Don’t miss

Mosint: Open-source automated email OSINT tool

Don't miss, Email, GitHub, Hot stuff, News, open source, OSINT /

Mosint: Open-source automated email OSINT tool 30/11/2023 at 08:31 By Mirko Zorz Mosint is an automated email OSINT tool written in Go designed to facilitate quick and efficient investigations of target emails. It integrates multiple services, providing security researchers with rapid access to a broad range of information. “In my previous job, I actively worked […]

React to this headline:

Loading spinner

Mosint: Open-source automated email OSINT tool Read More »

What custom GPTs mean for the future of phishing

Artificial Intelligence, ChatGPT, code, cybersecurity, Don't miss, exploit, generative AI, hacker, Hot stuff, OpenAI, Perception Point, phishing, Video /

What custom GPTs mean for the future of phishing 30/11/2023 at 08:03 By Help Net Security OpenAI is putting more power into the hands of users of GenAI, allowing them to create their custom AI agents without writing code. These custom GPTs are the latest leap forward in the rapidly evolving AI landscape, but this

React to this headline:

Loading spinner

What custom GPTs mean for the future of phishing Read More »

Bridging the risk exposure gap with strategies for internal auditors

AuditBoard, auditing, Compliance, cybersecurity, data security, Don't miss, Features, Hot stuff, News, opinion, Risk Management, strategy, tips /

Bridging the risk exposure gap with strategies for internal auditors 30/11/2023 at 07:31 By Mirko Zorz In this Help Net Security interview, Richard Chambers, Senior Internal Audit Advisor at AuditBoard, discusses the transformational role of the internal audit function and risk management in helping organizations bridge the gap in risk exposure. He talks about how

React to this headline:

Loading spinner

Bridging the risk exposure gap with strategies for internal auditors Read More »

PoCs for critical Arcserve UDP vulnerabilities released

Arcserve, Data Protection, disaster recovery, Don't miss, enterprise, News, PoC, Tenable, vulnerability /

PoCs for critical Arcserve UDP vulnerabilities released 29/11/2023 at 17:46 By Zeljka Zorz Arcserve has fixed critical security vulnerabilities (CVE-2023-41998, CVE-2023-41999, CVE-2023-42000) in its Unified Data Protection (UDP) solution, PoCs for which have been published by Tenable researchers on Monday. The vulnerabilities Arcserve UDP is a popular enterprise data protection, backup and disaster recovery solution

React to this headline:

Loading spinner

PoCs for critical Arcserve UDP vulnerabilities released Read More »

Google fixes Chrome zero day exploited in the wild (CVE-2023-6345)

Chrome, Don't miss, exploit, Google, Hot stuff, News, security update, vulnerability /

Google fixes Chrome zero day exploited in the wild (CVE-2023-6345) 29/11/2023 at 14:46 By Helga Labus Google has released an urgent security update to fix a number of vulnerabilities in Chrome browser, including a zero-day vulnerability (CVE-2023-6345) that is being actively exploited in the wild. About CVE-2023-6345 CVE-2023-6345, reported by Benoît Sevens and Clément Lecigne

React to this headline:

Loading spinner

Google fixes Chrome zero day exploited in the wild (CVE-2023-6345) Read More »

Okta breach: Hackers stole info on ALL customer support users

authentication, data breach, Don't miss, Hot stuff, News, Okta, phishing, privileged identity, social engineering /

Okta breach: Hackers stole info on ALL customer support users 29/11/2023 at 14:16 By Zeljka Zorz The scope of the recent breach of the Okta customer support system is much wider than initially established, the company has admitted on Tuesday: the attackers downloaded a report that contained the names and email addresses of all Okta

React to this headline:

Loading spinner

Okta breach: Hackers stole info on ALL customer support users Read More »

5 resolutions to prepare for SEC’s new cyber disclosure rules

CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, opinion, Radware, Risk Management, threat /

5 resolutions to prepare for SEC’s new cyber disclosure rules 29/11/2023 at 08:32 By Help Net Security 2023 has been marked as a year of global conflict and unrest, all of which will impact the cyber threat landscape for years to come. However, one of the most significant cyber security developments for 2024 isn’t driven

