Don’t miss

AI cybersecurity needs to be as multi-layered as the system it’s protecting

Artificial Intelligence, cybercriminals, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, LLMs, Mindgard, News, opinion /

AI cybersecurity needs to be as multi-layered as the system it’s protecting 2024-09-09 at 08:01 By Help Net Security Cybercriminals are beginning to take advantage of the new malicious options that large language models (LLMs) offer them. LLMs make it possible to upload documents with hidden instructions that are executed by connected system components. This […]

React to this headline:

Loading spinner

AI cybersecurity needs to be as multi-layered as the system it’s protecting Read More »

OpenZiti: Secure, open-source networking for your applications

Don't miss, GitHub, Hot stuff, networking, News, open source, software, zero trust /

OpenZiti: Secure, open-source networking for your applications 2024-09-09 at 07:33 By Mirko Zorz OpenZiti is a free, open-source project that embeds zero-trust networking principles directly into applications. Example of an OpenZiti overlay network OpenZiti features “We created OpenZiti to transform how people think about connectivity. While OpenZiti is a zero-trust networking platform, you can also

React to this headline:

Loading spinner

OpenZiti: Secure, open-source networking for your applications Read More »

Best practices for implementing the Principle of Least Privilege

access management, Artificial Intelligence, cybersecurity, Don't miss, Features, Hot stuff, machine learning, News, Opal Security, opinion, policy /

Best practices for implementing the Principle of Least Privilege 2024-09-09 at 07:02 By Mirko Zorz In this Help Net Security interview, Umaimah Khan, CEO of Opal Security, shares her insights on implementing the Principle of Least Privilege (PoLP). She discusses best practices for effective integration, benefits for operational efficiency and audit readiness, and how to

React to this headline:

Loading spinner

Best practices for implementing the Principle of Least Privilege Read More »

Phishing in focus: Disinformation, election and identity fraud

Bolster, cybercrime, cybersecurity, disinformation, Don't miss, election security, Hot stuff, identity theft, News, phishing, scams, Video /

Phishing in focus: Disinformation, election and identity fraud 2024-09-09 at 06:34 By Help Net Security The frequency of phishing attacks is rising as attackers increasingly utilize AI to execute more scams than ever before. In this Help Net Security video, Abhilash Garimella, Head Of Research at Bolster, discusses how phishing scams are now being hosted

React to this headline:

Loading spinner

Phishing in focus: Disinformation, election and identity fraud Read More »

Exposed: Russian military Unit 29155 does digital sabotage, espionage

CISA, cyber espionage, cyber sabotage, cyber war, cybercriminals, disruption, Don't miss, hacker, Hot stuff, Justice Department, NATO, News, Russian Federation, Ukraine, USA /

Exposed: Russian military Unit 29155 does digital sabotage, espionage 2024-09-06 at 17:01 By Zeljka Zorz The US Department of Justice has named five Russian computer hackers as members of Unit 29155 – i.e., the 161st Specialist Training Center of the Russian General Staff Main Intelligence Directorate (GRU) – which they deem resposible for the 2022

React to this headline:

Loading spinner

Exposed: Russian military Unit 29155 does digital sabotage, espionage Read More »

Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195)

Apache OFBiz, CVE, Don't miss, enterprise, Hot stuff, News, open source, Rapid7, vulnerability, web application /

Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195) 2024-09-06 at 13:02 By Zeljka Zorz For the fourth time in the last five months, Apache OFBiz users have been advised to upgrade their installations to fix a critical flaw (CVE-2024-45195) that could lead to unauthenticated remote code execution. About CVE-2024-45195 Apache OFBiz is an open-source suite

React to this headline:

Loading spinner

Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195) Read More »

September 2024 Patch Tuesday forecast: Downgrade is the new exploit

Adobe, apple, Chrome, cybersecurity, Don't miss, Expert analysis, Expert corner, Firefox, Hot stuff, Ivanti, Microsoft, Mozilla, News, Patch Tuesday, patching, Windows /

