Don’t miss

Whitepaper: 9 traits of effective security leaders of tomorrow

Don't miss, ISC2, News, whitepapper /

Whitepaper: 9 traits of effective security leaders of tomorrow 2024-12-03 at 16:15 By Help Net Security The cyber world needs your expertise. But the security leaders of tomorrow require a broad set of skills that job experience alone does not arm you with. What do today’s organizations demand? And how can you acquire the technical […]

React to this headline:

Loading spinner

Whitepaper: 9 traits of effective security leaders of tomorrow Read More »

Phishers send corrupted documents to bypass email security

Any.Run, Don't miss, email security, Hot stuff, MS Office, News, phishing /

Phishers send corrupted documents to bypass email security 2024-12-03 at 14:18 By Zeljka Zorz Phishers have come up with a new trick for bypassing email security systems: corrupted MS Office documents. The spam campaign Malware hunting service Any.Run has warned last week about email campaigns luring users with promises of payments, benefits and end-of-the-year bonuses.

React to this headline:

Loading spinner

Phishers send corrupted documents to bypass email security Read More »

Treat AI like a human: Redefining cybersecurity

Appfire, Artificial Intelligence, Compliance, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, risk assessment, security controls /

Treat AI like a human: Redefining cybersecurity 2024-12-03 at 07:31 By Mirko Zorz In this Help Net Security interview, Doug Kersten, CISO of Appfire, explains how treating AI like a human can change the way cybersecurity professionals use AI tools. He discusses how this shift encourages a more collaborative approach while acknowledging AI’s limitations. Kersten

React to this headline:

Loading spinner

Treat AI like a human: Redefining cybersecurity Read More »

Best practices for staying cyber secure during the holidays

cybersecurity, Don't miss, Hot stuff, IoT, Optiv Security, SOC, Threat Intelligence, threats, tips, Video /

Best practices for staying cyber secure during the holidays 2024-12-03 at 07:07 By Help Net Security In this Help Net Security video, Sean Tufts, managing partner for critical infrastructure and operational technology at Optiv, discusses best practices for keeping businesses secure amidst a barrage of threats during the holiday season. Pause large changes in your

React to this headline:

Loading spinner

Best practices for staying cyber secure during the holidays Read More »

The shocking speed of AWS key exploitation

automation, AWS, Clutch Security, credentials, Don't miss, GitHub, Hot stuff, News, security practices /

The shocking speed of AWS key exploitation 2024-12-02 at 21:19 By Zeljka Zorz It’s no secret that developers often inadvertently expose AWS access keys online and we know that these keys are being scraped and misused by attackers before organizations get a chance to revoke them. Clutch Security researchers performed a test to see just

React to this headline:

Loading spinner

The shocking speed of AWS key exploitation Read More »

5 reasons to double down on network security

cloud computing, cybersecurity, Don't miss, Endpoint Security, Expert analysis, Expert corner, Hot stuff, network, News, opinion, Stamus Networks, threat detection /

5 reasons to double down on network security 2024-12-02 at 07:33 By Help Net Security Cybersecurity programs have evolved significantly over the past few decades. The advent of cloud computing shattered the conventional corporate perimeter, forcing organizations to update their defense strategies. Today, with the rise of work-from-anywhere and bring-your-own-device (BYOD) policies as well as

React to this headline:

Loading spinner

5 reasons to double down on network security Read More »

Inside the 2024 CWE Top 25: Trends, surprises, and persistent challenges

Artificial Intelligence, CNA, CVE, cybersecurity, Don't miss, Features, Hot stuff, MITRE, News, opinion, vulnerability management /

Inside the 2024 CWE Top 25: Trends, surprises, and persistent challenges 2024-12-02 at 07:12 By Mirko Zorz In this Help Net Security interview, Alec Summers, Project Leader for the CVE Program at MITRE, shares his insights on the 2024 CWE top 25 most dangerous software weaknesses. He discusses the impact of the new methodology that

