1 in 5 executives question their own data protection programs 24/11/2023 at 08:01 By Help Net Security In this Help Net Security video, Tanneasha Gordon, Deloitte Risk & Financial Advisory’s data & privacy leader, discusses how many executives realize that trust is crucial to driving brand value and earning sustained customer loyalty. Privacy programs, data […]
1 in 5 executives question their own data protection programs Read More »
New horizons in cyber protection with 2024 trends to watch 23/11/2023 at 08:02 By Help Net Security 2023 proved to be another challenging year for companies combating supply chain security and breaches. The 2024 outlook could be worse as attacks become increasingly sophisticated. In this Help Net Security video, Fei Huang, VP of Security Strategy
New horizons in cyber protection with 2024 trends to watch Read More »
How LockBit used Citrix Bleed to breach Boeing and other targets 22/11/2023 at 16:47 By Zeljka Zorz CVE-2023-4966, aka “Citrix Bleed”, has been exploited by LockBit 3.0 affiliates to breach Boeing’s parts and distribution business, and “other trusted third parties have observed similar activity impacting their organization,” cybersecurity and law enforcement officials have confirmed on
How LockBit used Citrix Bleed to breach Boeing and other targets Read More »
Microsoft announces Defender bug bounty program 22/11/2023 at 14:47 By Helga Labus Microsoft has announced a new bug bounty program aimed at unearthing vulnerabilities in Defender-related products and services, and is offering participants the possibility to earn up to $20,000 for the most critical bugs. The Microsoft Defender bug bounty program Microsoft Defender includes various
Microsoft announces Defender bug bounty program Read More »
CISA offers cybersecurity services to non-federal orgs in critical infrastructure sector 22/11/2023 at 12:47 By Helga Labus The Cybersecurity and Infrastructure Security Agency (CISA) has announced a pilot program that aims to offer cybersecurity services to critical infrastructure entities as they have become a common target in cyberattacks. “In alignment with CISA’s ‘Target Rich, Resource
CISA offers cybersecurity services to non-federal orgs in critical infrastructure sector Read More »
CISOs can marry security and business success 22/11/2023 at 08:33 By Help Net Security With an endless string of cyber fires to be put out, it’s easy to forget that the cybersecurity function in an organization doesn’t exist in a vacuum. Its main purpose is to ensure the organization succeeds, and that’s the reason CISOs
CISOs can marry security and business success Read More »
Why boards must prioritize cybersecurity expertise 22/11/2023 at 08:02 By Help Net Security In this Help Net Security video, Graeme Payne, US Advisory Service Leader at Kudelski Security, discusses how, with the incredible number of complex threats facing modern businesses, board members must take an increased role in cybersecurity decisions – or face the consequences.
Why boards must prioritize cybersecurity expertise Read More »
Apache ActiveMQ bug exploited to deliver Kinsing malware 21/11/2023 at 15:02 By Helga Labus Attackers are exploiting a recently fixed vulnerability (CVE-2023-46604) in Apache ActiveMQ to install Kinsing malware and cryptocurrency miners on targeted Linux systems. CVE-2023-46604 exploitation Apache ActiveMQ is a popular Java-based open source message broker that allows communication between applications and services
Apache ActiveMQ bug exploited to deliver Kinsing malware Read More »
The shifting sands of the war against cyber extortion 21/11/2023 at 14:33 By Zeljka Zorz Ransomware and cyber extortion attacks aimed at organizations are not letting up. Occasionally, they even come in pairs. The often large and sometimes massive ransomware recovery costs companies incur when they decide not to meet the demands deter many other
The shifting sands of the war against cyber extortion Read More »
Segmentation proves crucial for fast response to security incidents 21/11/2023 at 08:04 By Help Net Security In this Help Net Security video, Steve Winterfeld, Advisory CISO at Akamai, discusses the recent surge of ransomware attacks in the U.S. and how it relates to microsegmentation. Recovery after a security breach happens 11 hours faster with segmentation.
