The Internet Archive breach continues 2024-10-21 at 12:46 By Zeljka Zorz Cybersecurity troubles are not over for the Internet Archive (IA), the nonprofit organization behind the popular digital library site: after the recent DDoS attacks, defacement and data breach, an email sent via its Zendesk customer service platform has shown that some of its IT […]
React to this headline:
The Internet Archive breach continues Read More »
Building secure AI with MLSecOps 2024-10-21 at 07:31 By Mirko Zorz In this Help Net Security interview, Ian Swanson, CEO of Protect AI, discusses the concept of “secure AI by design.” By adopting frameworks like Machine Learning Security Operations (MLSecOps) and focusing on transparency, organizations can build resilient AI systems that are both safe and
React to this headline:
Building secure AI with MLSecOps Read More »
Evolving cybercriminal tactics targeting SMBs 2024-10-21 at 07:01 By Help Net Security A recent Todyl report revealed a 558% increase in BEC (Business Email Compromise), AiTM (Adversary-in-the-Middle), and ATO (Account Takeover) attacks in 2024. In this Help Net Security video, David Langlands, Chief Security Officer at Todyl, discusses these evolving cyber threats. Here are the
React to this headline:
Evolving cybercriminal tactics targeting SMBs Read More »
Aranya: Open-source toolkit to accelerate secure by design concepts 2024-10-21 at 06:31 By Help Net Security SpiderOak launched its core technology platform as an open-source project called Aranya. This release provides the same level of security as the company’s platform, which is already in use by the Department of Defense. The Aranya project marks a
React to this headline:
Aranya: Open-source toolkit to accelerate secure by design concepts Read More »
Microsoft lost some customers’ cloud security logs 2024-10-18 at 16:46 By Zeljka Zorz Microsoft has lost several weeks of cloud security logs that its customers rely on to spot cyber intrusions. What happened As reported by Business Insider earlier this month, Microsoft privately notified affected customers of this incident and told them the failure was
React to this headline:
Microsoft lost some customers’ cloud security logs Read More »
Fake Google Meet pages deliver infostealers 2024-10-17 at 14:47 By Zeljka Zorz Users of the Google Meet video communication service have been targeted by cyber crooks using the ClickFix tactic to infect them with information-stealing malware. Fake Google Meet video conference page with malicious ClickFix pop-up (Source: Sekoia) “The ClickFix tactic deceives users into downloading
React to this headline:
Fake Google Meet pages deliver infostealers Read More »
The role of compromised cyber-physical devices in modern cyberattacks 2024-10-17 at 11:46 By Zeljka Zorz Cyber-physical devices are increasingly getting compromised and leveraged by criminal groups and state-sponsored threat actors. Fyodor Yarochkin, Senior Threat Solution Architect with Trend Micro, believes that getting a better understanding of attackers’ infrastructure leads to a better understanding of the
React to this headline:
The role of compromised cyber-physical devices in modern cyberattacks Read More »
GhostStrike: Open-source tool for ethical hacking 2024-10-17 at 07:31 By Mirko Zorz GhostStrike is an open-source, advanced cybersecurity tool tailored for ethical hacking and Red Team operations. It incorporates cutting-edge techniques, including process hollowing, to stealthily evade detection on Windows systems, making it an asset for penetration testing and security assessments. “I decided to develop
React to this headline:
GhostStrike: Open-source tool for ethical hacking Read More »
How NIS2 will impact sectors from healthcare to energy 2024-10-17 at 07:02 By Mirko Zorz In this Help Net Security interview, Mick Baccio, Global Security Advisor at Splunk SURGe, discusses the far-reaching implications of the NIS2 Directive beyond traditional IT security. He explains how NIS2 will fundamentally change cybersecurity governance, making it a core aspect
React to this headline:
How NIS2 will impact sectors from healthcare to energy Read More »
AI data collection under fire 2024-10-17 at 06:32 By Help Net Security A recent Cohesity report found that consumers are highly concerned about the information companies collect from them – especially when it`s used for artificial intelligence – with consumers prepared to punish companies by switching providers for any loss of trust. In this Help
React to this headline:
AI data collection under fire Read More »
