Don’t miss

Cilium: Open-source eBPF-based networking, security, observability

Cilium: Open-source eBPF-based networking, security, observability 2024-06-21 at 07:01 By Help Net Security Cilium is an open-source, cloud-native solution that leverages eBPF technology in the Linux kernel to provide, secure, and monitor network connectivity between workloads. What is eBPF? eBPF is a technology originating from the Linux kernel that allows sandboxed programs to run in […]

React to this headline:

Loading spinner

Cilium: Open-source eBPF-based networking, security, observability Read More »

Crown Equipment cyberattack confirmed, manufacturing disrupted for weeks

Crown Equipment cyberattack confirmed, manufacturing disrupted for weeks 2024-06-20 at 17:46 By Zeljka Zorz Ohio-based Crown Equipment, which is among the largest industrial and forklift truck manufacturers in the world, has become a victim of a cyberattack “by an international cybercriminal organization,” the company has finally confirmed to its employees on Tuesday. The confirmation came

React to this headline:

Loading spinner

Crown Equipment cyberattack confirmed, manufacturing disrupted for weeks Read More »

CDK Global cyberattack cripples 15,000 US auto dealerships

CDK Global cyberattack cripples 15,000 US auto dealerships 2024-06-20 at 13:46 By Zeljka Zorz CDK Global, a software-as-a-service (SaaS) provider for car dealers and auto equipment manufacturers, has suffered a cyberattack that has temporarily disrupted its customers’ operations. About CDK and its platform CDK’s platform is used by 15,000+ car dealerships across North America to

React to this headline:

Loading spinner

CDK Global cyberattack cripples 15,000 US auto dealerships Read More »

From passwords to passkeys: Enhancing security and user satisfaction

From passwords to passkeys: Enhancing security and user satisfaction 2024-06-20 at 07:01 By Mirko Zorz In this Help Net Security interview, Julianna Lamb, Stytch CTO, discusses the advantages of passwordless authentication. Eliminating passwords reduces data breaches and improves user experience by simplifying the login process. Lamb also addresses the technical challenges and economic implications of

React to this headline:

Loading spinner

From passwords to passkeys: Enhancing security and user satisfaction Read More »

eBook: CISO guide to password security

eBook: CISO guide to password security 2024-06-20 at 05:46 By Help Net Security Password security has seen dramatic shifts driven by the escalation of cyber threats and technological advancements. This eBook covers: Best practices for NIST-compliant password security Key benefits of automating password policies It is not just about creating barriers to unauthorized access but

React to this headline:

Loading spinner

eBook: CISO guide to password security Read More »

Clever macOS malware delivery campaign targets cryptocurrency users

Clever macOS malware delivery campaign targets cryptocurrency users 2024-06-19 at 14:16 By Zeljka Zorz Cryptocurrency users are being targeted with legitimate-looking but fake apps that deliver information-stealing malware instead, Recorder Future’s researchers are warning. The threat actor behind this complex scheme is going after both Windows and Mac users, and leverages social media and messaging

React to this headline:

Loading spinner

Clever macOS malware delivery campaign targets cryptocurrency users Read More »

How can SLTTs defend against cyber threats?

How can SLTTs defend against cyber threats? 2024-06-19 at 11:02 By Help Net Security Managing cybersecurity for any organization is no easy feat. Improving cybersecurity maturity is often even more difficult, made increasingly challenging by the eye-watering costs of cybersecurity products and solutions. And when you are responsible for securing citizens’ data as a U.S.

React to this headline:

Loading spinner

How can SLTTs defend against cyber threats? Read More »

SELKS: Open-source Suricata IDS/IPS, network security monitoring, threat hunting

SELKS: Open-source Suricata IDS/IPS, network security monitoring, threat hunting 2024-06-19 at 07:33 By Mirko Zorz SELKS is a free, open-source, turnkey solution for Suricata-based network intrusion detection and protection (IDS/IPS), network security monitoring (NSM), and threat hunting. The project is developed and maintained by Stamus Networks. SELKS is an effective production-grade solution for many small

React to this headline:

Loading spinner

SELKS: Open-source Suricata IDS/IPS, network security monitoring, threat hunting Read More »

Find out which cybersecurity threats organizations fear the most

Find out which cybersecurity threats organizations fear the most 2024-06-19 at 06:31 By Help Net Security This article compiles excerpts from various reports, presenting statistics and insights on cybersecurity threats faced by businesses and individuals alike. Cyber insurance isn’t the answer for ransom payments Veeam | 2024 Ransomware Trends Report | June 2024 Ransomware remains

React to this headline:

Loading spinner

Find out which cybersecurity threats organizations fear the most Read More »

Medibank breach: Security failures revealed (lack of MFA among them)

Medibank breach: Security failures revealed (lack of MFA among them) 2024-06-18 at 17:31 By Zeljka Zorz The 2022 Medibank data breach / extortion attack perpetrated by the REvil ransomware group started by the attackers leveraging login credentials stolen from a private computer of an employee of a Medibank’s IT contractor. According to a statement by

