Don’t miss

Understanding the layers of LLM security for business integration

Artificial Intelligence, ChatGPT, cybersecurity, data, Don't miss, generative AI, Hot stuff, Privacy, Video, Wipro /

Understanding the layers of LLM security for business integration 04/10/2023 at 07:01 By Help Net Security In this Help Net Security video, Ivana Bartoletti, Global Privacy Officer at Wipro, discusses how organizations should deal with and deploy LLMs securely. Those who push the apocalypse scenario of monster machines taking over the world and destroying humans […]

React to this headline:

Loading spinner

Understanding the layers of LLM security for business integration Read More »

Zero-day in Arm GPU drivers exploited in targeted attacks (CVE-2023-4211)

0-day, Android, Arm, Don't miss, firmware, Google, Hot stuff, Huawei, News, Samsung, security update, smartphones /

Zero-day in Arm GPU drivers exploited in targeted attacks (CVE-2023-4211) 03/10/2023 at 14:16 By Zeljka Zorz A vulnerability (CVE-2023-4211) in the kernel drivers for several Mali GPUs “may be under limited, targeted exploitation,” British semiconductor manufacturer Arm has confirmed on Monday, when it released drivers updated with patches. Arm’s Mali GPUs are used on a

React to this headline:

Loading spinner

Zero-day in Arm GPU drivers exploited in targeted attacks (CVE-2023-4211) Read More »

Evolving conversations: Cybersecurity as a business risk

attacks, BEC scams, boardroom, CISO, Cloud, collaboration, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Insider Threat, investment, News, opinion, Ransomware, strategy, Trustwave /

Evolving conversations: Cybersecurity as a business risk 03/10/2023 at 08:03 By Help Net Security Board members often lack technical expertise and may not fully grasp cyber risks. On the other hand, CISOs are more accustomed to interfacing with IT staff. This is understandable; the board is responsible for guiding high-level decision-making. They rarely become involved

React to this headline:

Loading spinner

Evolving conversations: Cybersecurity as a business risk Read More »

CISO’s compass: Mastering tech, inspiring teams, and confronting risk

CISO, Compliance, cyber insurance, cybersecurity, data, Don't miss, Features, Hot stuff, law, News, opinion, Privacy, regulation, Risk Management, skill development, Skillsoft, strategy /

CISO’s compass: Mastering tech, inspiring teams, and confronting risk 03/10/2023 at 07:32 By Mirko Zorz In this Help Net Security interview, Okey Obudulu, CISO at Skillsoft, talks about the increasing complexity of the CISO role and challenges they face. He discusses the business environment, tech innovation, the evolving regulatory landscape, limited resources, and budgets. Obudulu

React to this headline:

Loading spinner

CISO’s compass: Mastering tech, inspiring teams, and confronting risk Read More »

GenAI in software surges despite risks

Artificial Intelligence, code, cybersecurity, DevOps, Don't miss, generative AI, Hot stuff, open source, software, Sonatype, Video, vulnerability /

GenAI in software surges despite risks 03/10/2023 at 07:05 By Help Net Security In this Help Net Security video, Ilkka Turunen, Field CTO at Sonatype, discusses how generative AI influences and impacts software engineers’ work and the software development lifecycle. According to a recent Sonatype survey of 800 developers (DevOps) and application security (SecOps) leaders,

React to this headline:

Loading spinner

GenAI in software surges despite risks Read More »

Chalk: Open-source software security and infrastructure visibility tool

Crash Override, cybersecurity, Don't miss, GitHub, News, software, software development /

Chalk: Open-source software security and infrastructure visibility tool 03/10/2023 at 06:32 By Mirko Zorz Chalk is a free, open-source tool that helps improve software security. You add a single line to your build script, and it will automatically collect and inject metadata into every build artifact: source code, binaries, and containers. Gaining visibility Chalk enables

React to this headline:

Loading spinner

Chalk: Open-source software security and infrastructure visibility tool Read More »

Critical zero-days in Exim revealed, only 3 have been fixed

0-day, Don't miss, email security, Exim, Hot stuff, Linux, News, security update, Trend Micro, vulnerability disclosure, WatchTowr /

Critical zero-days in Exim revealed, only 3 have been fixed 02/10/2023 at 17:03 By Zeljka Zorz Six zero-days in Exim, the most widely used mail transfer agent (MTA), have been revealed by Trend Micro’s Zero Day Initiative (ZDI) last Wednesday. Due to what seems to be insufficient information and poor communication, fixes for only three

