Don’t miss

DarkBERT could help automate dark web mining for cyber threat intelligence

Artificial Intelligence, dark web, Don't miss, Hot stuff, News, research, Threat Intelligence /

DarkBERT could help automate dark web mining for cyber threat intelligence 19/05/2023 at 13:05 By Helga Labus Researchers have developed DarkBERT, a language model pretrained on dark web data, to help cybersecurity pros extract cyber threat intelligence (CTI) from the Internet’s virtual underbelly. DarkBERT pretraining process and evaluated use case scenarios (Source: KAIST/S2W) DarkBERT: A […]

React to this headline:

Loading spinner

DarkBERT could help automate dark web mining for cyber threat intelligence Read More »

Exploring the tactics of phishing and scam websites in 2023

Don't miss, Hot stuff, Video /

Exploring the tactics of phishing and scam websites in 2023 19/05/2023 at 07:02 By Help Net Security Phishing scams pose an escalating danger as cybercriminals employ increasingly sophisticated techniques, rendering their detection and prevention more challenging. In this Help Net Security video, Abhilash Garimella, Head of Research at Bolster, talks about the evolution of phishing

React to this headline:

Loading spinner

Exploring the tactics of phishing and scam websites in 2023 Read More »

Cisco fixes critical flaws in Small Business Series Switches

Cisco, Don't miss, network, News, PoC, SMBs, vulnerability /

Cisco fixes critical flaws in Small Business Series Switches 18/05/2023 at 12:50 By Helga Labus Nine vulnerabilities – 4 of them critical – have been found in a variety of Cisco Small Business Series Switches. PoC exploit code is available (but not public), and there is no indication that they are being exploited in the

React to this headline:

Loading spinner

Cisco fixes critical flaws in Small Business Series Switches Read More »

Introducing Permit.io: Simplifying access control and policy management for developers

AWS, Don't miss, Hot stuff, Permit.io, Video /

Introducing Permit.io: Simplifying access control and policy management for developers 18/05/2023 at 08:00 By Zeljka Zorz In this Help Net Security video interview, Or Weis, Co-Founder and CEO of Permit.io, discusses an innovative approach to managing permissions and access control within applications. We will explore policy as code and how it addresses organizations’ challenges in

React to this headline:

Loading spinner

Introducing Permit.io: Simplifying access control and policy management for developers Read More »

Enhancing open source security: Insights from the OpenSSF on addressing key challenges

CISO, Don't miss, Features, Hot stuff, News, open source, OpenSSF, opinion, software, strategy, The Linux Foundation, tips /

Enhancing open source security: Insights from the OpenSSF on addressing key challenges 18/05/2023 at 08:00 By Mirko Zorz In this Help Net Security interview, we meet a prominent industry leader. Brian Behlendorf, CTO at the Open Source Security Foundation (OpenSSF), shares insights on the influence of his experiences with the White House CTO office, World

React to this headline:

Loading spinner

Enhancing open source security: Insights from the OpenSSF on addressing key challenges Read More »

TP-Link routers implanted with malicious firmware in state-sponsored attacks

backdoor, Check Point, Don't miss, Hot stuff, Malware, News, router, TP-LINK /

TP-Link routers implanted with malicious firmware in state-sponsored attacks 17/05/2023 at 16:44 By Helga Labus A Chinese state-sponsored APT group implanted malicious firmware into TP-Link routers as part of attack campaigns aimed at European foreign affairs entities, say Check Point researchers. Custom malicious firmware for TP-Link routers The malicious firmware was exclusively created for TP-Link

React to this headline:

Loading spinner

TP-Link routers implanted with malicious firmware in state-sponsored attacks Read More »

KeePass flaw allows retrieval of master password, PoC is public (CVE-2023-32784)

Don't miss, KeePass, News, open source, passwords, PoC, vulnerability /

KeePass flaw allows retrieval of master password, PoC is public (CVE-2023-32784) 17/05/2023 at 16:44 By Zeljka Zorz A vulnerability (CVE-2023-32784) in the open-source password manager KeePass can be exploited to retrieve the master password from the software’s memory, says the researcher who unearthed the flaw. The bad news is that the vulnerability is still unfixed

