Don’t miss

Breaking down the numbers: Cybersecurity funding activity recap

Aim Security, Alethea, anecdotes, Axonius, BforeAI, BigID, Bugcrowd, CyberSaint, cybersecurity, Defense Unicorns, Don't miss, Dropzone AI, Hot stuff, Incognia, investment, Nagomi Security, News, NinjaOne, Nozomi Networks, Oleria, Permit.io, Prompt Security, Prophet Security, PVML, Seal Security, Simbian, StrikeReady, Sublime Security, Sweet Security, Vicarius /

Breaking down the numbers: Cybersecurity funding activity recap 2024-04-26 at 06:45 By Help Net Security Here’s a list of interesting cybersecurity companies that received funding so far in 2024. Aim Security January | $10 million Aim Security raised $10 million in seed funding, led by YL Ventures, with participation from CCL (Cyber Club London), the […]

React to this headline:

Loading spinner

Breaking down the numbers: Cybersecurity funding activity recap Read More »

Applying DevSecOps principles to machine learning workloads

Artificial Intelligence, cybersecurity, DevSecOps, Don't miss, Expert analysis, Expert corner, Hot stuff, machine learning, News, opinion, Protect AI, software development /

Applying DevSecOps principles to machine learning workloads 2024-04-25 at 07:33 By Help Net Security Protecting data and other enterprise assets is an increasingly challenging task, and one that touches nearly every corner of an organization. As the complexity of digital systems grows, the challenges mount. One method that helps reign in the chaos is bringing

React to this headline:

Loading spinner

Applying DevSecOps principles to machine learning workloads Read More »

Overcoming GenAI challenges in healthcare cybersecurity

Artificial Intelligence, cybersecurity, data, Don't miss, Features, framework, generative AI, healthcare, Hot stuff, machine learning, News, opinion, Privacy, Team8 Health /

Overcoming GenAI challenges in healthcare cybersecurity 2024-04-25 at 07:01 By Mirko Zorz In this Help Net Security interview, Assaf Mischari, Managing Partner, Team8 Health, discusses the risks associated with GenAI healthcare innovations and their impact on patient privacy. What are the key cybersecurity challenges in healthcare in the context of GenAI, and how can they

React to this headline:

Loading spinner

Overcoming GenAI challenges in healthcare cybersecurity Read More »

25 cybersecurity AI stats you should know

Accenture, Artificial Intelligence, Cisco, Cloud Security Alliance, Code42, cybercrime, cybersecurity, Don't miss, Dynatrace, FS-ISAC, Google Cloud, Group-IB, HiddenLayer, Hot stuff, ISC2, LastPass, McAfee, Netskope, News, report, survey, Zscaler /

25 cybersecurity AI stats you should know 2024-04-25 at 06:31 By Help Net Security In this article, you will find excerpts from reports we recently covered, which offer stats and insights into the challenges and cybersecurity issues arising from the expansion of AI. Security pros are cautiously optimistic about AI Cloud Security Alliance and Google

React to this headline:

Loading spinner

25 cybersecurity AI stats you should know Read More »

Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359)

0-day, CISA, Cisco, Don't miss, firewall, government-backed attacks, Hot stuff, Lumen, Microsoft, NCSC, News, security update /

Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359) 2024-04-24 at 21:31 By Zeljka Zorz A state-sponsored threat actor has managed to compromise Cisco Adaptive Security Appliances (ASA) used on government networks across the globe and use two zero-day vulnerabilities (CVE-2024-20353, CVE-2024-20359) to install backdoors on them, Cisco Talos researchers have shared on Wednesday.

