Don’t miss

New trends in ransomware attacks shape the future of cybersecurity

Corvus Insurance, cybercrime, cybersecurity, Don't miss, Hot stuff, Malware, Ransomware, trends, Video /

New trends in ransomware attacks shape the future of cybersecurity 16/05/2023 at 09:23 By Help Net Security Corvus Insurance analyzed data from the dark web and ransomware leak sites. Researchers uncovered a 60% increase in ransomware victims in March 2023, marking the highest monthly victim count observed in the past two years. In this Help […]

React to this headline:

Loading spinner

New trends in ransomware attacks shape the future of cybersecurity Read More »

3 tips to accelerate zero trust adoption

CISO, cyber risk, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, opinion, strategy, Syxsense, tips, zero trust /

3 tips to accelerate zero trust adoption 16/05/2023 at 09:23 By Help Net Security Zero trust adoption is beginning to accelerate as networks get more complex. Gartner predicts that by 2026, 10% of large enterprises will have a comprehensive, mature, and measurable zero-trust program in place (compared to just 1% today). But adoption has been

React to this headline:

Loading spinner

3 tips to accelerate zero trust adoption Read More »

Advantech’s industrial serial device servers open to attack

Advantech, CyberDanube, Don't miss, IIoT, network, News, PoC, vulnerability /

Advantech’s industrial serial device servers open to attack 15/05/2023 at 17:48 By Zeljka Zorz Three vulnerabilities in Advantech’s EKI series of serial device servers could be exploited to execute arbitrary commands on the OS level. Source: CyberDanube The vulnerabilities Serial device servers are networking devices that “network-enable” serial devices (e.g., printer, climate control system, etc.)

React to this headline:

Loading spinner

Advantech’s industrial serial device servers open to attack Read More »

Is human threat hunting a fool’s errand?

automation, data, Don't miss, Expert analysis, Expert corner, firewall, Hot stuff, intrusion, opinion, threat, threat hunting /

Is human threat hunting a fool’s errand? 15/05/2023 at 12:11 By Help Net Security We all have witnessed automated advances creep into our modern threat hunting processes – and with good reason. As the rate of cyberattacks steadily increases, automated threat hunting processes are being integrated to help stem the tide by providing quicker security

React to this headline:

Loading spinner

Is human threat hunting a fool’s errand? Read More »

SquareX’s vision: A future where internet security is a non-issue

CISO, cybersecurity, Don't miss, Features, Hot stuff, News, SquareX, strategy /

SquareX’s vision: A future where internet security is a non-issue 15/05/2023 at 12:11 By Mirko Zorz With an ever-evolving landscape of cyber threats, the necessity for innovative, effective, and user-friendly security products has never been more apparent. Current security solutions, however, seem to lag behind, struggling to adequately address the challenges posed by increasingly sophisticated

React to this headline:

Loading spinner

SquareX’s vision: A future where internet security is a non-issue Read More »

Web entity activity reveals insights into internet security

Censys, cybersecurity, Don't miss, Hot stuff, threats, Video /

Web entity activity reveals insights into internet security 15/05/2023 at 08:13 By Help Net Security For its recent research focusing on web entities (or content served over HTTP), Censys leveraged its internet-wide scan data to understand better the applications and services that have become core to our existence, evaluating the state of security on the

React to this headline:

Loading spinner

Web entity activity reveals insights into internet security Read More »

Greatness phishing-as-a-service threatens Microsoft 365 users

Cisco, Don't miss, Hot stuff, MFA, Microsoft 365, News, phishing /

Greatness phishing-as-a-service threatens Microsoft 365 users 12/05/2023 at 13:20 By Helga Labus Manufacturing businesses, healthcare organizations, and tech companies in English-speaking countries are the most targeted by phishers leveraging a relatively new phishing-as-a-service (PaaS) tool called Greatness, created to phish Microsoft 365 users. According to Cisco researcher, this tool has been utilized in numerous phishing