React to this headline:

Loading spinner

KeePass flaw allows retrieval of master password, PoC is public (CVE-2023-32784) Read More »

Inactive Google accounts will be deleted

Don't miss, Google, Hot stuff, News, policy /

Inactive Google accounts will be deleted 17/05/2023 at 14:17 By Helga Labus A week after Twitter announced it will be removing idle accounts after 30 days of inaction, Google has updated its account inactivity policy. Updates to the Google account inactivity policy Google says that the updated policy is effective immediately, but that it will

React to this headline:

Loading spinner

Inactive Google accounts will be deleted Read More »

Scammers exploit AI trend with fake ChatGPT apps on Google Play, Apple App Store

apple, Artificial Intelligence, ChatGPT, cybersecurity, Don't miss, Google Play, Hot stuff, News, scams, software, threats /

Scammers exploit AI trend with fake ChatGPT apps on Google Play, Apple App Store 17/05/2023 at 14:17 By Help Net Security Sophos researchers uncovered multiple apps masquerading as legitimate, ChatGPT-based chatbots to overcharge users. These apps have popped up in the Google Play and Apple App Store. Because the free versions have near-zero functionality and

React to this headline:

Loading spinner

Scammers exploit AI trend with fake ChatGPT apps on Google Play, Apple App Store Read More »

Preparing for federal supply chain security standardization

Compliance, cyber hygiene, cybersecurity, data, Don't miss, Expert analysis, Expert corner, framework, Government, Hot stuff, opinion, strategy, supply chain, threat, Tresorit /

Preparing for federal supply chain security standardization 17/05/2023 at 09:42 By Help Net Security In 2021, the Biden Administration published the Executive Order on Improving the Nation’s Cybersecurity (EO 14028), setting off an agency-wide security initiative with the ultimate objective of standardizing security requirements across the Department of Defense (DoD) and the Federal Civilian Executive

React to this headline:

Loading spinner

Preparing for federal supply chain security standardization Read More »

Malicious open-source components threatening digital infrastructure

cybersecurity, Don't miss, Endor Labs, Hot stuff, open source, software, threats, Video /

Malicious open-source components threatening digital infrastructure 17/05/2023 at 09:42 By Help Net Security A new risk emerges in the digital era, where open-source software has become a fundamental pillar in developing innovative applications. The threat? Malicious open-source components. In this Help Net Security video, Henrik Plate, Lead Security Researcher at Endor Labs, discusses the dual-edged

React to this headline:

Loading spinner

Malicious open-source components threatening digital infrastructure Read More »

Fraudsters send fake invoice, follow up with fake exec confirmation

Armorblox, Don't miss, enterprise, fraud, News, security awareness, SMBs /

Fraudsters send fake invoice, follow up with fake exec confirmation 16/05/2023 at 16:10 By Zeljka Zorz Fraudsters are trying out a new approach to convince companies to pay bogus invoices: instead of hijacking existing email threads, they are creating convincing ones themselves. A clever payment request fraud The fraud attempt begins with an email containing

React to this headline:

Loading spinner

Fraudsters send fake invoice, follow up with fake exec confirmation Read More »

Lacroix manufacturing facilities shut down following cyberattack

cyberattack, disruption, Don't miss, France, Hot stuff, manufacturing sector, News, Ransomware /

Lacroix manufacturing facilities shut down following cyberattack 16/05/2023 at 14:08 By Helga Labus French electronics manufacturer Lacroix closed three factories as a result of a cyberattack they “intercepted” over the weekend, the company has announced on Monday. Lacroix designs and produces electronic equipment for the automotive, home automation, aerospace, industrial and health sectors, as well

React to this headline:

Loading spinner

Lacroix manufacturing facilities shut down following cyberattack Read More »