React to this headline:

Loading spinner

Inside the 2024 CWE Top 25: Trends, surprises, and persistent challenges Read More »

How AI is transforming human risk management

Artificial Intelligence, Don't miss, human error, InfoSec Institute, News, Risk Management, Video /

How AI is transforming human risk management 2024-12-02 at 06:33 By Help Net Security While human error has always posed a cybersecurity risk, AI and emerging tech are playing an evolving role in Human Risk Management – uncovering new needs, challenges, and pain points. In this Help Net Security video, Bret Fund, SVP and General

React to this headline:

Loading spinner

How AI is transforming human risk management Read More »

The effect of compliance requirements on vulnerability management strategies

automation, Compliance, cybersecurity, Don't miss, Features, Hot stuff, News, Nucleus Security, opinion, patching, vulnerability management /

The effect of compliance requirements on vulnerability management strategies 2024-11-29 at 07:34 By Mirko Zorz In this Help Net Security interview, Steve Carter, CEO of Nucleus Security, discusses the ongoing challenges in vulnerability management, including prioritizing vulnerabilities and addressing patching delays. Carter also covers compliance requirements and how automation can streamline vulnerability management processes. Why

React to this headline:

Loading spinner

The effect of compliance requirements on vulnerability management strategies Read More »

Modernizing incident response in the AI era

Artificial Intelligence, Bill, Cloud, cybersecurity, Don't miss, Hot stuff, Incident Response, Video /

Modernizing incident response in the AI era 2024-11-29 at 06:32 By Help Net Security In this Help Net Security video, Gourav Nagar, Director of Information Security at Bill, discusses modernizing incident response in the era of AI and the cloud: Why this issue is important for organizations looking to stay ahead of rapidly evolving cyber

React to this headline:

Loading spinner

Modernizing incident response in the AI era Read More »

Why cybersecurity leaders trust the MITRE ATT&CK Evaluations

Cynet, Don't miss, News /

Why cybersecurity leaders trust the MITRE ATT&CK Evaluations 2024-11-28 at 08:12 By Help Net Security In today’s dynamic threat landscape, security leaders are under constant pressure to make informed choices about which solutions and strategies they employ to protect their organizations. The “MITRE Engenuity ATT&CK Evaluations: Enterprise” stand out as an essential resource for cybersecurity decision

React to this headline:

Loading spinner

Why cybersecurity leaders trust the MITRE ATT&CK Evaluations Read More »

How the role of observability is changing within organizations

cybersecurity, Don't miss, Hot stuff, network, New Relic, Video /

How the role of observability is changing within organizations 2024-11-28 at 08:12 By Help Net Security In this Help Net Security video, Nic Benders, Chief Technical Strategist at New Relic, discusses the key findings of a recent 2024 Observability Forecast report. The annual survey of 1,700 technology professionals across 16 countries reveals that: IT outages

React to this headline:

Loading spinner

How the role of observability is changing within organizations Read More »

Cybercriminals used a gaming engine to create undetectable malware loader

Check Point, Don't miss, GitHub, Hot stuff, Linux, macOS, Malware, malware detection, News, software development, Windows /

Cybercriminals used a gaming engine to create undetectable malware loader 2024-11-27 at 20:33 By Zeljka Zorz Threat actors are using an ingenious new way for covertly delivering malware to a wide variety of operating systems and platforms: they have created a malware loader that uses Godot Engine, an open-source game engine. The loader – dubbed

React to this headline:

Loading spinner

Cybercriminals used a gaming engine to create undetectable malware loader Read More »

ESET researchers analyze first UEFI bootkit for Linux systems

Don't miss, firmware, Hot stuff, Linux, News, research /

ESET researchers analyze first UEFI bootkit for Linux systems 2024-11-27 at 18:18 By Help Net Security ESET Research has discovered the first UEFI bootkit designed for Linux systems, named Bootkitty by its creators. Researchers believe this bootkit is likely an initial proof of concept, and based on ESET telemetry, it has not been deployed in

