity courses you should check out 26/06/2023 at 06:30 By Help Net Security Cryptography In this course, you’ll learn how to protect information to ensure its integrity, confidentiality, authenticity, and non-repudiation. You will develop a basic understanding of cryptographic concepts and how to apply them, implement secure protocols, key management concepts, critical
React to this headline:
5 free online cybersecurity courses you should check out Read More »
Uncovering attacker tactics through cloud honeypots 26/06/2023 at 06:12 By Help Net Security Attackers typically find exposed “secrets” – pieces of sensitive information that allow access to an enterprise cloud environment — in as little as two minutes and, in many cases, begin exploiting them almost instantly, highlighting the urgent need for comprehensive cloud security,
React to this headline:
Uncovering attacker tactics through cloud honeypots Read More »
PoC exploit released for Cisco AnyConnect, Secure Client vulnerability (CVE-2023-20178) 23/06/2023 at 17:19 By Helga Labus Proof-of-concept (PoC) exploit code for the high-severity vulnerability (CVE-2023-20178) in Cisco Secure Client Software for Windows and Cisco AnyConnect Secure Mobility Client Software for Windows has been published. About the vulnerability Cisco Secure Client Software – previously known as
React to this headline:
PoC exploit released for Cisco AnyConnect, Secure Client vulnerability (CVE-2023-20178) Read More »
Microsoft Teams vulnerability allows attackers to deliver malware to employees 23/06/2023 at 15:24 By Zeljka Zorz Security researchers have uncovered a bug that could allow attackers to deliver malware directly into employees’ Microsoft Teams inbox. “Organisations that use Microsoft Teams inherit Microsoft’s default configuration which allows users from outside of their organisation to reach out
React to this headline:
Microsoft Teams vulnerability allows attackers to deliver malware to employees Read More »
Operationalizing zero trust in the cloud 23/06/2023 at 07:39 By Help Net Security Some organizations have bought into the idea that workloads in the cloud are inherently more secure than those on premises. This idea is reinforced by the concept that the cloud service provider (CSP) assumes responsibility for security. However, while a secure cloud
React to this headline:
Operationalizing zero trust in the cloud Read More »
Security investments that help companies navigate the macroeconomic climate 23/06/2023 at 07:01 By Help Net Security As data transformation progresses, cyber attacks are among the most significant growing threats to the enterprise. As seen in the recent MOVEit situation, enterprises must immediately enact cybersecurity solutions that are right for them. Every enterprise is unique, so
React to this headline:
Security investments that help companies navigate the macroeconomic climate Read More »
Apple fixes zero-day vulnerabilities used to covertly deliver spyware (CVE-2023-32435) 22/06/2023 at 13:36 By Zeljka Zorz Apple has released patches for three zero-day vulnerabilities (CVE-2023-32434, CVE-2023-32435, CVE-2023-32439) exploited in the wild. The first two have been reported by Kaspersky researchers Georgy Kucherin, Leonid Bezvershenko and Boris Larin following their discovery of the iOS spyware implant
React to this headline:
Apple fixes zero-day vulnerabilities used to covertly deliver spyware (CVE-2023-32435) Read More »
ChatGPT shows promise in detecting phishing sites 22/06/2023 at 08:24 By Helga Labus ChatGPT can be used to generate phishing sites, but could it also be used to reliably detect them? Security researchers have tried to answer that question. Can ChatGPT detect phishing sites based on URLs? Kaspersky researchers tested 5,265 (2322 phishing and 2943
React to this headline:
ChatGPT shows promise in detecting phishing sites Read More »
Cloud-native security hinges on open source 22/06/2023 at 07:33 By Help Net Security Technologies like Kubernetes and K3S are synonymous with the success of cloud native computing and the power of open source. It is no accident they have steamrolled the competition. As enterprises look to secure cloud-native environments, open source is the critical piece
React to this headline:
Cloud-native security hinges on open source Read More »
Understanding the interplay between DevOps productivity and security 22/06/2023 at 07:09 By Help Net Security Not only are macroeconomic headwinds causing more significant stress for security and DevOps teams, but the increasing number of threats against shrinking teams is causing an uneven playing field. In this Help Net Security video, Ev Kontsevoy, CEO at Teleport,
React to this headline:
Understanding the interplay between DevOps productivity and security Read More »
Unraveling the multifaceted threats facing telecom companies 22/06/2023 at 07:09 By Mirko Zorz In today’s interconnected world, telecom companies serve as gateways, connecting individuals, businesses, and governments. However, this role also makes them prime targets for cyberattacks. From DDoS attacks to sophisticated spyware infiltration, telecom providers face a wide range of threats that can disrupt
React to this headline:
Unraveling the multifaceted threats facing telecom companies Read More »
VMware Aria Operations for Networks vulnerability exploited in the wild (CVE-2023-20887) 21/06/2023 at 11:42 By Zeljka Zorz CVE-2023-20887, a pre-authentication command injection vulnerability in VMware Aria Operations for Networks (formerly vRealize Network Insight), has been spotted being exploited in the wild. There are no workarounds to mitigate the risk of exploitation – enterprise admins are
React to this headline:
VMware Aria Operations for Networks vulnerability exploited in the wild (CVE-2023-20887) Read More »