WhatsApp allows users to lock sensitive chats

authentication, Don't miss, Hot stuff, Meta, News, Privacy, WhatsApp /

WhatsApp allows users to lock sensitive chats 16/05/2023 at 11:53 By Helga Labus Meta has unveiled Chat Lock within WhatsApp, a feature that allows users to keep sensitive and intimate conversations safe from prying eyes. WhatsApp Chat Lock (Source: WhatsApp) Enabling Chat Lock By tapping on a one-to-one or group conversation, users can easily enable

React to this headline:

Loading spinner

WhatsApp allows users to lock sensitive chats Read More »

New trends in ransomware attacks shape the future of cybersecurity

Corvus Insurance, cybercrime, cybersecurity, Don't miss, Hot stuff, Malware, Ransomware, trends, Video /

New trends in ransomware attacks shape the future of cybersecurity 16/05/2023 at 09:23 By Help Net Security Corvus Insurance analyzed data from the dark web and ransomware leak sites. Researchers uncovered a 60% increase in ransomware victims in March 2023, marking the highest monthly victim count observed in the past two years. In this Help

React to this headline:

Loading spinner

New trends in ransomware attacks shape the future of cybersecurity Read More »

3 tips to accelerate zero trust adoption

CISO, cyber risk, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, opinion, strategy, Syxsense, tips, zero trust /

3 tips to accelerate zero trust adoption 16/05/2023 at 09:23 By Help Net Security Zero trust adoption is beginning to accelerate as networks get more complex. Gartner predicts that by 2026, 10% of large enterprises will have a comprehensive, mature, and measurable zero-trust program in place (compared to just 1% today). But adoption has been

React to this headline:

Loading spinner

3 tips to accelerate zero trust adoption Read More »

Advantech’s industrial serial device servers open to attack

Advantech, CyberDanube, Don't miss, IIoT, network, News, PoC, vulnerability /

Advantech’s industrial serial device servers open to attack 15/05/2023 at 17:48 By Zeljka Zorz Three vulnerabilities in Advantech’s EKI series of serial device servers could be exploited to execute arbitrary commands on the OS level. Source: CyberDanube The vulnerabilities Serial device servers are networking devices that “network-enable” serial devices (e.g., printer, climate control system, etc.)

React to this headline:

Loading spinner

Advantech’s industrial serial device servers open to attack Read More »

SquareX’s vision: A future where internet security is a non-issue

CISO, cybersecurity, Don't miss, Features, Hot stuff, News, SquareX, strategy /

SquareX’s vision: A future where internet security is a non-issue 15/05/2023 at 12:11 By Mirko Zorz With an ever-evolving landscape of cyber threats, the necessity for innovative, effective, and user-friendly security products has never been more apparent. Current security solutions, however, seem to lag behind, struggling to adequately address the challenges posed by increasingly sophisticated

React to this headline:

Loading spinner

SquareX’s vision: A future where internet security is a non-issue Read More »

Is human threat hunting a fool’s errand?

automation, data, Don't miss, Expert analysis, Expert corner, firewall, Hot stuff, intrusion, opinion, threat, threat hunting /

Is human threat hunting a fool’s errand? 15/05/2023 at 12:11 By Help Net Security We all have witnessed automated advances creep into our modern threat hunting processes – and with good reason. As the rate of cyberattacks steadily increases, automated threat hunting processes are being integrated to help stem the tide by providing quicker security

React to this headline:

Loading spinner

Is human threat hunting a fool’s errand? Read More »

Web entity activity reveals insights into internet security

Censys, cybersecurity, Don't miss, Hot stuff, threats, Video /

Web entity activity reveals insights into internet security 15/05/2023 at 08:13 By Help Net Security For its recent research focusing on web entities (or content served over HTTP), Censys leveraged its internet-wide scan data to understand better the applications and services that have become core to our existence, evaluating the state of security on the

React to this headline:

Loading spinner

Web entity activity reveals insights into internet security Read More »

Scroll to Top