Keeping the cloud secure with a mindset shift 01/08/2023 at 08:02 By Help Net Security Gartner estimates that in 2023 worldwide end-user spending on public cloud services will grow by 21.7% and hit nearly $600 billion. Even as the economic downturn has most businesses looking for ways to tighten their belts, the cloud remains one […]
React to this headline:
Keeping the cloud secure with a mindset shift Read More »
Strategies for ensuring compliance and security in outdated healthcare IT systems 01/08/2023 at 07:02 By Help Net Security With the average price tag for a healthcare data breach at an all-time high, the overall financial damage to an organization is high regarding economic loss and reputation repair. According to the Cybersecurity and Infrastructure Security Agency
React to this headline:
Strategies for ensuring compliance and security in outdated healthcare IT systems Read More »
Ivanti fixes second zero-day exploited by attackers (CVE-2023-35081) 31/07/2023 at 16:32 By Helga Labus Another actively exploited zero-day vulnerability (CVE-2023-35081) affecting Ivanti Endpoint Manager Mobile (EPMM) has been identified and fixed. The first zero-day spotted Last week, we reported on a remote unauthenticated API access vulnerability (CVE-2023-35078) affecting Ivanti EPMM having been exploited to target
React to this headline:
Ivanti fixes second zero-day exploited by attackers (CVE-2023-35081) Read More »
Web browsing is the primary entry vector for ransomware infections 31/07/2023 at 13:47 By Zeljka Zorz The most widely used method for ransomware delivery in 2022 was via URL or web browsing (75.5%), Palo Alto Networks researchers have found. In 2021, it was email attachments (i.e., delivery via SMTP, POP3, and IMAP protocols), but in
React to this headline:
Web browsing is the primary entry vector for ransomware infections Read More »
New persistent backdoor used in attacks on Barracuda ESG appliances 31/07/2023 at 13:32 By Helga Labus The Cybersecurity and Infrastructure Agency (CISA) has published an analysis report on the backdoors dropped by attackers exploiting CVE-2023-2868, a remote command injection vulnerability in Barracuda Email Security Gateway (ESG) appliances. Barracuda ESG zero-day exploit and backdoors In late
React to this headline:
New persistent backdoor used in attacks on Barracuda ESG appliances Read More »
Stremio vulnerability exposes millions to RCE and data theft 31/07/2023 at 11:02 By Help Net Security CyFox has recently identified a critical hijacking vulnerability in Stremio 4.4, a popular software platform for streaming movies and TV shows. With over 5 million users relying on Stremio for their entertainment needs, this vulnerability poses a significant risk
React to this headline:
Stremio vulnerability exposes millions to RCE and data theft Read More »
How the best CISOs leverage people and technology to become superstars 31/07/2023 at 07:47 By Help Net Security What separates superstar CISOs from the rest of the pack is that they are keenly aware of the burgeoning threat landscape and the cybersecurity skills shortage, but they don’t give in to despair. Instead, they use their
React to this headline:
How the best CISOs leverage people and technology to become superstars Read More »
Data privacy vault: Securing sensitive data while navigating regulatory demands 31/07/2023 at 07:32 By Help Net Security In this Help Net Security interview, Jean-Charles Chemin, CEO of Legapass, provides insight into the correlation between maintaining customer trust and protecting sensitive customer data. He emphasizes how a data privacy vault can reinforce customer trust by offering
React to this headline:
Data privacy vault: Securing sensitive data while navigating regulatory demands Read More »
ZTNA can be more than a VPN replacement for application access 28/07/2023 at 07:47 By Help Net Security In the wake of increased workforce mobility, today’s organizations require more innovative, more flexible, and more secure methods of granting network and application access to their workers. ZTNA adoption The encryption-based security approach leveraged by the virtual
React to this headline:
ZTNA can be more than a VPN replacement for application access Read More »
National Cyber Strategy Implementation Plan: What you need to know 28/07/2023 at 06:31 By Help Net Security The Biden-Harris Administration’s recently released National Cybersecurity Strategy calls for two fundamental shifts in how the United States allocates roles, responsibilities, and resources in cyberspace. In this Help Net Security video, Kelly Rozumalski, a Senior VP leading Booz
React to this headline:
National Cyber Strategy Implementation Plan: What you need to know Read More »
A step-by-step guide for patching software vulnerabilities 27/07/2023 at 07:34 By Help Net Security Coalition’s recent Cyber Threat Index 2023 predicts the average Common Vulnerabilities and Exposures (CVEs) rate will rise by 13% over 2022 to more than 1,900 per month in 2023. As thousands of patches and updates are released each month, organizations struggle
React to this headline:
A step-by-step guide for patching software vulnerabilities Read More »
Why are computer security guidelines so confusing? 27/07/2023 at 07:02 By Help Net Security If you find the computer security guidelines you get at work confusing and not very useful, you’re not alone. A new study highlights a key problem with how these guidelines are created, and outlines simple steps that would improve them –
React to this headline:
Why are computer security guidelines so confusing? Read More »
Key factors for effective security automation 27/07/2023 at 06:31 By Mirko Zorz Harnessing the potential of automation in cybersecurity is key to maintaining a robust defense against ever-evolving threats. Still, this approach comes with its own unique challenges. In this Help Net Security interview, Oliver Rochford, Chief Futurist at Tenzir, discusses how automation can be
React to this headline:
Key factors for effective security automation Read More »
CISOs gear up to combat the rising threat of B2B fraud 27/07/2023 at 06:02 By Help Net Security The ongoing banking and economic turmoil has opened the floodgates to fraudsters. In this Help Net Security video, ex-British Intelligence officer Alex Beavan, Head of Ethics and Anti-Corruption at Convera, discusses how fraudsters target businesses and his
React to this headline:
CISOs gear up to combat the rising threat of B2B fraud Read More »
SEC adopts new cybersecurity incident disclosure rules for companies 26/07/2023 at 21:01 By Help Net Security The Securities and Exchange Commission (SEC) today adopted rules requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy, and governance. The Commission also adopted
React to this headline:
SEC adopts new cybersecurity incident disclosure rules for companies Read More »
MikroTik vulnerability could be used to hijack 900,000 routers (CVE-2023-30799) 26/07/2023 at 16:47 By Zeljka Zorz A privilege escalation vulnerability (CVE-2023-30799) could allow attackers to commandeer up to 900,000 MikroTik routers, says VulnCheck researcher Jacob Baines. While exploting it does require authentication, acquiring credentials to access the routers is not that difficult. “RouterOS [the underlying
React to this headline:
MikroTik vulnerability could be used to hijack 900,000 routers (CVE-2023-30799) Read More »
Enterprises should layer-up security to avoid legal repercussions 26/07/2023 at 08:03 By Help Net Security The role of CISO these days requires a strong moral compass: You have to be the one speaking up for the protection of customer data and be ready to handle uncomfortable situations such as pressure to downplay an actual breach.
React to this headline:
Enterprises should layer-up security to avoid legal repercussions Read More »
Overcoming the cybersecurity talent shortage with upskilling initiatives 26/07/2023 at 07:31 By Mirko Zorz In this Help Net Security interview, Dr. Lindsey Polley de Lopez, Director of Cyber & Space Intelligence at MACH37, proposes strategies for companies, educational institutions, and governments on how to address the ongoing shortage of cybersecurity talent through the introduction of
React to this headline:
Overcoming the cybersecurity talent shortage with upskilling initiatives Read More »
Product showcase: Stellar Toolkit for Exchange – Restore Exchange Database 26/07/2023 at 07:02 By Help Net Security Time is of the essence when it comes to recovery after Exchange Server failure or database corruption, as organizations depend on emails for their day-to-day business communication. The more the delay in restoring services and recovering data, the
React to this headline:
Product showcase: Stellar Toolkit for Exchange – Restore Exchange Database Read More »
Ivanti zero-day exploited to target Norwegian government (CVE-2023-35078) 25/07/2023 at 13:37 By Zeljka Zorz A zero-day vulnerability (CVE-2023-35078) affecting Ivanti Endpoint Manager Mobile (EPMM) has been exploited to carry out an attack that affected 12 Norwegian ministries, the Norwegian National Security Authority (NSM) has confirmed on Tuesday. What is known about the attacks? On Monday,
React to this headline:
Ivanti zero-day exploited to target Norwegian government (CVE-2023-35078) Read More »