Don’t miss

Essential DDoS statistics for understanding attack impact

Arelion, cybersecurity, DDoS, Don't miss, G-Core Labs, Netscout, News, Nexusguard, report, survey /

Essential DDoS statistics for understanding attack impact 2023-12-27 at 06:32 By Help Net Security The impact of DDoS attacks extends far beyond mere inconvenience, as they can result in financial losses, compromised data, and erosion of customer trust. Understanding the nature and consequences of DDoS activity is essential for organizations and individuals alike as they […]

React to this headline:

Loading spinner

Essential DDoS statistics for understanding attack impact Read More »

New insights into the global industrial cybersecurity landscape

Claroty, critical infrastructure, cybersecurity, Don't miss, Hot stuff, professional, Ransomware, Video /

New insights into the global industrial cybersecurity landscape 22/12/2023 at 08:31 By Help Net Security In this Help Net Security video, William Noto, VP and Industry Principal for Claroty, discusses their recent global survey of 1,100 IT and OT security professionals who work in critical infrastructure sectors. When it comes to ransomware attacks, the impact

React to this headline:

Loading spinner

New insights into the global industrial cybersecurity landscape Read More »

11 GenAI cybersecurity surveys you should read

Abnormal Security, Artificial Intelligence, automation, cybersecurity, Don't miss, generative AI, Harvey Nash, IDC, ISG, News, Riskonnect, Snow Software, Zscaler /

11 GenAI cybersecurity surveys you should read 22/12/2023 at 07:32 By Help Net Security Generative AI stands at the forefront of technological innovation, reshaping industries and unlocking new possibilities across various domains. However, as the integration of these technologies continues, a vigilant approach to ethical considerations and regulatory compliance is essential to ensure that the

React to this headline:

Loading spinner

11 GenAI cybersecurity surveys you should read Read More »

Why data, AI, and regulations top the threat list for 2024

Artificial Intelligence, cybersecurity, data, Don't miss, Expert analysis, Expert corner, Hot stuff, Information Security Forum, News, opinion, regulation /

Why data, AI, and regulations top the threat list for 2024 21/12/2023 at 09:02 By Help Net Security The new year finds us confronted by a landscape characterized by political uncertainty, social fragmentation, escalating geopolitical tensions, and a turbulent macro-economic backdrop, making it crucial for security leaders to strategically prepare for the forthcoming challenges. Let’s

React to this headline:

Loading spinner

Why data, AI, and regulations top the threat list for 2024 Read More »

A closer look at the manufacturing threat landscape

cybersecurity, digital transformation, Don't miss, Hot stuff, Malware, manufacturing sector, threats, Trustwave, Video /

A closer look at the manufacturing threat landscape 21/12/2023 at 08:49 By Help Net Security The manufacturing industry is embracing digital transformation to fuel efficiency and productivity. However, this evolution is accompanied by profound and growing cybersecurity challenges. In this Help Net Security video, Kory Daniels, CISO at Trustwave, discusses recent comprehensive research highlighting the

React to this headline:

Loading spinner

A closer look at the manufacturing threat landscape Read More »

How executives adapt to rising cybersecurity concerns in mobile networks

cyber resilience, cybersecurity, Don't miss, Enea, framework, Hot stuff, mobile, threat, Video /

How executives adapt to rising cybersecurity concerns in mobile networks 21/12/2023 at 08:13 By Help Net Security In this Help Net Security video, Rowland Corr, VP & Head of Government Relations at Enea, discusses the implications of burner phones and the crisis of confidence in network operators as they struggle to protect consumers from sophisticated

React to this headline:

Loading spinner

How executives adapt to rising cybersecurity concerns in mobile networks Read More »

Are organizations moving away from passwords?

1Password, Dashlane, Delinea, Don't miss, Entrust, FIDO Alliance, LastPass, News, passwordless, report, survey /

Are organizations moving away from passwords? 21/12/2023 at 07:53 By Help Net Security Passwordless authentication emerges as a calculated response, eliminating the inherent weaknesses of conventional passwords. At the heart of this evolution lies the deployment of passkeys—sophisticated cryptographic tools designed to authenticate users with a level of sophistication and reliability that transcends traditional methods.