React to this headline:

Loading spinner

Critical zero-days in Exim revealed, only 3 have been fixed Read More »

Critical vulnerability in WS_FTP Server exploited by attackers (CVE-2023-40044)

Assetnote, Don't miss, file-sharing, Hot stuff, News, Progress, Rapid7, security update, vulnerability /

Critical vulnerability in WS_FTP Server exploited by attackers (CVE-2023-40044) 02/10/2023 at 14:17 By Helga Labus Progress Software, the company behind the recently hacked MOVEit file-sharing tool, has recently fixed two critical vulnerabilities (CVE-2023-40044, CVE-2023-42657) in WS_FTP Server, another popular secure file transfer solution. Proof-of-concept code for CVE-2023-40044 has been available since Friday, and Rapid7 researchers

React to this headline:

Loading spinner

Critical vulnerability in WS_FTP Server exploited by attackers (CVE-2023-40044) Read More »

Most dual ransomware attacks occur within 48 hours

Don't miss, Emsisoft, FBI, Hot stuff, News, Ransomware, Sophos, Symantec, trends /

Most dual ransomware attacks occur within 48 hours 02/10/2023 at 12:16 By Helga Labus Since July 2023, the Federal Bureau of Investigation (FBI) has noticed a new trend: dual ransomware attacks on the same victim, occurring in close proximity of one another. Dual ransomware attacks Dual ransomware attacks are when against the same victim occurr

React to this headline:

Loading spinner

Most dual ransomware attacks occur within 48 hours Read More »

9 essential ransomware guides and checklists available for free

ANSSI, CISA, cybercrime, Don't miss, DXC Technology, Egnyte, FTC, Government, guide, Hot stuff, how-to, IBM, IBM X-Force, Malware, National Cyber Security Centre, News, Ransomware, strategy, tips /

9 essential ransomware guides and checklists available for free 02/10/2023 at 08:03 By Help Net Security According to Fortinet, ransomware activity has intensified, registering an increase of 13 times compared to the beginning of 2023 in terms of all malware detections. The rise of Ransomware-as-a-Service has primarily driven this surge in ransomware variations. According to

React to this headline:

Loading spinner

9 essential ransomware guides and checklists available for free Read More »

Securing GitHub Actions for a safer DevOps pipeline

CISA, Cloud, cloud security, credentials, cybersecurity, DevOps, Don't miss, Features, GitHub, Hot stuff, Kubernetes, monitoring, News, NSA, open source, opinion, StepSecurity /

Securing GitHub Actions for a safer DevOps pipeline 02/10/2023 at 07:32 By Mirko Zorz GitHub Actions provides a platform for continuous integration and continuous delivery (CI/CD), enabling your build, test, and deployment process automation. It allows you to establish workflows that build and test each pull request in your repository and deploy approved pull requests

React to this headline:

Loading spinner

Securing GitHub Actions for a safer DevOps pipeline Read More »

Protecting against FraudGPT, ChatGPT’s evil twin

Artificial Intelligence, ChatGPT, credentials, cybercrime, cybercriminals, cybersecurity, dark web, Don't miss, Email, fraud, Hot stuff, identity management, My1Login, passwords, phishing, scams, Video /

Protecting against FraudGPT, ChatGPT’s evil twin 02/10/2023 at 07:01 By Help Net Security FraudGPT is the evil counterpart to ChatGPT. Criminals use it to target businesses with phishing emails and scams with speed and accuracy like never before. The AI can be prompted to create the most realistic phishing emails, perfected down to a business’

React to this headline:

Loading spinner

Protecting against FraudGPT, ChatGPT’s evil twin Read More »

Malicious ads creep into Bing Chat responses

Artificial Intelligence, Don't miss, Hot stuff, malvertising, Malwarebytes, Microsoft, News, search engine /

Malicious ads creep into Bing Chat responses 29/09/2023 at 16:46 By Helga Labus Users of Bing Chat, the GPT-4-powered search engine Microsoft introduced earlier this year, are being targeted with ads leading to malware. According to Malwarebytes researchers, searching for Advanced IP Scanner (network-scanning software) or MyCase (legal case management software) may result in an

React to this headline:

Loading spinner

Malicious ads creep into Bing Chat responses Read More »

How should organizations navigate the risks and opportunities of AI?