React to this headline:

Loading spinner

5 resolutions to prepare for SEC’s new cyber disclosure rules Read More »

Strategies for cultivating a supportive culture in zero-trust adoption

authentication, automation, CIO, CISA, Cisco, CISO, cybersecurity, Don't miss, Features, Hot stuff, identity, News, NIST, opinion, SOAR, strategy, zero trust /

Strategies for cultivating a supportive culture in zero-trust adoption 29/11/2023 at 08:01 By Mirko Zorz In this Help Net Security interview, Wolfgang Goerlich, Advisory CISO at Cisco, discusses the benefits of implementing a mature zero-trust model for both security and business outcomes, revealing a decrease in reported security incidents and enhanced adaptability. Goerlich emphasizes the

React to this headline:

Loading spinner

Strategies for cultivating a supportive culture in zero-trust adoption Read More »

Enterprises prepare for the inevitable cyber attack

Commvault, cyber resilience, cybersecurity, Don't miss, Hot stuff, Risk Management, Threat Intelligence, Video /

Enterprises prepare for the inevitable cyber attack 29/11/2023 at 07:31 By Help Net Security Recent IDC research shows that in many cases, senior executives/line-of-business leaders are minimally engaged in their company’s cyber preparedness initiatives. In fact, 52% of senior leaders have no involvement in their company’s cyber cases. In this Help Net Security video, Rahul

React to this headline:

Loading spinner

Enterprises prepare for the inevitable cyber attack Read More »

Vigil: Open-source LLM security scanner

Artificial Intelligence, Don't miss, GitHub, Hot stuff, News, Python, scanning /

Vigil: Open-source LLM security scanner 29/11/2023 at 07:01 By Mirko Zorz Vigil is an open-source security scanner that detects prompt injections, jailbreaks, and other potential threats to Large Language Models (LLMs). Prompt injection arises when an attacker successfully influences an LLM using specially designed inputs. This leads to the LLM unintentionally carrying out the objectives

React to this headline:

Loading spinner

Vigil: Open-source LLM security scanner Read More »

Slovenian power company hit by ransomware

Barrier Networks, critical infrastructure, Don't miss, energy sector, EU, Hot stuff, News, Ransomware /

Slovenian power company hit by ransomware 28/11/2023 at 18:17 By Helga Labus Slovenian power generation company Holding Slovenske Elektrarne (HSE) has been hit by ransomware and has had some of its data encrypted. The attack HSE is a state-owned company that controls numerous hydroelectric, thermal and coal-fired power plants. The company has declined to share

React to this headline:

Loading spinner

Slovenian power company hit by ransomware Read More »

Critical ownCloud flaw under attack (CVE-2023-49103)

Don't miss, GreyNoise, Hot stuff, News, ownCloud, SANS ISC, vulnerability /

Critical ownCloud flaw under attack (CVE-2023-49103) 28/11/2023 at 14:17 By Zeljka Zorz Attackers are trying to exploit a critical information disclosure vulnerability (CVE-2023-49103) in ownCloud, a popular file sharing and collaboration platform used in enterprise settings. Greynoise and SANS ISC say attemps have been first spotted over the weekend, though Dr. Johannes Ullrich, Dean of

React to this headline:

Loading spinner

Critical ownCloud flaw under attack (CVE-2023-49103) Read More »

SMBs face surge in “malware free” attacks

BEC scams, Don't miss, Hot stuff, Huntress, Malware, News, Ransomware, remote management, SMBs, trends /

SMBs face surge in “malware free” attacks 28/11/2023 at 12:51 By Helga Labus “Malware free” attacks, attackers’ increased reliance on legitimate tools and scripting frameworks, and BEC scams were the most prominent threats small and medium businesses (SMBs) faced in Q3 2023, says the inaugural SMB Threat Report by Huntress, a company that provides a

React to this headline:

Loading spinner

SMBs face surge in “malware free” attacks Read More »

