Future trends in cyber warfare: Predictions for AI integration and space-based operations 2024-06-26 at 06:36 By Mirko Zorz In this Help Net Security interview, Morgan Wright, Chief Security Advisor at SentinelOne, discusses how AI is utilized in modern cyber warfare by state and non-state actors. AI enhances decision-making speed and precision for state actors, facilitating […]
React to this headline:
Progress quietly fixes MOVEit auth bypass flaws (CVE-2024-5805, CVE-2024-5806) 2024-06-25 at 21:16 By Zeljka Zorz Progress Software has patched one critical (CVE-2024-5805) and one high-risk (CVE-2024-5806) vulnerability in MOVEit, its widely used managed file transfer (MFT) software product. According to WatchTowr Labs researchers, the company has been privately instructing users to implement the hotfixes before
React to this headline:
Progress quietly fixes MOVEit auth bypass flaws (CVE-2024-5805, CVE-2024-5806) Read More »
Ransomware disrupts Indonesia’s national data centre, LockBit gang claims US Federal Reserve breach 2024-06-25 at 14:46 By Zeljka Zorz Ransomware attackers wielding a LockBit variant dubbed Brain Cipher have disrupted a temporary national data center facility which supports the operations of 200+ Indonesian government agencies and public services. The attackers are asking for a $8
React to this headline:
New security loophole allows spying on internet users’ online activity 2024-06-25 at 13:16 By Help Net Security Researchers at Graz University of Technology were able to spy on users’ online activities simply by monitoring fluctuations in the speed of their internet connection. This vulnerability, known as SnailLoad, does not require malicious code to exploit, and
React to this headline:
New security loophole allows spying on internet users’ online activity Read More »
Zeek: Open-source network traffic analysis, security monitoring 2024-06-25 at 07:01 By Mirko Zorz Zeek is an open-source network analysis framework. Unlike an active security device such as a firewall, Zeek operates on a versatile ‘sensor’ that can be a hardware, software, virtual, or cloud platform. This flexibility allows Zeek to quietly monitor network traffic, interpret
React to this headline:
Zeek: Open-source network traffic analysis, security monitoring Read More »
CISOs’ new ally: Qualys CyberSecurity Asset Management 3.0 2024-06-25 at 06:31 By Mirko Zorz In this Help Net Security interview, Kunal Modasiya, VP of Product Management and Growth at Qualys, explores the key features, significant advantages, and innovative technologies behind Qualys CyberSecurity Asset Management 3.0. Can you explain the key features of Qualys CyberSecurity Asset
React to this headline:
CISOs’ new ally: Qualys CyberSecurity Asset Management 3.0 Read More »
Guide to mitigating credential stuffing attacks 2024-06-25 at 05:46 By Help Net Security We have a collective unaddressed weakness when it comes to basic cybersecurity. Out of the many reports circulating in the news today, many statistics revolve around the number of detected breaches. Why are credentials so sought after? How can we communicate the
React to this headline:
Guide to mitigating credential stuffing attacks Read More »
Open-source Rafel RAT steals info, locks Android devices, asks for ransom 2024-06-24 at 14:46 By Zeljka Zorz The open-source Rafel RAT is being leveraged by multiple threat actors to compromise Android devices and, in some cases, to lock them, encrypt their contents, and demand money to restore the device to its original state. Check Point
React to this headline:
Open-source Rafel RAT steals info, locks Android devices, asks for ransom Read More »
Why are threat actors faking data breaches? 2024-06-24 at 07:16 By Help Net Security Earlier this year Europcar discovered a hacker selling info on its 50 million customers on the dark web. The European car rental company immediately launched an investigation, only to discover that the data being sold was completely doctored, possibly using generative
React to this headline:
Why are threat actors faking data breaches? Read More »
Securing the video market: From identification to disruption 2024-06-24 at 07:01 By Help Net Security Video piracy, a pressing issue often unnoticed in security discussions, is rising and demands immediate attention. In this Help Net Security video, Chris White, Chief Architect at Friend MTS, discusses monitoring, identifying, and disrupting piracy for the video market. He
React to this headline:
Securing the video market: From identification to disruption Read More »