Artificial Intelligence, Conquest Cyber, cybercriminals, cybersecurity, deepfakes, Don't miss, Expert analysis, Expert corner, Hot stuff, machine learning, opinion, phishing, strategy /

How should organizations navigate the risks and opportunities of AI? 29/09/2023 at 08:33 By Help Net Security As we realize exciting new advancements in the application of generative pre-trained transformer (GPT) technology, our adversaries are finding ingenious ways to leverage these capabilities to inflict harm. There’s evidence to suggest that offensive actors are using AI

React to this headline:

Loading spinner

How should organizations navigate the risks and opportunities of AI? Read More »

Why California’s Delete Act matters for the whole country

BlackCloak, CISO, cybercrime, cybercriminals, cybersecurity, dark web, data, Don't miss, Government, Hot stuff, identity, law, Privacy, regulation, USA, Video /

Why California’s Delete Act matters for the whole country 29/09/2023 at 06:32 By Help Net Security The California State Legislature passed Senate Bill 362, known as the Delete Act, to simplify the process for consumers to ask to remove their personal data gathered by data brokers. In this Help Net Security video, Dr. Chris Pierson,

React to this headline:

Loading spinner

Why California’s Delete Act matters for the whole country Read More »

Yet another Chrome zero-day exploited in the wild! (CVE-2023-5217)

0-day, Chrome, Don't miss, Google, Hot stuff, News, security update, vulnerability /

Yet another Chrome zero-day exploited in the wild! (CVE-2023-5217) 28/09/2023 at 14:47 By Helga Labus Google has fixed another critical zero-day vulnerability (CVE-2023-5217) in Chrome that is being exploited in the wild. About CVE-2023-5217 The vulnerability is caused by a heap buffer overflow in vp8 encoding in libvpx – a video codec library from Google

React to this headline:

Loading spinner

Yet another Chrome zero-day exploited in the wild! (CVE-2023-5217) Read More »

How to avoid the 4 main pitfalls of cloud identity management

access management, cloud security, DevOps, Don't miss, Expert analysis, Expert corner, identity, identity management, Lacework, misconfiguration, News, opinion /

How to avoid the 4 main pitfalls of cloud identity management 28/09/2023 at 08:02 By Help Net Security Securing cloud identities isn’t easy. Organizations need to complete a laundry list of actions to confirm proper configuration, ensure clear visibility into identities, determine and understand who can take what actions, and on top of it all

React to this headline:

Loading spinner

How to avoid the 4 main pitfalls of cloud identity management Read More »

The hidden costs of neglecting cybersecurity for small businesses

Artificial Intelligence, attacks, Compliance, cybersecurity, Don't miss, education, Encryption, Features, Hot stuff, Incident Response, investment, Judy Security, MFA, News, opinion, passwords, phishing, regulation, threat, training, vulnerability /

The hidden costs of neglecting cybersecurity for small businesses 28/09/2023 at 07:31 By Mirko Zorz In this Help Net Security interview, Raffaele Mautone, CEO of Judy Security, talks about the cybersecurity problems that small businesses face and the need for prioritization to save businesses from potential fines and damage to their brand reputation. He also

React to this headline:

Loading spinner

The hidden costs of neglecting cybersecurity for small businesses Read More »

Kubernetes attacks in 2023: What it means for the future

attacks, Cloud, containers, cybersecurity, Don't miss, Hot stuff, KSOC, Kubernetes, Video /

Kubernetes attacks in 2023: What it means for the future 28/09/2023 at 07:01 By Help Net Security In 2023, a wave of new attacks targeting Kubernetes has been reported, from Dero and Monero crypto mining to Scarleteel and RBAC-Buster. In this Help Net Security video, Jimmy Mesta, CTO at KSOC, explores what it would take

React to this headline:

Loading spinner

Kubernetes attacks in 2023: What it means for the future Read More »

New twist on ZeroFont phishing technique spotted in the wild

Don't miss, email security, Hot stuff, News, Outlook, phishing, SANS ISC /

New twist on ZeroFont phishing technique spotted in the wild 27/09/2023 at 15:47 By Helga Labus Cybercriminals are leveraging the ZeroFont technique to trick users into trusting phishing emails, SANS ISC handler Jan Kopriva has warned. The ZeroFont phishing attack Documented and named by Avanan in 2018, the ZeroFont technique involves using text written in

React to this headline:

Loading spinner

New twist on ZeroFont phishing technique spotted in the wild Read More »

Scroll to Top