React to this headline:

Loading spinner

Greatness phishing-as-a-service threatens Microsoft 365 users Read More »

Top 3 trends shaping the future of cybersecurity and IAM

authentication, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, identity, identity management, opinion, Ping Identity, zero trust /

Top 3 trends shaping the future of cybersecurity and IAM 12/05/2023 at 07:30 By Help Net Security The need to protect sensitive information from unauthorized access and theft has never been greater, and cybersecurity and IAM technologies are evolving to meet this challenge while providing users with more convenience. There are three key trends to

React to this headline:

Loading spinner

Top 3 trends shaping the future of cybersecurity and IAM Read More »

Google notifies users about dark web exposure

Android, dark web, Don't miss, Gmail, Google, Hot stuff, News, Privacy /

Google notifies users about dark web exposure 11/05/2023 at 15:46 By Helga Labus Google has announced new tools, features and updates to improve users’ online safety, help them evaluate content found online, and alert them if their Gmail identity appears on the dark web. New tools and options for users A new tool called About

React to this headline:

Loading spinner

Google notifies users about dark web exposure Read More »

Dragos blocks ransomware attack, brushes aside extortion attempt

data theft, Don't miss, Dragos, Hot stuff, News, Ransomware /

Dragos blocks ransomware attack, brushes aside extortion attempt 11/05/2023 at 15:46 By Zeljka Zorz A ransomware group has tried and failed to extort money from Dragos, the industrial cybersecurity firm has confirmed on Wednesday, and reassured that none of its systems or its Dragos Platform had been breached. What happened? “The criminal group gained access

React to this headline:

Loading spinner

Dragos blocks ransomware attack, brushes aside extortion attempt Read More »

CISOs confront mounting obstacles in tracking cyber assets

asset discovery, CISO, Don't miss, Hot stuff, IT assets, Paladin Cloud, strategy, tips, Video /

CISOs confront mounting obstacles in tracking cyber assets 11/05/2023 at 07:10 By Help Net Security Monitoring assets in ever-changing settings operating in both development and production stages presents challenges. In this Help Net Security video, Daniel Deeney, CEO at Paladin Cloud, discusses how companies face difficulties identifying security threats within cloud environments. As businesses transition

React to this headline:

Loading spinner

CISOs confront mounting obstacles in tracking cyber assets Read More »

Never leak secrets to your GitHub repositories again

code, Data leak, Don't miss, GitHub, Hot stuff, News, open source, scanning, software development /

Never leak secrets to your GitHub repositories again 10/05/2023 at 14:47 By Helga Labus GitHub is making push protection – a security feature designed to automatically prevent the leaking of secrets to repositories – free for owners of all public repositories. Previously, the feature was available only for private repositories with a GitHub Advanced Security

React to this headline:

Loading spinner

Never leak secrets to your GitHub repositories again Read More »

Turla’s Snake malware network disrupted by Five Eyes’ agencies

APT, CISA, cyber espionage, cybercrime, Don't miss, FBI, government-backed attacks, Hot stuff, Malware, malware analysis, malware detection, News, NSA /

Turla’s Snake malware network disrupted by Five Eyes’ agencies 10/05/2023 at 14:47 By Help Net Security The US Justice Department announced the completion of court-authorized operation MEDUSA, to disrupt a global peer-to-peer network of computers compromised by sophisticated malware, called “Snake” (aka “Uroburous”), that the US Government attributes to a unit within Center 16 of

React to this headline:

Loading spinner

Turla’s Snake malware network disrupted by Five Eyes’ agencies Read More »

Prevent attackers from using legitimate tools against you

Artificial Intelligence, attacks, Don't miss, Expert analysis, Expert corner, exploit, Hot stuff, Malware, opinion, Ransomware, vulnerability, WithSecure /