React to this headline:

Loading spinner

Are organizations moving away from passwords? Read More »

8220 gang exploits old Oracle WebLogic vulnerability to deliver infostealers, cryptominers

cryptojacking, Don't miss, exploit, Hot stuff, Imperva, Malware, News, Oracle WebLogic, research, vulnerability /

8220 gang exploits old Oracle WebLogic vulnerability to deliver infostealers, cryptominers 20/12/2023 at 16:02 By Helga Labus The 8220 gang has been leveraging an old Oracle WebLogic Server vulnerability (CVE-2020-14883) to distribute malware, the Imperva Threat Research team has found. About 8220 Active since 2017, the 8220 gang has been known for deploying cryptocurrency miners

React to this headline:

Loading spinner

8220 gang exploits old Oracle WebLogic vulnerability to deliver infostealers, cryptominers Read More »

Citrix Bleed leveraged to steal data of 35+ million Comcast Xfinity customers

Citrix, Comcast, cyberattack, data breach, data theft, Don't miss, hacking, Hot stuff, News, telecommunications, USA, vulnerability, Xfinity /

Citrix Bleed leveraged to steal data of 35+ million Comcast Xfinity customers 20/12/2023 at 13:32 By Helga Labus Telecommunications company Comcast has confirmed a breach that exposed personal information of more than 35.8 million of Xfinity customers. Exploiting Citrix Bleed to breach Xfinity CVE-2023-4966 (aka Citrix Bleed) – an information disclosure vulnerability in Citrix NetScaler

React to this headline:

Loading spinner

Citrix Bleed leveraged to steal data of 35+ million Comcast Xfinity customers Read More »

AI’s efficacy is constrained in cybersecurity, but limitless in cybercrime

Artificial Intelligence, cybercrime, cybersecurity, data security, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, regulation, Stellar Cyber /

AI’s efficacy is constrained in cybersecurity, but limitless in cybercrime 20/12/2023 at 09:47 By Help Net Security Bringing artificial intelligence into the cybersecurity field has created a vicious cycle. Cyber professionals now employ AI to enhance their tools and boost their detection and protection capabilities, but cybercriminals are also harnessing AI for their attacks. Security

React to this headline:

Loading spinner

AI’s efficacy is constrained in cybersecurity, but limitless in cybercrime Read More »

Supply chain emerges as major vector in escalating automotive cyberattacks

attacks, automotive security, cybersecurity, Don't miss, Hot stuff, supply chain, VicOne, Video /

Supply chain emerges as major vector in escalating automotive cyberattacks 20/12/2023 at 08:05 By Help Net Security In this Help Net Security video, Jay Yaneza, Cybersecurity Architect at VicOne, discusses how, in the first half of the year, cyberattacks on the automotive sector caused losses exceeding $11 billion. These attacks mainly targeted automotive suppliers, not

React to this headline:

Loading spinner

Supply chain emerges as major vector in escalating automotive cyberattacks Read More »

Balancing AI’s promise with privacy and intellectual property concerns

Artificial Intelligence, automation, Cisco, Cybersixgill, Devo Technology, Don't miss, Enea, Entrust, GitLab, Immuta, News, NTT, Osterman Research, Perception Point, report, Snow Software, survey, Wallaroo.AI, WorkFusion /

Balancing AI’s promise with privacy and intellectual property concerns 20/12/2023 at 07:31 By Help Net Security Organizations increasingly integrate AI technologies into their cybersecurity architectures to enhance detection, response, and mitigation capabilities. One of the key strengths of AI in cybersecurity lies in its ability to predict and prevent attacks before they occur. Powered by

React to this headline:

Loading spinner

Balancing AI’s promise with privacy and intellectual property concerns Read More »

Subdominator: Open-source tool for detecting subdomain takeovers

cybersecurity, Don't miss, GitHub, News, open source, software, Stratus /

Subdominator: Open-source tool for detecting subdomain takeovers 20/12/2023 at 07:01 By Mirko Zorz Subdominator is a dependable and fast open-source command-line interface tool to identify subdomain takeovers. It boasts superior accuracy and reliability, offering improvements compared to other tools. “Initially, Subdominator was created internally because all the current subdomain takeover tools had gaps in their

React to this headline:

Loading spinner

Subdominator: Open-source tool for detecting subdomain takeovers Read More »

Law enforcement seizes ALPHV/Blackcat sites, offers decryptor to victims

decrypter, Don't miss, Europol, extortion, FBI, Hot stuff, law enforcement, News, Ransomware, USA /

