Hot stuff

Meta plans to prevent disinformation and AI-generated content from influencing voters

Artificial Intelligence, disinformation, Don't miss, EU, Facebook, Hot stuff, Instagram, LLMs, Meta, News, social media, social networking, TikTok, Twitter, WhatsApp /

Meta plans to prevent disinformation and AI-generated content from influencing voters 2024-02-27 at 14:50 By Zeljka Zorz Meta, the company that owns some of the biggest social networks in use today, has explained how it means to tackle disinformation related to the upcoming EU Parliament elections, with a special emphasis on how it plans to […]

Meta plans to prevent disinformation and AI-generated content from influencing voters Read More »

APT29 revamps its techniques to breach cloud environments

APT, CISA, cloud security, cybercrime, Don't miss, FBI, Hot stuff, NCSC, News, NSA, threat /

APT29 revamps its techniques to breach cloud environments 2024-02-27 at 14:16 By Helga Labus Russian threat actors APT29 are changing their techniques and expanding their targets to access cloud environments, members of the Five Eyes intelligence alliance have warned. About APT29 APT29 (aka Midnight Blizzard, aka Cozy Bear) is a cyber espionage group believed to

APT29 revamps its techniques to breach cloud environments Read More »

NIST CSF 2.0 released, to help all organizations, not just those in critical infrastructure

Aspen Cybersecurity Group, CISO, Don't miss, framework, Government, Hot stuff, News, NIST, regulation, ReversingLabs, Risk Management /

NIST CSF 2.0 released, to help all organizations, not just those in critical infrastructure 2024-02-27 at 08:20 By Help Net Security The National Institute of Standards and Technology (NIST) has updated its widely utilized Cybersecurity Framework (CSF), a key document for mitigating cybersecurity risks. The latest version, 2.0, is tailored to cater to a broad

NIST CSF 2.0 released, to help all organizations, not just those in critical infrastructure Read More »

Using AI to reduce false positives in secrets scanners

API security, Artificial Intelligence, authentication, credentials, cybersecurity, Don't miss, Expert analysis, Expert corner, Features, Hot stuff, Legit Security, News, opinion, SSH /

Using AI to reduce false positives in secrets scanners 2024-02-27 at 08:02 By Help Net Security As development environments grow more complex, applications increasingly communicate with many external services. When a software development project communicates with an external service, it utilizes a token or “secret” for authentication. These tokens are the glue that keeps any

Using AI to reduce false positives in secrets scanners Read More »

Overcoming the pressures of cybersecurity startup leadership

CEO, cybersecurity, Don't miss, Dope Security, Features, Hot stuff, Innovation, News, opinion, security startup /

Overcoming the pressures of cybersecurity startup leadership 2024-02-27 at 07:32 By Mirko Zorz In this Help Net Security interview, Kunal Agarwal, CEO at Dope Security, offers a look into the CEO’s leadership philosophy, the process of building a high-caliber team, and the unique challenges of navigating a startup in the tech industry. Dope Security was

Overcoming the pressures of cybersecurity startup leadership Read More »

Does AI remediation spell the end for developers in 2024?

Artificial Intelligence, cybersecurity, Don't miss, Hot stuff, remediation, Secure Code Warrior, software development, Video /

Does AI remediation spell the end for developers in 2024? 2024-02-27 at 07:03 By Help Net Security Big tech firms are already rolling out AI remediation tools to prevent developers from introducing security risks into the software development lifecycle (SDLC). In this Help Net Security video, Matias Madou, CTO at Secure Code Warrior, discusses how

Does AI remediation spell the end for developers in 2024? Read More »

Pikabot returns with new tricks up its sleeve

Don't miss, Elastic, Hot stuff, Malware, News, phishing, Zscaler /

Pikabot returns with new tricks up its sleeve 2024-02-26 at 15:32 By Helga Labus After a short hiatus, Pikabot is back, with significant updates to its capabilities and components and a new delivery campaign. About the Pikabot loader Pikabot is a loader – a type of malware whose primary function is to serve as a