React to this headline:

Loading spinner

Medibank breach: Security failures revealed (lack of MFA among them) Read More »

Critical RCE flaws in vCenter Server fixed (CVE-2024-37079, CVE-2024-37080)

Critical RCE flaws in vCenter Server fixed (CVE-2024-37079, CVE-2024-37080) 2024-06-18 at 12:16 By Zeljka Zorz VMware by Broadcom has fixed two critical vulnerabilities (CVE-2024-37079, CVE-2024-37080) affecting VMware vCenter Server and products that contain it: vSphere and Cloud Foundation. “A malicious actor with network access to vCenter Server may trigger these vulnerabilities by sending a specially

React to this headline:

Loading spinner

Critical RCE flaws in vCenter Server fixed (CVE-2024-37079, CVE-2024-37080) Read More »

eBook: The Art & Science of Secure Software Development

eBook: The Art & Science of Secure Software Development 2024-06-18 at 11:46 By Help Net Security Software security requires a creative and disciplined approach. It involves having the vision to develop secure strategy, tactics, and execution. Excelling in the discipline demands thinking through the entire software lifecycle and enforcing security as a first-thought process. The

React to this headline:

Loading spinner

eBook: The Art & Science of Secure Software Development Read More »

How to create your cybersecurity “Google Maps”: A step-by-step guide for security teams

How to create your cybersecurity “Google Maps”: A step-by-step guide for security teams 2024-06-18 at 08:01 By Help Net Security Cybersecurity isn’t just about firewalls and antivirus. It’s about understanding how your defenses, people, and processes work together. Just like Google Maps revolutionized navigation, process mapping can revolutionize how you understand and manage your security

React to this headline:

Loading spinner

How to create your cybersecurity “Google Maps”: A step-by-step guide for security teams Read More »

Enhancing security through collaboration with the open-source community

Enhancing security through collaboration with the open-source community 2024-06-18 at 07:32 By Mirko Zorz In this Help Net Security interview, Alan DeKok, CEO at NetworkRADIUS, discusses the need for due diligence in selecting and maintaining open-source tools, and brings out the potential risks and benefits of collaborating with the open-source community to enhance software security.

React to this headline:

Loading spinner

Enhancing security through collaboration with the open-source community Read More »

Preparing for a post-quantum future

Preparing for a post-quantum future 2024-06-18 at 06:31 By Help Net Security Post-quantum cryptography (PQC) is a hot topic. A recent paper from Tsinghua University raised doubts about lattice-based cryptography for PQC, though an error was found. This has sparked questions about the strength of soon-to-be-standardized PQC algorithms. In this Help Net Security video, Kevin

React to this headline:

Loading spinner

Preparing for a post-quantum future Read More »

Malware peddlers love this one social engineering trick!

Malware peddlers love this one social engineering trick! 2024-06-17 at 16:16 By Zeljka Zorz Attackers are increasingly using a clever social engineering technique to get users to install malware, Proofpoint researchers are warning. The message warns of a problem but also offers a way to fix it (Source: Proofpoint) Social engineering users to install malware

React to this headline:

Loading spinner

Malware peddlers love this one social engineering trick! Read More »

Low code, high stakes: Addressing SQL injection

Low code, high stakes: Addressing SQL injection 2024-06-17 at 08:01 By Help Net Security Like a bad movie that seems to go on forever, SQL injection (SQLi) attacks have lingered since the late 1990s. Due to various factors, they remain the third most common source of web application vulnerabilities. Reasons include human error, new technologies

React to this headline:

Loading spinner

Low code, high stakes: Addressing SQL injection Read More »

The rise of SaaS security teams

The rise of SaaS security teams 2024-06-17 at 07:31 By Mirko Zorz In this Help Net Security interview, Hillary Baron, Senior Technical Director for Research at CSA, highlights that the recent surge in organizations establishing dedicated SaaS security teams is driven by significant data breaches involving widely used platforms. What motivated the recent surge in

React to this headline:

Loading spinner

The rise of SaaS security teams Read More »

Ghidra: Open-source software reverse engineering framework

Ghidra: Open-source software reverse engineering framework 2024-06-17 at 07:01 By Help Net Security Ghidra, a cutting-edge open-source software reverse engineering (SRE) framework, is a product of the National Security Agency (NSA) Research Directorate. The framework features high-end software analysis tools, enabling users to analyze compiled code across various platforms, including Windows, macOS, and Linux. Ghidra’s

React to this headline:

Loading spinner

Ghidra: Open-source software reverse engineering framework Read More »

Microsoft delays Windows Recall rollout, more security testing needed

Microsoft delays Windows Recall rollout, more security testing needed 2024-06-14 at 15:46 By Zeljka Zorz Microsoft is delaying the release of Recall, a controversial Windows 11 feature that will allow users to search their computer for specific content that has previously been viewed by them. A preview of Recall should have been broadly available on

React to this headline:

Loading spinner

Microsoft delays Windows Recall rollout, more security testing needed Read More »

Scroll to Top