Prevent attackers from using legitimate tools against you 10/05/2023 at 07:21 By Help Net Security Malicious actors are increasingly exploiting legitimate tools to accomplish their goals, which include disabling security measures, lateral movement, and transferring files. Using commonly available tools allows attackers to evade detection. While custom-built tools or malware can be flagged as malicious

React to this headline:

Loading spinner

Prevent attackers from using legitimate tools against you Read More »

The security and privacy risks of large language models

Don't miss, Hot stuff, Video /

The security and privacy risks of large language models 10/05/2023 at 07:00 By Help Net Security A large language model (LLM) is an artificial intelligence (AI) algorithm that employs deep learning methodologies, and extensive data sets to comprehend, condense, create, and predict new content. An example of an LLM is ChatGPT, a model developed by

React to this headline:

Loading spinner

The security and privacy risks of large language models Read More »

Microsoft fixes two actively exploited bugs, one used by BlackLotus bootkit (CVE-2023-29336, CVE-2023-24932)

Automox, Don't miss, Hot stuff, Microsoft, News, Patch Tuesday, security update, SharePoint, Tenable, Trend Micro, Windows /

Microsoft fixes two actively exploited bugs, one used by BlackLotus bootkit (CVE-2023-29336, CVE-2023-24932) 09/05/2023 at 22:15 By Zeljka Zorz For May 2023 Patch Tuesday, Microsoft has delivered fixes for 38 CVE-numbered vulnerabilities, including a patch for a Windows bug (CVE-2023-29336) and a Secure Boot bypass flaw (CVE-2023-24932) exploited by attackers in the wild. The two

React to this headline:

Loading spinner

Microsoft fixes two actively exploited bugs, one used by BlackLotus bootkit (CVE-2023-29336, CVE-2023-24932) Read More »

Microsoft Authenticator push notifications get number matching

authentication, Don't miss, Hot stuff, MFA, Microsoft, News /

Microsoft Authenticator push notifications get number matching 09/05/2023 at 15:31 By Helga Labus Microsoft has enabled number matching for Microsoft Authenticator push notifications to improve user sign-in security. Authenticator MFA number matching in action (Source: Microsoft) “If the user has a different default authentication method, there’s no change to their default sign-in. If the default

React to this headline:

Loading spinner

Microsoft Authenticator push notifications get number matching Read More »

Finding bugs in AI models at DEF CON 31

Artificial Intelligence, DEF CON, Don't miss, Hot stuff, News, red team /

Finding bugs in AI models at DEF CON 31 09/05/2023 at 12:12 By Helga Labus DEF CON’s AI Village will host the first public assessment of large language models (LLMs) at the 31st edition of the hacker convention this August, aimed at finding bugs in and uncovering the potential for misuse of AI models. The

React to this headline:

Loading spinner

Finding bugs in AI models at DEF CON 31 Read More »

To enable ethical hackers, a law reform is needed

cybercriminals, cybersecurity, Don't miss, Expert analysis, Expert corner, hacker, HackerOne, Hot stuff, law, opinion, UK, vulnerability /

To enable ethical hackers, a law reform is needed 09/05/2023 at 08:13 By Help Net Security Organizations need to be able to match the ingenuity and resources of cybercriminals to better defend themselves against the increasing number of threats and attacks that could paralyze their business. Unfortunately, some laws restrict genuine security research. As we

React to this headline:

Loading spinner

To enable ethical hackers, a law reform is needed Read More »

Unattended API challenge: How we’re losing track and can we get full visibility

API security, BLST Security, CISO, Cloud, data breach, Don't miss, News, opinion, vulnerability /

Unattended API challenge: How we’re losing track and can we get full visibility 09/05/2023 at 08:13 By Help Net Security API sprawl is a prevalent issue in modern enterprises, as APIs are being developed and deployed at an unprecedented rate. As highlighted by Postman’s 2022 State of the API Report, “89% of respondents said organizations’

React to this headline:

Loading spinner

Unattended API challenge: How we’re losing track and can we get full visibility Read More »

Scroll to Top