React to this headline:

Loading spinner

Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359) Read More »

PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389)

Don't miss, enterprise, network monitoring, News, PoC, Progress, Rhino Security, vulnerability /

PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389) 2024-04-24 at 15:01 By Zeljka Zorz More details of and a proof-of-concept exploit for an unauthenticated OS command injection vulnerability (CVE-2024-2389) in Flowmon, Progress Software’s network monitoring/analysis and security solution, have been published. The critical vulnerability has been disclosed and patched by Progress earlier this month. “Currently,

React to this headline:

Loading spinner

PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389) Read More »

GISEC Global 2024 video walkthrough

Claroty, Cloudflare, conferences, CyberKnight, cybersecurity, Don't miss, GISEC, Google Cloud, Hot stuff, Netscout, Netskope, NetSPI, OPSWAT, Resecurity, SecureLink, SecurityScorecard, Securonix, Sophos, Splunk, toolswatch, Trend Micro, UAE Cyber Security Council, Video, Waterfall Security Solutions, Zscaler /

GISEC Global 2024 video walkthrough 2024-04-24 at 13:01 By Help Net Security In this Help Net Security video, we take you inside GISEC Global, which is taking place from April 23 to April 25, 2024, at the Dubai World Trade Centre. The video features the following vendors: Sophos, Waterfall Security Solutions, UAE Cyber Security Council,

React to this headline:

Loading spinner

GISEC Global 2024 video walkthrough Read More »

GenAI can enhance security awareness training

awareness, cybersecurity, deepfakes, Don't miss, Expert analysis, Expert corner, framework, generative AI, Hot stuff, News, opinion, Prism Infosec, social engineering, training /

GenAI can enhance security awareness training 2024-04-24 at 07:31 By Help Net Security One of the biggest concerns over generative AI is its ability to manipulate us, which makes it ideal for orchestrating social engineering attacks. From mining someone’s digital footprint to crafting highly convincing spear phishing emails, to voice capture enabling vishing and deep

React to this headline:

Loading spinner

GenAI can enhance security awareness training Read More »

The relationship between cybersecurity and work tech innovation

collaboration, cybersecurity, Don't miss, Envoy, Hot stuff, hybrid workforce, remote access, strategy, Video /

The relationship between cybersecurity and work tech innovation 2024-04-24 at 06:01 By Help Net Security As organizations navigate the complexities of hybrid work arrangements and the gradual return to the office, the cybersecurity threat landscape has become increasingly challenging, with issues such as the proliferation of personal devices, the expansion of remote access points, and

React to this headline:

Loading spinner

The relationship between cybersecurity and work tech innovation Read More »

eBook: Cloud security skills

Don't miss, ISC2, News, Whitepapers and webinars /

eBook: Cloud security skills 2024-04-24 at 05:46 By Help Net Security Demonstrating a sound understanding of cloud security key principles and practices opens various professional opportunities. But first, you need the right mix of technical and soft skills to emerge as a leader. Inside this eBook: Why a career in cloud security? Career pathways The

React to this headline:

Loading spinner

eBook: Cloud security skills Read More »

Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028)

0-day, APT, CVE, cyber espionage, Don't miss, exploit, Hot stuff, Microsoft, News, Windows /

Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028) 2024-04-23 at 17:01 By Zeljka Zorz For nearly four years and perhaps even longer, Forest Blizzard (aka Fancy Bear, aka APT28) has been using a custom tool that exploits a specific vulnerability in Windows Print Spooler service (CVE-2022-38028). Dubbed GooseEgg, the tool is a

React to this headline:

Loading spinner

Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028) Read More »

CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040)

Censys, CrowdStrike, CrushFTP, CVE, Don't miss, enterprise, exploit, FTP, Hot stuff, News /

CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040) 2024-04-23 at 13:01 By Zeljka Zorz A vulnerability (CVE-2024-4040) in enterprise file transfer solution CrushFTP is being exploited by attackers in a targeted fashion, according to Crowdstrike. The vulnerability allows attackers to escape their virtual file system and download system files (i.e., configuration files), but only if

React to this headline:

Loading spinner

CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040) Read More »

The rising influence of AI on the 2024 US election

Artificial Intelligence, cybersecurity, deepfakes, Don't miss, election security, Expert analysis, Expert corner, Hot stuff, News, opinion, Sentra, social media /

The rising influence of AI on the 2024 US election 2024-04-23 at 08:01 By Help Net Security We stand at a crossroads for election misinformation: on one side our election apparatus has reached a higher level of security and is better defended from malicious attackers than ever before. On the other side, the rise of

React to this headline:

Loading spinner

The rising influence of AI on the 2024 US election Read More »

10 colleges and universities shaping the future of cybersecurity education

Berkeley, Carnegie Mellon University, cybersecurity, Don't miss, education, Hot stuff, MIT, News, skill development, University of Cambridge /