React to this headline:

Loading spinner

ESET researchers analyze first UEFI bootkit for Linux systems Read More »

QScanner: Linux command-line utility for scanning container images, conducting SCA

containers, Don't miss, Hot stuff, Linux, News, Qualys, scanning /

QScanner: Linux command-line utility for scanning container images, conducting SCA 2024-11-27 at 08:02 By Help Net Security QScanner is a Linux command-line utility tailored for scanning container images and performing Software Composition Analysis (SCA). It is compatible with diverse container orchestration systems, container runtimes, and operating systems. QScanner features Instant console results: Scan for vulnerabilities

React to this headline:

Loading spinner

QScanner: Linux command-line utility for scanning container images, conducting SCA Read More »

Choosing the right secure messaging app for your organization

Application Security, Artificial Intelligence, attacks, automation, cybersecurity, Don't miss, Encryption, Features, Hot stuff, messaging, News, opinion, Rakuten Viber /

Choosing the right secure messaging app for your organization 2024-11-27 at 07:18 By Mirko Zorz In this Help Net Security interview, Liad Shnell, CTO at Rakuten Viber, discusses what organizations should look for in secure messaging apps, including encryption, privacy standards, and ease of integration. Shnell also covers the need for a multi-layered approach to

React to this headline:

Loading spinner

Choosing the right secure messaging app for your organization Read More »

Zero-day data security

cloud security, cybersecurity, Deep Instinct, Don't miss, Hot stuff, Video /

Zero-day data security 2024-11-27 at 07:18 By Help Net Security In this Help Net Security video, Carl Froggett, CIO of Deep Instinct, discusses the complexities of modern cloud architectures and why current defenses are falling short. He talks about the rise of zero-day data security and the need for organizations to stop attacks before they

React to this headline:

Loading spinner

Zero-day data security Read More »

Hottest cybersecurity open-source tools of the month: November 2024

cybersecurity, Don't miss, GitHub, News, open source, software /

Hottest cybersecurity open-source tools of the month: November 2024 2024-11-27 at 06:03 By Help Net Security This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. ScubaGear ScubaGear is an open-source tool the Cybersecurity and Infrastructure Security Agency (CISA) created to automatically evaluate Microsoft 365 (M365) configurations

React to this headline:

Loading spinner

Hottest cybersecurity open-source tools of the month: November 2024 Read More »

Researchers reveal exploitable flaws in corporate VPN clients

AmberWolf, CVE, Don't miss, Hot stuff, macOS, News, Palo Alto Networks, SonicWall, VPN, vulnerability, Windows /

Researchers reveal exploitable flaws in corporate VPN clients 2024-11-26 at 17:33 By Zeljka Zorz Researchers have discovered vulnerabilities in the update process of Palo Alto Networks (CVE-2024-5921) and SonicWall (CVE-2024-29014) corporate VPN clients that could be exploited to remotely execute code on users’ devices. CVE-2024-5921 CVE-2024-5921 affects various versions of Palo Alto’s GlobalProtect App on

React to this headline:

Loading spinner

Researchers reveal exploitable flaws in corporate VPN clients Read More »

Black Friday shoppers targeted with thousands of fraudulent online stores

consumer, Don't miss, fraud, holidays, Hot stuff, Netcraft, News, online shopping, Retail /

Black Friday shoppers targeted with thousands of fraudulent online stores 2024-11-26 at 13:33 By Zeljka Zorz Building fake, fraudulent online stores has never been easier: fraudsters are registering domain names for a pittance, using the SHOPYY e-commerce platform to build the websites, and leveraging large language models (LLMs) to rewrite existing product listings to perfect

React to this headline:

Loading spinner

Black Friday shoppers targeted with thousands of fraudulent online stores Read More »

Scroll to Top