1 out of 3 breaches go undetected 2024-06-24 at 06:31 By Help Net Security Organizations continue to struggle in detecting breaches as they become more targeted and sophisticated, with more than 1 out of 3 organizations citing their existing security tools were unable to detect breaches when they occur, according to Gigamon. As hybrid cloud
React to this headline:
1 out of 3 breaches go undetected Read More »
Intel-powered computers affected by serious firmware flaw (CVE-2024-0762) 2024-06-21 at 14:31 By Zeljka Zorz A vulnerability (CVE-2024-0762) in the Phoenix SecureCore UEFI, which runs on various Intel processors, could be exploited locally to escalate privileges and run arbitrary code within the firmware during runtime. “This type of low-level exploitation is typical of firmware backdoors (e.g.,
React to this headline:
Intel-powered computers affected by serious firmware flaw (CVE-2024-0762) Read More »
US bans Kaspersky antivirus software due to national security risks 2024-06-21 at 13:01 By Zeljka Zorz The US Department of Commerce has announced an upcoming US-wide ban of cybersecurity and antivirus software by Kaspersky, as its “ability to gather valuable US business information, including intellectual property, and to gather US persons’ sensitive data for malicious
React to this headline:
US bans Kaspersky antivirus software due to national security risks Read More »
Cilium: Open-source eBPF-based networking, security, observability 2024-06-21 at 07:01 By Help Net Security Cilium is an open-source, cloud-native solution that leverages eBPF technology in the Linux kernel to provide, secure, and monitor network connectivity between workloads. What is eBPF? eBPF is a technology originating from the Linux kernel that allows sandboxed programs to run in
React to this headline:
Cilium: Open-source eBPF-based networking, security, observability Read More »
Crown Equipment cyberattack confirmed, manufacturing disrupted for weeks 2024-06-20 at 17:46 By Zeljka Zorz Ohio-based Crown Equipment, which is among the largest industrial and forklift truck manufacturers in the world, has become a victim of a cyberattack “by an international cybercriminal organization,” the company has finally confirmed to its employees on Tuesday. The confirmation came
React to this headline:
Crown Equipment cyberattack confirmed, manufacturing disrupted for weeks Read More »
CDK Global cyberattack cripples 15,000 US auto dealerships 2024-06-20 at 13:46 By Zeljka Zorz CDK Global, a software-as-a-service (SaaS) provider for car dealers and auto equipment manufacturers, has suffered a cyberattack that has temporarily disrupted its customers’ operations. About CDK and its platform CDK’s platform is used by 15,000+ car dealerships across North America to
React to this headline:
CDK Global cyberattack cripples 15,000 US auto dealerships Read More »
From passwords to passkeys: Enhancing security and user satisfaction 2024-06-20 at 07:01 By Mirko Zorz In this Help Net Security interview, Julianna Lamb, Stytch CTO, discusses the advantages of passwordless authentication. Eliminating passwords reduces data breaches and improves user experience by simplifying the login process. Lamb also addresses the technical challenges and economic implications of
React to this headline:
From passwords to passkeys: Enhancing security and user satisfaction Read More »
eBook: CISO guide to password security 2024-06-20 at 05:46 By Help Net Security Password security has seen dramatic shifts driven by the escalation of cyber threats and technological advancements. This eBook covers: Best practices for NIST-compliant password security Key benefits of automating password policies It is not just about creating barriers to unauthorized access but
React to this headline:
eBook: CISO guide to password security Read More »
Clever macOS malware delivery campaign targets cryptocurrency users 2024-06-19 at 14:16 By Zeljka Zorz Cryptocurrency users are being targeted with legitimate-looking but fake apps that deliver information-stealing malware instead, Recorder Future’s researchers are warning. The threat actor behind this complex scheme is going after both Windows and Mac users, and leverages social media and messaging
React to this headline:
Clever macOS malware delivery campaign targets cryptocurrency users Read More »
How can SLTTs defend against cyber threats? 2024-06-19 at 11:02 By Help Net Security Managing cybersecurity for any organization is no easy feat. Improving cybersecurity maturity is often even more difficult, made increasingly challenging by the eye-watering costs of cybersecurity products and solutions. And when you are responsible for securing citizens’ data as a U.S.
React to this headline:
How can SLTTs defend against cyber threats? Read More »