Don’t miss

Apple patches two zero-days used to target iOS users (CVE-2023-42916 CVE-2023-42917)

0-day, apple, Don't miss, Hot stuff, iOS, iPad, macOS, News, security update /

Apple patches two zero-days used to target iOS users (CVE-2023-42916 CVE-2023-42917) 01/12/2023 at 12:33 By Zeljka Zorz With the latest round of security updates, Apple has fixed two zero-day WebKit vulnerabilities (CVE-2023-42916, CVE-2023-42917) that “may have been exploited against versions of iOS before iOS 16.7.1.” About the vulnerabilities (CVE-2023-42916, CVE-2023-42917) CVE-2023-42916 is a out-of-bounds read […]

React to this headline:

Loading spinner

Apple patches two zero-days used to target iOS users (CVE-2023-42916 CVE-2023-42917) Read More »

Bridging the gap between cloud vs on-premise security

Cato Networks, Cloud, cloud security, cybersecurity, Don't miss, Expert analysis, Expert corner, firewall, Hot stuff, News, opinion, policy /

Bridging the gap between cloud vs on-premise security 01/12/2023 at 08:03 By Help Net Security With the proliferation of SaaS applications, remote work and shadow IT, organizations feel obliged to embrace cloud-based cybersecurity. And rightly so, because the corporate resources, traffic, and threats are no longer confined within the office premises. Cloud-based security initiatives, such

React to this headline:

Loading spinner

Bridging the gap between cloud vs on-premise security Read More »

Key drivers of software security for financial services

API security, automation, code, cybersecurity, Don't miss, Hot stuff, software, Veracode, Video /

Key drivers of software security for financial services 01/12/2023 at 07:32 By Help Net Security Nearly 72% of applications in the financial services sector contain security flaws, according to Veracode. Despite the alarming figure, this rate of software vulnerability was the lowest of all industries analyzed and has improved since last year. The research also

React to this headline:

Loading spinner

Key drivers of software security for financial services Read More »

CISA urges water facilities to secure their Unitronics PLCs

critical infrastructure, Don't miss, Hot stuff, News, PLC, Ransomware, tips, USA /

CISA urges water facilities to secure their Unitronics PLCs 30/11/2023 at 18:02 By Zeljka Zorz News that Iran-affiliated attackers have taken over a programmable logic controller (PLC) at a water system facility in Pennsylvania has been followed by a public alert urging other water authorities to immediately secure their own PLCs. “The cyber threat actors

React to this headline:

Loading spinner

CISA urges water facilities to secure their Unitronics PLCs Read More »

Mosint: Open-source automated email OSINT tool

Don't miss, Email, GitHub, Hot stuff, News, open source, OSINT /

Mosint: Open-source automated email OSINT tool 30/11/2023 at 08:31 By Mirko Zorz Mosint is an automated email OSINT tool written in Go designed to facilitate quick and efficient investigations of target emails. It integrates multiple services, providing security researchers with rapid access to a broad range of information. “In my previous job, I actively worked

React to this headline:

Loading spinner

Mosint: Open-source automated email OSINT tool Read More »

What custom GPTs mean for the future of phishing

Artificial Intelligence, ChatGPT, code, cybersecurity, Don't miss, exploit, generative AI, hacker, Hot stuff, OpenAI, Perception Point, phishing, Video /

What custom GPTs mean for the future of phishing 30/11/2023 at 08:03 By Help Net Security OpenAI is putting more power into the hands of users of GenAI, allowing them to create their custom AI agents without writing code. These custom GPTs are the latest leap forward in the rapidly evolving AI landscape, but this

React to this headline:

Loading spinner

What custom GPTs mean for the future of phishing Read More »

Bridging the risk exposure gap with strategies for internal auditors

AuditBoard, auditing, Compliance, cybersecurity, data security, Don't miss, Features, Hot stuff, News, opinion, Risk Management, strategy, tips /

Bridging the risk exposure gap with strategies for internal auditors 30/11/2023 at 07:31 By Mirko Zorz In this Help Net Security interview, Richard Chambers, Senior Internal Audit Advisor at AuditBoard, discusses the transformational role of the internal audit function and risk management in helping organizations bridge the gap in risk exposure. He talks about how