Pikabot returns with new tricks up its sleeve Read More »

ScreenConnect flaws exploited to deliver all kinds of malware (CVE-2024-1709, CVE-2024-1708)

ConnectWise, Don't miss, enterprise, exploit, Hot stuff, Huntress, Malware, Mandiant, News, Ransomware, remote access, remote management, Sophos, vulnerability /

ScreenConnect flaws exploited to deliver all kinds of malware (CVE-2024-1709, CVE-2024-1708) 2024-02-26 at 13:36 By Zeljka Zorz The recently patched vulnerabilities (CVE-2024-1709, CVE-2024-1708) in ConnectWise ScreenConnect software are being exploited by numerous attackers to deliver a variety of malicious payloads. About ConnectWise ScreenConnect ConnectWise ScreenConnect is a remote desktop solution consisting of server and client

ScreenConnect flaws exploited to deliver all kinds of malware (CVE-2024-1709, CVE-2024-1708) Read More »

Web Check: Open-source intelligence for any website

cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, OSINT, penetration testing, web analytics, web technologies /

Web Check: Open-source intelligence for any website 2024-02-26 at 08:02 By Mirko Zorz Web Check offers thorough open-source intelligence and enables users to understand a website’s infrastructure and security posture, equipping them with the knowledge to understand, optimize, and secure their online presence. Unlike similar services, Web Check is free. There’s no signup, tracking, logging,

Web Check: Open-source intelligence for any website Read More »

It’s time for security operations to ditch Excel

automation, Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, Opus Security, security operations, threats /

It’s time for security operations to ditch Excel 2024-02-26 at 07:33 By Help Net Security Security teams are hiding an embarrassing secret from the outside world: despite their position at the vanguard of technology, security risks and threats, their actual war plans are managed on spreadsheets. This is a far cry from the dark rooms,

It’s time for security operations to ditch Excel Read More »

Microsoft begins broadening free cloud logging capabilities

CISA, cloud security, Don't miss, Government, Hot stuff, logging, Microsoft, News, USA /

Microsoft begins broadening free cloud logging capabilities 2024-02-22 at 14:47 By Helga Labus After select US federal agencies tested Microsoft’s expanded cloud logging capabilities for six months, Microsoft is now making them available to all agencies using Microsoft Purview Audit – regardless of license tier. “This change will impact government departments & agencies who do

Microsoft begins broadening free cloud logging capabilities Read More »

Attackers exploiting ConnectWise ScreenConnect flaws, fixes available for all users (CVE-2024-1709, CVE-2024-1708)

ConnectWise, Don't miss, exploit, Hot stuff, Huntress, MSP, News, Palo Alto Networks, PoC, remote access, remote management, Shadowserver, vulnerability, WatchTowr /

Attackers exploiting ConnectWise ScreenConnect flaws, fixes available for all users (CVE-2024-1709, CVE-2024-1708) 2024-02-22 at 12:31 By Zeljka Zorz The two ScreenConnect vulnerabilities ConnectWise has recently urged customers to patch have finally been assigned CVE numbers: CVE-2024-1709 for the authentication bypass, CVE-2024-1708 for the path traversal flaw. ConnectWise has also released a newer version of ScreenConnect

Attackers exploiting ConnectWise ScreenConnect flaws, fixes available for all users (CVE-2024-1709, CVE-2024-1708) Read More »

A step-by-step plan for safe use of GenAI models for software development

Artificial Intelligence, ChatGPT, Compliance, cybersecurity, data security, Don't miss, Expert analysis, Expert corner, generative AI, Hot stuff, News, opinion, Privacy, risk, software development, Solvd /

A step-by-step plan for safe use of GenAI models for software development 2024-02-22 at 08:01 By Help Net Security If you are a large-scale company, the recent AI boom hasn’t escaped your notice. Today AI is assisting in a large array of development-related and digital-related tasks, from content generation to automation and analysis. The development

