Hot stuff

Zoom CISO Michael Adams discusses cybersecurity threats, solutions, and the future

cybersecurity, Don't miss, Features, Hot stuff, News, opinion, remote working, strategy, Zoom /

Zoom CISO Michael Adams discusses cybersecurity threats, solutions, and the future 07/08/2023 at 07:32 By Mirko Zorz In this exclusive Help Net Security interview, we delve into the world of cybersecurity with Michael Adams, the CISO at Zoom. Adams analyzes how organizations grapple with the effects of workforce shortages and remote work complications, offering insights […]

React to this headline:

Loading spinner

Zoom CISO Michael Adams discusses cybersecurity threats, solutions, and the future Read More »

Navigating the gray zone of ransomware payment practices

CISO, cybercrime, cybercriminals, cybersecurity, Don't miss, Hot stuff, how-to, Malware, Ransomware, strategy, tips, Video /

Navigating the gray zone of ransomware payment practices 07/08/2023 at 06:33 By Help Net Security Ransomware remains a lucrative tool for cybercriminals as attackers continue to target a wide array of businesses. In response to this growing threat, an increasing number of organizations are compelled to meet ransom demands, perceiving it as their only viable

React to this headline:

Loading spinner

Navigating the gray zone of ransomware payment practices Read More »

Top 12 vulnerabilities routinely exploited in 2022

ACSC, CISA, Don't miss, exploit, FBI, Hot stuff, NCSC, News, trends, vulnerability /

Top 12 vulnerabilities routinely exploited in 2022 04/08/2023 at 16:31 By Helga Labus Cybersecurity agencies from member countries of the Five Eyes intelligence alliance have released a list of the top 12 vulnerabilities routinely exploited in 2022, plus 30 additional ones also “popular” with attackers. The top 12 “In 2022, malicious cyber actors exploited older

React to this headline:

Loading spinner

Top 12 vulnerabilities routinely exploited in 2022 Read More »

Google makes removal of personal user info from Search easier

Don't miss, Google, Hot stuff, News, Privacy, search engine, user, user data /

Google makes removal of personal user info from Search easier 04/08/2023 at 13:17 By Helga Labus Google is making it easier for users to remove personal contact information and personal, non-consensual explicit imagery from Google search results. “Of course, removing content from Google Search does not remove it from the web or other search engines,

React to this headline:

Loading spinner

Google makes removal of personal user info from Search easier Read More »

August 2023 Patch Tuesday forecast: Software security improvements

Adobe, apple, CISA, Don't miss, Expert analysis, FIRST, Hot stuff, Ivanti, Microsoft, Mozilla, News, Patch Tuesday /

August 2023 Patch Tuesday forecast: Software security improvements 04/08/2023 at 12:17 By Help Net Security The continued onslaught of phishing attacks, ransomware deployment, and other exploitation is forcing the community to pay closer attention to early identification, as well as fast response, to vulnerabilities in their software. In July alone Microsoft addressed 84 CVEs in

React to this headline:

Loading spinner

August 2023 Patch Tuesday forecast: Software security improvements Read More »

Multi-modal data protection with AI’s help

Artificial Intelligence, cybersecurity, data, Data Protection, Don't miss, Expert analysis, Expert corner, Hot stuff, opinion, Zscaler /

Multi-modal data protection with AI’s help 04/08/2023 at 08:02 By Help Net Security Cybersecurity risk is distinct from other IT risk in that it has a thinking, adaptive, human opponent. IT generally must deal with first order chaos and risk much like hurricanes in meteorology or viruses in biology: complex and dangerous – but fundamentally

React to this headline:

Loading spinner

Multi-modal data protection with AI’s help Read More »

The direct impact of cyberattacks on patient safety and care delivery

cyberattack, cybersecurity, data, Don't miss, Features, Health3PT, healthcare, Hot stuff, Memorial Sloan Kettering Cancer Center, News, opinion, Ransomware /

The direct impact of cyberattacks on patient safety and care delivery 04/08/2023 at 07:02 By Help Net Security As the healthcare industry continues its rapid transformation through the adoption of digital technologies, it is also confronted with an ever-expanding range of cybersecurity threats. In this Help Net Security interview, Dr. Omar Sangurima, Principal Technical Program

React to this headline:

Loading spinner

The direct impact of cyberattacks on patient safety and care delivery Read More »

Russian APT phished government employees via Microsoft Teams

APT, Don't miss, Government, government-backed attacks, Hot stuff, Microsoft, Microsoft Teams, News, phishing, social engineering /

Russian APT phished government employees via Microsoft Teams 03/08/2023 at 15:17 By Zeljka Zorz An APT group linked to Russia’s Foreign Intelligence Service has hit employees of several dozen global organizations with phishing attacks via Microsoft Teams, says Microsoft. A social engineering attack to bypass MFA protection “To facilitate their attack, the actor uses Microsoft

React to this headline:

Loading spinner

Russian APT phished government employees via Microsoft Teams Read More »

Ivanti discloses another vulnerability in MobileIron Core (CVE-2023-35082)

0-day, Don't miss, endpoint management, Hot stuff, Ivanti, MobileIron, News, Rapid7, security update, vulnerability /

Ivanti discloses another vulnerability in MobileIron Core (CVE-2023-35082) 03/08/2023 at 13:46 By Helga Labus Ivanti has disclosed a critical vulnerability (CVE-2023-35082) affecting old, out-of-support versions of MobileIron Core, an enterprise device solution that has since been rebranded to Ivanti Endpoint Manager Mobile (EPMM). “The vulnerability was incidentally resolved in MobileIron Core 11.3 as part of

React to this headline:

Loading spinner

Ivanti discloses another vulnerability in MobileIron Core (CVE-2023-35082) Read More »

Google’s AI Red Team: Advancing cybersecurity on the AI frontier

Artificial Intelligence, cybersecurity, Don't miss, Features, Google, Hot stuff, machine learning, News, opinion, red team /

Google’s AI Red Team: Advancing cybersecurity on the AI frontier 03/08/2023 at 08:02 By Help Net Security With the rise of ML, traditional red teams tasked with probing and exposing security vulnerabilities found themselves facing a new set of challenges that required a deep and comprehensive understanding of machine learning. Google’s recent announcement about the

React to this headline:

Loading spinner

Google’s AI Red Team: Advancing cybersecurity on the AI frontier Read More »

How local governments can combat cybercrime

CISO, cybercrime, Don't miss, Government, Hot stuff, how-to, strategy, tips, Video /

How local governments can combat cybercrime 03/08/2023 at 07:01 By Help Net Security Amid a recent uptick in cybercrime on local governments, cities have been left to recover for months after the initial attack. For example, leaders in Dallas, Texas are ready to spend months recovering from an attack that hindered the city’s 911 emergency

React to this headline:

Loading spinner

How local governments can combat cybercrime Read More »

Attackers can turn AWS SSM agents into remote access trojans

AWS, cloud computing, cloud security, Don't miss, enterprise, Hot stuff, Mitiga, News, Remote Access Trojan, research /

Attackers can turn AWS SSM agents into remote access trojans 02/08/2023 at 16:02 By Zeljka Zorz Mitiga researchers have documented a new post-exploitation technique attackers can use to gain persistent remote access to AWS Elastic Compute Cloud (EC2) instances (virtual servers), as well as to non-EC2 machines (e.g., on-premises enterprise servers and virtual machines, and

React to this headline:

Loading spinner

Attackers can turn AWS SSM agents into remote access trojans Read More »

Delivering privacy in a world of pervasive digital surveillance: Tor Project’s Executive Director speaks out

anonymity, censorship, consumer, Don't miss, Features, Hot stuff, News, Privacy, surveillance, Tor Project /

Delivering privacy in a world of pervasive digital surveillance: Tor Project’s Executive Director speaks out 02/08/2023 at 08:02 By Zeljka Zorz The overarching mission of the US-based non-profit organization the Tor Project is to advance human rights and make open-source, privacy preserving software available to people globally, so that they can browse the internet privately,

React to this headline:

Loading spinner

Delivering privacy in a world of pervasive digital surveillance: Tor Project’s Executive Director speaks out Read More »

From tech expertise to leadership: Unpacking the role of a CISO

CISO, cybersecurity, data, Data Protection, Don't miss, Features, GoTo, Hot stuff, how-to, News, opinion, strategy, tips /