React to this headline:

Loading spinner

Bridging the risk exposure gap with strategies for internal auditors Read More »

PoCs for critical Arcserve UDP vulnerabilities released

Arcserve, Data Protection, disaster recovery, Don't miss, enterprise, News, PoC, Tenable, vulnerability /

PoCs for critical Arcserve UDP vulnerabilities released 29/11/2023 at 17:46 By Zeljka Zorz Arcserve has fixed critical security vulnerabilities (CVE-2023-41998, CVE-2023-41999, CVE-2023-42000) in its Unified Data Protection (UDP) solution, PoCs for which have been published by Tenable researchers on Monday. The vulnerabilities Arcserve UDP is a popular enterprise data protection, backup and disaster recovery solution

React to this headline:

Loading spinner

PoCs for critical Arcserve UDP vulnerabilities released Read More »

Google fixes Chrome zero day exploited in the wild (CVE-2023-6345)

Chrome, Don't miss, exploit, Google, Hot stuff, News, security update, vulnerability /

Google fixes Chrome zero day exploited in the wild (CVE-2023-6345) 29/11/2023 at 14:46 By Helga Labus Google has released an urgent security update to fix a number of vulnerabilities in Chrome browser, including a zero-day vulnerability (CVE-2023-6345) that is being actively exploited in the wild. About CVE-2023-6345 CVE-2023-6345, reported by Benoît Sevens and Clément Lecigne

React to this headline:

Loading spinner

Google fixes Chrome zero day exploited in the wild (CVE-2023-6345) Read More »

Okta breach: Hackers stole info on ALL customer support users

authentication, data breach, Don't miss, Hot stuff, News, Okta, phishing, privileged identity, social engineering /

Okta breach: Hackers stole info on ALL customer support users 29/11/2023 at 14:16 By Zeljka Zorz The scope of the recent breach of the Okta customer support system is much wider than initially established, the company has admitted on Tuesday: the attackers downloaded a report that contained the names and email addresses of all Okta

React to this headline:

Loading spinner

Okta breach: Hackers stole info on ALL customer support users Read More »

5 resolutions to prepare for SEC’s new cyber disclosure rules

CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, opinion, Radware, Risk Management, threat /

5 resolutions to prepare for SEC’s new cyber disclosure rules 29/11/2023 at 08:32 By Help Net Security 2023 has been marked as a year of global conflict and unrest, all of which will impact the cyber threat landscape for years to come. However, one of the most significant cyber security developments for 2024 isn’t driven

React to this headline:

Loading spinner

5 resolutions to prepare for SEC’s new cyber disclosure rules Read More »

Strategies for cultivating a supportive culture in zero-trust adoption

authentication, automation, CIO, CISA, Cisco, CISO, cybersecurity, Don't miss, Features, Hot stuff, identity, News, NIST, opinion, SOAR, strategy, zero trust /

Strategies for cultivating a supportive culture in zero-trust adoption 29/11/2023 at 08:01 By Mirko Zorz In this Help Net Security interview, Wolfgang Goerlich, Advisory CISO at Cisco, discusses the benefits of implementing a mature zero-trust model for both security and business outcomes, revealing a decrease in reported security incidents and enhanced adaptability. Goerlich emphasizes the

React to this headline:

Loading spinner

Strategies for cultivating a supportive culture in zero-trust adoption Read More »

Enterprises prepare for the inevitable cyber attack

Commvault, cyber resilience, cybersecurity, Don't miss, Hot stuff, Risk Management, Threat Intelligence, Video /

Enterprises prepare for the inevitable cyber attack 29/11/2023 at 07:31 By Help Net Security Recent IDC research shows that in many cases, senior executives/line-of-business leaders are minimally engaged in their company’s cyber preparedness initiatives. In fact, 52% of senior leaders have no involvement in their company’s cyber cases. In this Help Net Security video, Rahul

React to this headline:

Loading spinner

Enterprises prepare for the inevitable cyber attack Read More »