Law enforcement seizes ALPHV/Blackcat sites, offers decryptor to victims 19/12/2023 at 19:04 By Zeljka Zorz The US Justice Department announced today a disruption campaign against the Blackcat/ALPHV ransomware group and let victims know that there is a decryptor they can use. FBI develops ALPHV/Blackcat decryptor Over the past 18 months, ALPHV/Blackcat has emerged as the

React to this headline:

Loading spinner

Law enforcement seizes ALPHV/Blackcat sites, offers decryptor to victims Read More »

Wiz and Apiiro partner to provide context-driven security from code to cloud

Apiiro, Application Security, Cloud, code, cybersecurity, Don't miss, Hot stuff, Video, Wiz /

Wiz and Apiiro partner to provide context-driven security from code to cloud 19/12/2023 at 17:03 By Mirko Zorz Apiiro, a leading application security posture management (ASPM) solution, today announced its partnership with Wiz, the leading cloud security company and Cloud Native Application Protection Platform (CNAPP) provider. By joining Wiz Integrations (WIN), Apiiro brings the power

React to this headline:

Loading spinner

Wiz and Apiiro partner to provide context-driven security from code to cloud Read More »

Mr. Cooper breach exposes sensitive info of over 14 million customers

cyberattack, data breach, data theft, Don't miss, financial industry, hacking, Hot stuff, News, USA /

Mr. Cooper breach exposes sensitive info of over 14 million customers 19/12/2023 at 13:47 By Helga Labus Mortgage company Mr. Cooper has confirmed that personal information of over 14.6 million customers has been exposed in its October 2023 data breach. The breach “On October 31, 2023, Mr. Cooper detected suspicious activity in certain network systems,”

React to this headline:

Loading spinner

Mr. Cooper breach exposes sensitive info of over 14 million customers Read More »

SSH vulnerability exploitable in Terrapin attacks (CVE-2023-48795)

cryptographic attack, Don't miss, Hot stuff, News, OpenSSH, research, SSH, SUSE, vulnerability /

SSH vulnerability exploitable in Terrapin attacks (CVE-2023-48795) 19/12/2023 at 13:18 By Zeljka Zorz Security researchers have discovered a vulnerability (CVE-2023-48795) in the SSH cryptographic network protocol that could allow an attacker to downgrade the connection’s security by truncating the extension negotiation message. The Terrapin attack Terrapin is a prefix truncation attack targeting the SSH protocol.

React to this headline:

Loading spinner

SSH vulnerability exploitable in Terrapin attacks (CVE-2023-48795) Read More »

The impact of prompt injection in LLM agents

Artificial Intelligence, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, risk, WithSecure /

The impact of prompt injection in LLM agents 19/12/2023 at 08:31 By Help Net Security Prompt injection is, thus far, an unresolved challenge that poses a significant threat to Language Model (LLM) integrity. This risk is particularly alarming when LLMs are turned into agents that interact directly with the external world, utilizing tools to fetch

React to this headline:

Loading spinner

The impact of prompt injection in LLM agents Read More »

EMBA: Open-source security analyzer for embedded devices

cybersecurity, Don't miss, embedded systems, GitHub, News, open source, penetration testing, software /

EMBA: Open-source security analyzer for embedded devices 19/12/2023 at 08:02 By Mirko Zorz The EMBA open-source security analyzer is tailored as the central firmware analysis tool for penetration testers and product security groups. It assists throughout the security evaluation procedure, extracting firmware, conducting static and dynamic analysis through emulation, and creating a web-based report. EMBA

React to this headline:

Loading spinner

EMBA: Open-source security analyzer for embedded devices Read More »

Ransomware trends and recovery strategies companies should know

Akamai, BigID, Coalition, Corvus Insurance, cybersecurity, Don't miss, ESG, Fortinet, GuidePoint Security, Hornetsecurity, Ivanti, Keepit, News, Object First, Ransomware, report, SecureWorks, Sophos, survey, Trend Micro, Zerto, Zscaler /

Ransomware trends and recovery strategies companies should know 19/12/2023 at 07:34 By Help Net Security Ransomware attacks can have severe consequences, causing financial losses, reputational damage, and operational disruptions. The methods used to deliver ransomware vary, including phishing emails, malicious websites, and exploiting vulnerabilities in software or operating systems. Cybercriminals often target organizations with weak

React to this headline:

Loading spinner

Ransomware trends and recovery strategies companies should know Read More »

Scroll to Top