Stop panic buying your security products and start prioritizing

cybersecurity, CYE, Data Protection, Don't miss, Expert analysis, Expert corner, Hot stuff, investment, opinion /

Stop panic buying your security products and start prioritizing 28/11/2023 at 09:02 By Help Net Security As 2024 is rounding the corner, many companies are making a fresh start with a new cybersecurity budget. But with the growing number of cyberattacks and their increasingly complex nature, even those companies whose cybersecurity budgets have gone up

React to this headline:

Loading spinner

Stop panic buying your security products and start prioritizing Read More »

How passkeys are reshaping user security and convenience

1Password, authentication, CISO, cybersecurity, Don't miss, Features, Hot stuff, MFA, News, opinion, passwordless, passwords, strategy, tips /

How passkeys are reshaping user security and convenience 28/11/2023 at 08:34 By Mirko Zorz In this Help Net Security interview, Anna Pobletts, Head of Passwordless at 1Password, talks about passkey adoption and its acceleration in 2024. This trend is particularly notable among highly-regulated services like fintech and banking, where users seek a sign-in experience that

React to this headline:

Loading spinner

How passkeys are reshaping user security and convenience Read More »

Guarding the gateway: Securing dispersed networks

Cloud, cybersecurity, Don't miss, Hot stuff, Netography, network, Video /

Guarding the gateway: Securing dispersed networks 28/11/2023 at 08:00 By Help Net Security The network is at an inflection point, and organizations’ networks have become more dispersed amongst the cloud and on-prem, prompting a greater need for visibility today than ever. As the nature of the network shifts, teams face challenges securing their organization’s infrastructure,

React to this headline:

Loading spinner

Guarding the gateway: Securing dispersed networks Read More »

Product showcase: New ESET Home Security

antivirus, cybersecurity, Don't miss, ESET, News, Product showcase, software /

Product showcase: New ESET Home Security 28/11/2023 at 07:32 By Help Net Security ESET is thrilled to announce our new cutting-edge consumer solutions. Our consumer offering is more than just security – it is a comprehensive portfolio designed to keep our customers safe in today’s digital landscape. We are dedicated to advancing technology without compromising

React to this headline:

Loading spinner

Product showcase: New ESET Home Security Read More »

Report: The state of authentication security 2023

Don't miss, Enzoic, News, Whitepapers and webinars /

Report: The state of authentication security 2023 28/11/2023 at 06:48 By Help Net Security This survey set out to explore these challenges, to identify common practices, and to provide insight into how organizations can bolster their defenses. Key findings from the survey include: Current authentication practices Authentication-related cyberattacks Security incidents and impact Password management Security

React to this headline:

Loading spinner

Report: The state of authentication security 2023 Read More »

Released: AI security guidelines backed by 18 countries

Artificial Intelligence, CISA, Don't miss, Government, guidelines, Hot stuff, machine learning, NCSC, News /

Released: AI security guidelines backed by 18 countries 27/11/2023 at 17:32 By Zeljka Zorz The UK National Cyber Security Centre (NCSC) has published new guidelines that can help developers and providers of AI-powered systems “build AI systems that function as intended, are available when needed, and work without revealing sensitive data to unauthorised parties.” How

React to this headline:

Loading spinner

Released: AI security guidelines backed by 18 countries Read More »

PoC for Splunk Enterprise RCE flaw released (CVE-2023-46214)

data analytics, Don't miss, enterprise, Hot stuff, News, PoC, Splunk, vulnerability /

PoC for Splunk Enterprise RCE flaw released (CVE-2023-46214) 27/11/2023 at 13:47 By Zeljka Zorz A proof-of-concept (PoC) exploit for a high-severity flaw in Splunk Enterprise (CVE-2023-46214) that can lead to remote code execution has been made public. Users are advised to implement the provided patches or workarounds quickly. About CVE-2023-46214 Splunk Enterprise is a solution

React to this headline:

Loading spinner

PoC for Splunk Enterprise RCE flaw released (CVE-2023-46214) Read More »

Scroll to Top