September 2024 Patch Tuesday forecast: Downgrade is the new exploit 2024-09-06 at 08:16 By Help Net Security I asked for a calm August 2024 Patch Tuesday in last month’s forecast article and that came to pass. The updates released were limited to the regular operating systems and all forms of Office applications. Six zero-day vulnerabilities

React to this headline:

Loading spinner

September 2024 Patch Tuesday forecast: Downgrade is the new exploit Read More »

Human firewalls are essential to keeping SaaS environments safe

cybersecurity, data security, Don't miss, Expert analysis, Expert corner, Hot stuff, Metomic, News, opinion, SaaS, strategy /

Human firewalls are essential to keeping SaaS environments safe 2024-09-06 at 08:01 By Help Net Security Businesses run on SaaS solutions: nearly every business function relies on multiple cloud-based tech platforms and collaborative work tools like Slack, Google Workspace apps, Jira, Zendesk and others. We recently surveyed security leaders and CISOs on top data security

React to this headline:

Loading spinner

Human firewalls are essential to keeping SaaS environments safe Read More »

Respotter: Open-source Responder honeypot

Don't miss, News /

Respotter: Open-source Responder honeypot 2024-09-06 at 07:31 By Mirko Zorz Respotter is an open-source honeypot designed to detect attackers when they launch Responder within your environment. This application identifies active instances of Responder by exploiting its behavior when responding to any DNS query. Respotter leverages LLMNR, mDNS, and NBNS protocols to query a non-existent hostname

React to this headline:

Loading spinner

Respotter: Open-source Responder honeypot Read More »

The true cost of cybercrime for your business

At-Bay, Cayosoft, Cisco, Coalition, cybercrime, Don't miss, Experian, Fortinet, Hack The Box, IDC, McAfee, News, report, Resilience Insurance, Sophos, survey, Trustpair, Veeam Software, Zayo Group, Zscaler /

The true cost of cybercrime for your business 2024-09-06 at 07:01 By Help Net Security As cybercriminals continue to refine their methods, blending traditional strategies with new technologies, the financial toll on individuals and organizations has reached alarming levels. Businesses are also grappling with mounting cybercrime costs from ransomware and DDoS attacks, which can inflict

React to this headline:

Loading spinner

The true cost of cybercrime for your business Read More »

Microchip Technology confirms theft of employee data

cyberattack, data theft, Don't miss, Hot stuff, Microchip Technology, News, Ransomware, Semiconductors, USA /

Microchip Technology confirms theft of employee data 2024-09-05 at 12:31 By Zeljka Zorz US-based semiconductor manufacturer Microchip Technology has confirmed that the cyberattack it suffered in August 2024 resulted in the theft of data, including “employee contact information and some encrypted and hashed passwords.” The breach was claimed later that month by the Play ransomware

React to this headline:

Loading spinner

Microchip Technology confirms theft of employee data Read More »

The future of automotive cybersecurity: Treating vehicles as endpoints

automotive security, connected cars, cyber risk, Don't miss, Features, Hot stuff, managed security, News, Nuspire Networks, opinion /

The future of automotive cybersecurity: Treating vehicles as endpoints 2024-09-05 at 07:31 By Zeljka Zorz The automotive industry is facing many of the same cybersecurity risks and threats that successful organizations in other sectors are up against, but it’s also battling some distinct ones. In this Help Net Security interview, Josh Smith, Principal Threat Analyst

React to this headline:

Loading spinner

The future of automotive cybersecurity: Treating vehicles as endpoints Read More »

How to gamify cybersecurity preparedness

cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, skill development, strategy, Tanium, training /

How to gamify cybersecurity preparedness 2024-09-05 at 07:01 By Help Net Security Organizations’ preparedness and resilience against threats isn’t keeping pace with cybercriminals’ advancements. Some CEOs still believe that cybersecurity requires episodic intervention rather than ongoing attention. That isn’t the reality for many companies; cyber threat preparedness requires a concerted training effort, so cybersecurity teams

React to this headline:

Loading spinner

How to gamify cybersecurity preparedness Read More »