Defenders must adapt to shrinking exploitation timelines 2024-10-16 at 15:16 By Zeljka Zorz A new report from Mandiant reveals that the average time-to-exploit vulnerabilities before or after a patch is released has plunged to just five days in 2023, down from 32 days in 2021 in 2022. One reason for this is the fact that,
React to this headline:
Defenders must adapt to shrinking exploitation timelines Read More »
Android 15 unveils new security features to protect sensitive data 2024-10-16 at 13:20 By Help Net Security Android 15 brings enhanced security features to protect your sensitive health, financial, and personal data from theft and fraud. It also introduces productivity improvements for large-screen devices and updates to apps like the camera, messaging, and passkeys. Android
React to this headline:
Android 15 unveils new security features to protect sensitive data Read More »
Resilience over reliance: Preparing for IT failures in an unpredictable digital world 2024-10-16 at 07:31 By Help Net Security No IT system — no matter how advanced – is completely immune to failure. The promise of a digital ring of steel may sound attractive, but can it protect you against hardware malfunctions? Software bugs? Unexpected
React to this headline:
Resilience over reliance: Preparing for IT failures in an unpredictable digital world Read More »
Strengthening Kubernetes security posture with these essential steps 2024-10-16 at 07:01 By Mirko Zorz In this Help Net Security interview, Paolo Mainardi, CTO at SparkFabrik, discusses comprehensive strategies to secure Kubernetes environments from development through deployment. He focuses on best practices, automation, and continuous monitoring. Many security risks in Kubernetes originate from vulnerable container images.
React to this headline:
Strengthening Kubernetes security posture with these essential steps Read More »
Attackers deploying red teaming tool for EDR evasion 2024-10-15 at 17:16 By Zeljka Zorz Threat actors are leveraging the open-source EDRSilencer tool to evade endpoint detection and response systems, Trend Micro researchers have noticed. About EDRSilencer The software, which is intended for red teaming, is being abused to “silence” EDR solutions. It works by leveraging
React to this headline:
Attackers deploying red teaming tool for EDR evasion Read More »
87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113) 2024-10-15 at 14:49 By Zeljka Zorz Last week, CISA added CVE-2024-23113 – a critical vulnerability that allows unauthenticated remote code/command execution on unpatched Fortinet FortiGate firewalls – to its Known Exploited Vulnerabilities catalog, thus confirming that it’s being leveraged by attackers in the
React to this headline:
87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113) Read More »
The NHI management challenge: When employees leave 2024-10-15 at 08:01 By Help Net Security An employee is exiting your organization. Regardless of the terms of departure, an ex-staffer has the potential when they leave or change roles to impact a wide range of non-human identities, digital credentials, and other secrets. Those secrets include the credentials
React to this headline:
The NHI management challenge: When employees leave Read More »
How nation-states exploit political instability to launch cyber operations 2024-10-15 at 07:37 By Mirko Zorz In this Help Net Security interview, Ismael Valenzuela, Vice President of Threat Research & Intelligence at BlackBerry, discusses the impact of geopolitical tensions on the frequency and sophistication of cyberattacks. He explains how nation-states and politically motivated groups exploit unrest
React to this headline:
How nation-states exploit political instability to launch cyber operations Read More »
The dark side of API security 2024-10-15 at 07:02 By Help Net Security APIs are the backbone of digital transformation efforts, connecting applications across organizations, so their security is of the utmost importance. In this Help Net Security video, Lori MacVittie, a Distinguished Engineer at F5, discusses the current state of API security. A recent
React to this headline:
The dark side of API security Read More »
The quantum dilemma: Game-changer or game-ender 2024-10-14 at 08:18 By Help Net Security If someone told you five years ago that you could pose questions to an AI agent about the most vexing issues in science and it could answer back swiftly and meaningfully, you would’ve thought they were joking. But AI has ushered in
React to this headline:
The quantum dilemma: Game-changer or game-ender Read More »