Segmentation proves crucial for fast response to security incidents Read More »
Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671) 20/11/2023 at 14:47 By Helga Labus CISA has added three vulnerabilities to its Known Exploited Vulnerabilities catalog, among them a critical vulnerability (CVE-2023-1671) in Sophos Web Appliance that has been patched by the company in April 2023. About CVE-2023-1671 CVE-2023-1671 is a pre-auth command injection vulnerability
Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671) Read More »
MFA under fire, attackers undermine trust in security measures 20/11/2023 at 08:31 By Help Net Security In this Help Net Security video, Renée Burton, Head of Threat Intelligence at Infoblox, discusses MFA attacks. MFA adds security to online accounts, but MFA lookalikes are a real threat to consumers and enterprises. Consumers have come to trust
MFA under fire, attackers undermine trust in security measures Read More »
Transforming cybersecurity from reactive to proactive with attack path analysis 17/11/2023 at 08:03 By Help Net Security An attack path is important to prioritize potential risks in cloud environments. The attack path offers the ability to look at cloud environments from the attacker’s perspective. With today’s general awareness and concerted effort toward cybersecurity, cybercriminals rarely
Transforming cybersecurity from reactive to proactive with attack path analysis Read More »
Review: Cyberbunker: The Criminal Underworld 16/11/2023 at 08:31 By Helga Labus Written and directed by Kilian Lieb and Max Rainer, Cyberbunker is a Netflix documentary about a group of hackers that enabled the proliferation of dark web forums where illegal materials were bought and sold. Cyberbunker: The Criminal Underworld The documentary begins with a special
Review: Cyberbunker: The Criminal Underworld Read More »
Cyber insurance predictions for 2024 16/11/2023 at 08:01 By Help Net Security In this Help Net Security video, Dara Gibson, Senior Cyber Insurance Manager at Optiv, discusses cyber insurance and what we should expect to see in 2024: Ransomware, BEC, and pixel privacy claims will remain at the forefront of cyber insurance claims Cyber insurance
Cyber insurance predictions for 2024 Read More »
Crypto asset discovery and the post-quantum migration 15/11/2023 at 09:33 By Help Net Security Quantum computing is reshaping our world and will revolutionize many industries, including materials science, life sciences, transportation, and energy. Google recently demonstrated the power of quantum computers by solving a problem in seconds that today’s supercomputers require nearly 50 years to
Crypto asset discovery and the post-quantum migration Read More »
Modeling organizations’ defensive mechanisms with MITRE D3FEND 15/11/2023 at 09:02 By Mirko Zorz Funded by the National Security Agency, MITRE’s D3FEND framework is helping to provide standardization, specificity, and repeatability needed by cybersecurity engineers. As the framework moves from the beta version to version 1.0 in 2024, we asked D3FEND creator Peter Kaloroumakis how D3FEND
Modeling organizations’ defensive mechanisms with MITRE D3FEND Read More »
Enhancing mainframe security with proven best practices 15/11/2023 at 08:35 By Help Net Security Mainframe systems have served as the bedrock of enterprise networks for years, standing unmatched in terms of reliability, scalability, and data protection. However, security risks have become a pressing concern as the digital landscape evolves, emerging practices like DevOps, the rise
Enhancing mainframe security with proven best practices Read More »
Danish energy sector hit by a wave of coordinated cyberattacks 14/11/2023 at 21:16 By Helga Labus The Danish energy sector has suffered what is believed to be the most extensive cyberattack in Danish history, according to SektorCERT. Danish energy sector under attack SektorCERT, an organization owned and funded by Danish critical infrastructure (CI) companies, uses
Danish energy sector hit by a wave of coordinated cyberattacks Read More »
Juniper networking devices under attack 14/11/2023 at 16:46 By Zeljka Zorz CISA has ordered US federal agencies to patch five vulnerabilities used by attackers to compromise Juniper networking devices, and to do so by Friday. Most of these bugs are not particularly severe by themselves, but they can be – and have been – chained
Juniper networking devices under attack Read More »