Enterprise DSPM for Fortune 500 – 1touch.io is your go-to solution

1touch.io, Don't miss, News, Video /

Enterprise DSPM for Fortune 500 – 1touch.io is your go-to solution 2024-09-05 at 06:31 By Help Net Security In this Help Net Security video, Jesse Sedler, VP of Product at 1touch.io, provides a compelling overview of the company’s innovative data security posture management solutions. Founded in 2017 by industry veterans, 1touch.io leverages cutting-edge AI to

React to this headline:

Loading spinner

Enterprise DSPM for Fortune 500 – 1touch.io is your go-to solution Read More »

North Korean hackers’ social engineering tricks

Cryptocurrency, Cryptocurrency Exchange, Don't miss, government-backed attacks, Hot stuff, News, North Korea, social engineering /

North Korean hackers’ social engineering tricks 2024-09-04 at 15:31 By Zeljka Zorz “North Korean malicious cyber actors conducted research on a variety of targets connected to cryptocurrency exchange-traded funds (ETFs) over the last several months,” the FBI has warned through a public service announcement. This suggests that they are likely to target companies associated with

React to this headline:

Loading spinner

North Korean hackers’ social engineering tricks Read More »

Vulnerability allows Yubico security keys to be cloned

Don't miss, Encryption, hardware, Hot stuff, Infineon Technologies, MFA, News, research, security key, Yubico /

Vulnerability allows Yubico security keys to be cloned 2024-09-04 at 13:31 By Zeljka Zorz Researchers have unearthed a cryptographic vulnerability in popular Yubico (FIDO) hardware security keys and modules that may allow attackers to clone the devices. But the news is not as catastrophic as it may seem at first glance. “The attacker would need

React to this headline:

Loading spinner

Vulnerability allows Yubico security keys to be cloned Read More »

Protecting national interests: Balancing cybersecurity and operational realities

Beyond Blue, CISO, critical infrastructure, cybersecurity, Don't miss, Features, GCHQ, Government, Hot stuff, NCSC, News, opinion, strategy, tips /

Protecting national interests: Balancing cybersecurity and operational realities 2024-09-04 at 07:31 By Mirko Zorz With cyber threats becoming increasingly sophisticated and targeting critical infrastructure, in this Help Net Security interview, David Ferbrache, managing director of Beyond Blue, discusses the current state of cybersecurity readiness and resilience. Ferbrache talks about the complexities of managing both traditional

React to this headline:

Loading spinner

Protecting national interests: Balancing cybersecurity and operational realities Read More »

OpenBAS: Open-source breach and attack simulation platform

Don't miss, Filigran, GitHub, Hot stuff, News, open source, software /

OpenBAS: Open-source breach and attack simulation platform 2024-09-04 at 07:02 By Mirko Zorz OpenBAS is an open-source platform that enables organizations to plan, schedule, and execute crisis exercises, adversary simulations, and breach simulations. Compliant with ISO 22398 standards, OpenBAS is built as a modern web application featuring a user-centric interface and a RESTful API. The

React to this headline:

Loading spinner

OpenBAS: Open-source breach and attack simulation platform Read More »

Cybersecurity jobs available right now: September 4, 2024

cybersecurity jobs, Don't miss, Hot stuff, News /

Cybersecurity jobs available right now: September 4, 2024 2024-09-04 at 06:31 By Mirko Zorz Cyber Systems Operations United States Air Force | USA | On-site – View job details The United States Air Force is looking for a Cyber Systems Operations Specialist to design, install, and support systems to ensure they operate properly and remain

React to this headline:

Loading spinner

Cybersecurity jobs available right now: September 4, 2024 Read More »

Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261)

access point, consumer, Don't miss, firewall, Hot stuff, ISP, News, router, security update, SMBs, vulnerability, Zyxel /

Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261) 2024-09-03 at 16:01 By Zeljka Zorz Zyxel has patched a myriad of vulnerabilities in its various networking devices, including a critical one (CVE-2024-7261) that may allow unauthenticated attackers to execute OS commands on many Zyxel access points (APs) and security routers by

React to this headline:

Loading spinner

Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261) Read More »

Scroll to Top