Vigil: Open-source LLM security scanner

Artificial Intelligence, Don't miss, GitHub, Hot stuff, News, Python, scanning /

Vigil: Open-source LLM security scanner 29/11/2023 at 07:01 By Mirko Zorz Vigil is an open-source security scanner that detects prompt injections, jailbreaks, and other potential threats to Large Language Models (LLMs). Prompt injection arises when an attacker successfully influences an LLM using specially designed inputs. This leads to the LLM unintentionally carrying out the objectives

React to this headline:

Loading spinner

Vigil: Open-source LLM security scanner Read More »

Slovenian power company hit by ransomware

Barrier Networks, critical infrastructure, Don't miss, energy sector, EU, Hot stuff, News, Ransomware /

Slovenian power company hit by ransomware 28/11/2023 at 18:17 By Helga Labus Slovenian power generation company Holding Slovenske Elektrarne (HSE) has been hit by ransomware and has had some of its data encrypted. The attack HSE is a state-owned company that controls numerous hydroelectric, thermal and coal-fired power plants. The company has declined to share

React to this headline:

Loading spinner

Slovenian power company hit by ransomware Read More »

Critical ownCloud flaw under attack (CVE-2023-49103)

Don't miss, GreyNoise, Hot stuff, News, ownCloud, SANS ISC, vulnerability /

Critical ownCloud flaw under attack (CVE-2023-49103) 28/11/2023 at 14:17 By Zeljka Zorz Attackers are trying to exploit a critical information disclosure vulnerability (CVE-2023-49103) in ownCloud, a popular file sharing and collaboration platform used in enterprise settings. Greynoise and SANS ISC say attemps have been first spotted over the weekend, though Dr. Johannes Ullrich, Dean of

React to this headline:

Loading spinner

Critical ownCloud flaw under attack (CVE-2023-49103) Read More »

SMBs face surge in “malware free” attacks

BEC scams, Don't miss, Hot stuff, Huntress, Malware, News, Ransomware, remote management, SMBs, trends /

SMBs face surge in “malware free” attacks 28/11/2023 at 12:51 By Helga Labus “Malware free” attacks, attackers’ increased reliance on legitimate tools and scripting frameworks, and BEC scams were the most prominent threats small and medium businesses (SMBs) faced in Q3 2023, says the inaugural SMB Threat Report by Huntress, a company that provides a

React to this headline:

Loading spinner

SMBs face surge in “malware free” attacks Read More »

Stop panic buying your security products and start prioritizing

cybersecurity, CYE, Data Protection, Don't miss, Expert analysis, Expert corner, Hot stuff, investment, opinion /

Stop panic buying your security products and start prioritizing 28/11/2023 at 09:02 By Help Net Security As 2024 is rounding the corner, many companies are making a fresh start with a new cybersecurity budget. But with the growing number of cyberattacks and their increasingly complex nature, even those companies whose cybersecurity budgets have gone up

React to this headline:

Loading spinner

Stop panic buying your security products and start prioritizing Read More »

How passkeys are reshaping user security and convenience

1Password, authentication, CISO, cybersecurity, Don't miss, Features, Hot stuff, MFA, News, opinion, passwordless, passwords, strategy, tips /

How passkeys are reshaping user security and convenience 28/11/2023 at 08:34 By Mirko Zorz In this Help Net Security interview, Anna Pobletts, Head of Passwordless at 1Password, talks about passkey adoption and its acceleration in 2024. This trend is particularly notable among highly-regulated services like fintech and banking, where users seek a sign-in experience that

React to this headline:

Loading spinner

How passkeys are reshaping user security and convenience Read More »

Guarding the gateway: Securing dispersed networks

Cloud, cybersecurity, Don't miss, Hot stuff, Netography, network, Video /

Guarding the gateway: Securing dispersed networks 28/11/2023 at 08:00 By Help Net Security The network is at an inflection point, and organizations’ networks have become more dispersed amongst the cloud and on-prem, prompting a greater need for visibility today than ever. As the nature of the network shifts, teams face challenges securing their organization’s infrastructure,

React to this headline:

Loading spinner

Guarding the gateway: Securing dispersed networks Read More »

Scroll to Top