10 colleges and universities shaping the future of cybersecurity education 2024-04-23 at 07:01 By Help Net Security Institutions featured on this list often provide undergraduate and graduate degrees, courses, as well as certificate programs tailored to meet the growing demand for cybersecurity professionals in various industries. Some notable colleges and universities renowned for their cybersecurity

React to this headline:

Loading spinner

10 colleges and universities shaping the future of cybersecurity education Read More »

What is multi-factor authentication (MFA), and why is it important?

access management, authentication, BARR Advisory, cybersecurity, Don't miss, Hot stuff, MFA, password manager, passwords, Privacy, tips, Video /

What is multi-factor authentication (MFA), and why is it important? 2024-04-23 at 06:31 By Help Net Security Setting up MFA can seem daunting for consumers just beginning to clean up their security postures. In this Help Net Security video, Larry Kinkaid, Manager, Cybersecurity Consulting at BARR Advisory, shares tips for consumers who need simple, accessible

React to this headline:

Loading spinner

What is multi-factor authentication (MFA), and why is it important? Read More »

MITRE breached by nation-state threat actor via Ivanti zero-days

data breach, Don't miss, Hot stuff, Incident Response, Ivanti, Mandiant, MITRE, News, Volexity /

MITRE breached by nation-state threat actor via Ivanti zero-days 2024-04-22 at 15:16 By Zeljka Zorz MITRE has been breached by attackers via two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Ivanti’s Connect Secure VPN devices. The attackers have also managed to move laterally and compromise the company network’s VMware infrastructure, MITRE confirmed late last week. What is

React to this headline:

Loading spinner

MITRE breached by nation-state threat actor via Ivanti zero-days Read More »

The first steps of establishing your cloud security strategy

Center for Internet Security, Don't miss, Hot stuff, News /

The first steps of establishing your cloud security strategy 2024-04-22 at 10:02 By Help Net Security In this article, we’ll identify some first steps you can take to establish your cloud security strategy. We’ll do so by discussing the cloud security impact of individual, concrete actions featured within the CIS Critical Security Controls (CIS Controls)

React to this headline:

Loading spinner

The first steps of establishing your cloud security strategy Read More »

How to optimize your bug bounty programs

Artificial Intelligence, bug bounty, cybersecurity, Don't miss, Features, hacker, Hot stuff, machine learning, News, opinion, policy, regulation, risk assessment, Risk Management, strategy, tips, Zoom /

How to optimize your bug bounty programs 2024-04-22 at 08:02 By Mirko Zorz In this Help Net Security interview, Roy Davis, Manager – Vulnerability Management & Bug Bounty at Zoom, discusses the role bug bounty programs play in identifying security vulnerabilities and facilitating collaboration with researchers. He offers advice to organizations, stressing the importance of

React to this headline:

Loading spinner

How to optimize your bug bounty programs Read More »

Cloud Console Cartographer: Open-source tool helps security teams transcribe log activity

AWS, cloud security, Don't miss, GitHub, Hot stuff, News, Permiso, software /

Cloud Console Cartographer: Open-source tool helps security teams transcribe log activity 2024-04-22 at 07:32 By Mirko Zorz Cloud Console Cartographer is an open-source tool that maps noisy log activity into highly consolidated, succinct events to help security practitioners cut through the noise and understand console behavior in their environment. “Infrastructure as code has replaced a

React to this headline:

Loading spinner

Cloud Console Cartographer: Open-source tool helps security teams transcribe log activity Read More »

Fuxnet malware: Growing threat to industrial sensors

attacks, critical infrastructure, cybersecurity, Don't miss, Hot stuff, Malware, network, Phosphorus Cybersecurity, sensors, Video /

Fuxnet malware: Growing threat to industrial sensors 2024-04-22 at 07:01 By Help Net Security In this Help Net Security video, Sonu Shankar, Chief Strategy Officer at Phosphorus, discusses how Blackjack’s Fuxnet malware should be a wakeup call to industrial operators about the vulnerability of sensor networks and the outsized impact these attacks can have on

React to this headline:

Loading spinner

Fuxnet malware: Growing threat to industrial sensors Read More »

Scroll to Top