A step-by-step plan for safe use of GenAI models for software development Read More »

Wire fraud scams escalate in real estate deals

CertifID, communication, cybersecurity, Don't miss, fraud, Hot stuff, identity verification, Insurance, real estate sector, Video /

Wire fraud scams escalate in real estate deals 2024-02-22 at 07:01 By Help Net Security In this Help Net Security video, Tyler Adams, CEO at CertifID, illustrates how the real estate sector needs to invest significant effort in educating consumers and implementing protective measures to safeguard real estate transactions. Recent CertifID research found that median

Wire fraud scams escalate in real estate deals Read More »

VMware pushes admins to uninstall vulnerable, deprecated vSphere plugin (CVE-2024-22245, CVE-2024-22250)

cloud computing, CVE, Don't miss, enterprise, Hot stuff, hybrid cloud, News, Pen Test Partners, virtualization, VMWare, vulnerability /

VMware pushes admins to uninstall vulnerable, deprecated vSphere plugin (CVE-2024-22245, CVE-2024-22250) 2024-02-21 at 15:01 By Zeljka Zorz VMware Enhanced Authentication Plug-in (EAP), a plugin for VMware vSphere, has two vulnerabilities (CVE-2024-22245, CVE-2024-22250) that could be exploited by attackers to mount authentication relay and session hijack attacks. The vulnerabilities haven’t been and won’t be fixed. Instead,

VMware pushes admins to uninstall vulnerable, deprecated vSphere plugin (CVE-2024-22245, CVE-2024-22250) Read More »

10 cybersecurity startups to watch in 2024

Binarly, cybersecurity, Datadog, Dataiku, Don't miss, Dope Security, Filigran, Gomboc, Google, Hot stuff, KTrust, Lakera, Mitigant, News, Palo Alto Networks, Qevlar AI, Radiant Security, Risk Ledger, Snyk /

10 cybersecurity startups to watch in 2024 2024-02-21 at 08:01 By Mirko Zorz At Help Net Security, we’ve been following the cybersecurity business landscape closely for the past 25 years. Through our Industry News section, we’ve been tracking the pulse of the cybersecurity world, bringing you product news from companies worldwide. Certain vendors have consistently

10 cybersecurity startups to watch in 2024 Read More »

TruffleHog: Open-source solution for scanning secrets

authentication, cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, scanning, software /

TruffleHog: Open-source solution for scanning secrets 2024-02-21 at 07:31 By Mirko Zorz TruffleHog is an open-source scanner that identifies and addresses exposed secrets throughout your entire technology stack. “TruffleHog was originally a research tool I independently authored in 2016. When I published it, no tools were scanning Git revision history for secrets. My hunch was

TruffleHog: Open-source solution for scanning secrets Read More »

A closer look at Israeli cybersecurity funding and M&A activity in 2023

cybersecurity, Don't miss, generative AI, Hot stuff, identity, risk assessment, security startup, Video, YL Ventures /

A closer look at Israeli cybersecurity funding and M&A activity in 2023 2024-02-21 at 07:01 By Help Net Security Last year was challenging for the global market, and the market downturn greatly affected even the historically resilient cybersecurity ecosystem. In this Help Net Security video, Merav Ben Avi, Content Manager at YL Ventures, talks about

A closer look at Israeli cybersecurity funding and M&A activity in 2023 Read More »

The importance of a good API security strategy

API security, cyber risk, Don't miss, Hot stuff, News, software development, strategy, threats /

The importance of a good API security strategy 2024-02-21 at 06:32 By Helga Labus In 2024, API requests accounted for 57% of dynamic internet traffic around the globe, according to the Cloudflare 2024 API Security & Management Report, confirming that APIs are a crucial component of modern software development. But with their increased adoption over

The importance of a good API security strategy Read More »

Scroll to Top