From tech expertise to leadership: Unpacking the role of a CISO 02/08/2023 at 07:34 By Mirko Zorz In this Help Net Security interview, Attila Török, CISO at GoTo, discusses how to balance technical expertise and leadership and how he navigates the rapidly evolving technological landscape. We also delve into the key challenges faced in communicating

React to this headline:

Loading spinner

From tech expertise to leadership: Unpacking the role of a CISO Read More »

Android n-day bugs pose zero-day threat

0-day, Android, Don't miss, Google, Hot stuff, News, patching, vulnerability /

Android n-day bugs pose zero-day threat 01/08/2023 at 14:17 By Helga Labus In the Android ecosystem, n-day vulnerabilities are almost as dangerous as zero-days, according to Google’s review of zero-days exploited in the wild in 2022. N-days functioning as zero-days Zero-days are software bugs that are unknown to the vendor but known to – and

React to this headline:

Loading spinner

Android n-day bugs pose zero-day threat Read More »

US government outlines National Cyber Workforce and Education Strategy

Cloud Range, cyber resilience, cybersecurity talent, Cyversity, Don't miss, education, Government, Hot stuff, ISSA, News, skill development, strategy, training, USA /

US government outlines National Cyber Workforce and Education Strategy 01/08/2023 at 14:03 By Zeljka Zorz After the release of a National Cybersecurity Strategy and its implementation plan, the Biden-Harris Administration has unveiled the National Cyber Workforce and Education Strategy (NCWES), “aimed at addressing both immediate and long-term cyber workforce needs.” The National Cyber Workforce and

React to this headline:

Loading spinner

US government outlines National Cyber Workforce and Education Strategy Read More »

Keeping the cloud secure with a mindset shift

Cloud, cloud security, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Illumio, opinion /

Keeping the cloud secure with a mindset shift 01/08/2023 at 08:02 By Help Net Security Gartner estimates that in 2023 worldwide end-user spending on public cloud services will grow by 21.7% and hit nearly $600 billion. Even as the economic downturn has most businesses looking for ways to tighten their belts, the cloud remains one

React to this headline:

Loading spinner

Keeping the cloud secure with a mindset shift Read More »

Strategies for ensuring compliance and security in outdated healthcare IT systems

CIO, CISO, cybersecurity, Don't miss, Hot stuff, how-to, legacy technology, strategy, tips, Video /

Strategies for ensuring compliance and security in outdated healthcare IT systems 01/08/2023 at 07:02 By Help Net Security With the average price tag for a healthcare data breach at an all-time high, the overall financial damage to an organization is high regarding economic loss and reputation repair. According to the Cybersecurity and Infrastructure Security Agency

React to this headline:

Loading spinner

Strategies for ensuring compliance and security in outdated healthcare IT systems Read More »

Ivanti fixes second zero-day exploited by attackers (CVE-2023-35081)

0-day, Don't miss, endpoint management, enterprise, Hot stuff, Ivanti, Mnemonic, MobileIron, News, security update, vulnerability /

Ivanti fixes second zero-day exploited by attackers (CVE-2023-35081) 31/07/2023 at 16:32 By Helga Labus Another actively exploited zero-day vulnerability (CVE-2023-35081) affecting Ivanti Endpoint Manager Mobile (EPMM) has been identified and fixed. The first zero-day spotted Last week, we reported on a remote unauthenticated API access vulnerability (CVE-2023-35078) affecting Ivanti EPMM having been exploited to target

React to this headline:

Loading spinner

Ivanti fixes second zero-day exploited by attackers (CVE-2023-35081) Read More »

New persistent backdoor used in attacks on Barracuda ESG appliances

backdoor, Barracuda Networks, CISA, Don't miss, exploit, Hot stuff, News, vulnerability /

New persistent backdoor used in attacks on Barracuda ESG appliances 31/07/2023 at 13:32 By Helga Labus The Cybersecurity and Infrastructure Agency (CISA) has published an analysis report on the backdoors dropped by attackers exploiting CVE-2023-2868, a remote command injection vulnerability in Barracuda Email Security Gateway (ESG) appliances. Barracuda ESG zero-day exploit and backdoors In late

React to this headline:

Loading spinner

New persistent backdoor used in attacks on Barracuda ESG appliances Read More »

Scroll to Top