4 warning signs that your low-code development needs DevSecOps 14/11/2023 at 09:31 By Help Net Security Low code platforms have democratized development in the enterprise. They improve efficiency and enable companies to do more with less. But as you begin to do more you will start hitting speed bumps that eventually become roadblocks. If your […]
4 warning signs that your low-code development needs DevSecOps Read More »
10 corporate cybersecurity blogs worth your time 14/11/2023 at 09:02 By Help Net Security In this article, we’ve curated a list of insightful corporate cybersecurity blogs that provide analysis and actionable advice to help you keep your company’s digital assets secure. This list is not meant to be exhaustive since thousands of companies have infosec
10 corporate cybersecurity blogs worth your time Read More »
Collaborative strategies are key to enhanced ICS security 14/11/2023 at 08:32 By Mirko Zorz In this Help Net Security interview, Marko Gulan, Cyber Security Consultant at Schneider Electric, discusses the complexities of safeguarding industrial control systems (ICS). Our conversation will explore the importance of cross-departmental collaboration, balancing security with system functionality, and the dynamic nature
Collaborative strategies are key to enhanced ICS security Read More »
Using real-time monitoring to identify and mitigate threats 14/11/2023 at 08:02 By Help Net Security From identifying unusual behavior patterns to detecting unauthorized access, real-time monitoring provides a view of your digital environment, ensuring that threats are spotted and dealt with before they can cause harm. In this Help Net Security video, Costa Tsaousis, CEO
Using real-time monitoring to identify and mitigate threats Read More »
Cyber risk is business risk: Qualys Enterprise TruRisk Platform sets new industry standard 13/11/2023 at 10:33 By Help Net Security In this Help Net Security interview, Sumedh Thakar, President and CEO of Qualys explores the vision behind the Qualys Enterprise TruRisk Platform, a strategic move aimed at redefining how enterprises measure, communicate, and eliminate cyber
Success eludes the International Counter Ransomware Initiative 13/11/2023 at 09:46 By Help Net Security A swing and a miss by the 50 member countries of the International Counter Ransomware Initiative (CRI), headlined by the US, who have confirmed a commitment to collectively address ransomware. Ransomware, as predicted, is growing at tremendous rates and focusing on
Success eludes the International Counter Ransomware Initiative Read More »
The real cost of healthcare cybersecurity breaches 13/11/2023 at 09:33 By Mirko Zorz With each step towards digitalization, from cloud computing to electronic records, the healthcare sector faces mounting risks that threaten not just the privacy but the very wellbeing of patients. In this Help Net Security interview, Taylor Lehmann, Director, Office of the CISO,
The real cost of healthcare cybersecurity breaches Read More »
Building resilience to shield your digital transformation from cyber threats 13/11/2023 at 08:01 By Help Net Security Digital transformation projects are top of mind for enterprises. 91% of businesses are currently engaged in some form of digital initiative. Yet, the average cost of a failed, delayed, or scaled-back digital transformation project is more than $4
Building resilience to shield your digital transformation from cyber threats Read More »
Chinese multinational bank hit by ransomware 10/11/2023 at 14:46 By Helga Labus The state-owned Industrial and Commercial Bank of China (ICBC), which is one of the largest banks in the world, has been hit by a ransomware attack that led to disrupted trades in the US Treasury market. The attack “On November 8, 2023, U.S.
Chinese multinational bank hit by ransomware Read More »
November 2023 Patch Tuesday forecast: Year 21 begins 10/11/2023 at 09:03 By Help Net Security The October forecast for large numbers of CVEs addressed in Windows 10 and 11 and the recent record on the number fixed in Windows Server 2012 was spot on! Microsoft addressed 75 CVEs in Windows 11, 80 in Windows 10,
November 2023 Patch Tuesday forecast: Year 21 begins Read More »
How to withstand the onslaught of cybersecurity threats 10/11/2023 at 08:31 By Help Net Security “We brought a shovel to fight an avalanche.” That’s the sentiment shared by many business leaders, especially CISOs, CIOs and IT leaders as they face the current cybersecurity threat landscape. Like an avalanche, it’s constantly shifting and changing, moving quickly
How to withstand the onslaught of cybersecurity threats Read More »
Rethinking cyber risk: The case against spreadsheets 10/11/2023 at 08:02 By Help Net Security In this Help Net Security video, Christina Hoefer, VP of Global Industrial Enterprise at Forescout, discusses why it is time for manufacturers/OT security leaders to “toss the spreadsheet” regarding their traditional methods of tracking data for cyber risk assessments. She addresses
Rethinking cyber risk: The case against spreadsheets Read More »
Sandworm hackers incapacitated Ukrainian power grid amid missile strike 09/11/2023 at 19:17 By Helga Labus Russia-backed ATP group Sandworm is behind the cyberattack that caused disruption of parts of the Ukrainian power grid in late 2022, according to Mandiant. About Sandworm “Sandworm is a threat actor that has carried out cyber operations in support of
Sandworm hackers incapacitated Ukrainian power grid amid missile strike Read More »
MOVEit hackers leverage new zero-day bug to breach organizations (CVE-2023-47246) 09/11/2023 at 18:01 By Helga Labus A critical zero-day vulnerability (CVE-2023-47246) in the SysAid IT support and management software solution is being exploited by Lace Tempest, a ransomware affiliate known for deploying Cl0p ransomware. Lace Tempest has previously exploited zero-day vulnerability (CVE-2023-34362) in Progress Software’s
MOVEit hackers leverage new zero-day bug to breach organizations (CVE-2023-47246) Read More »
Open-source vulnerability disclosure: Exploitable weak spots 09/11/2023 at 15:17 By Zeljka Zorz Flaws in the vulnerability disclosure process of open-source projects could be exploited by attackers to harvest the information needed to launch attacks before patches are made available, Aqua Security researchers worry. The risk arises from “half-day” and “0.75-day” vulnerabilities “Half-day” vulnerabilities are known
Open-source vulnerability disclosure: Exploitable weak spots Read More »
Security in the impending age of quantum computers 09/11/2023 at 09:02 By Help Net Security Quantum computing is poised to be one of the most important technologies of the 21st century. With global governments having collectively pledged more than $38 billion in public funds for quantum technologies and $2.1 billion of new private capital flowing
Security in the impending age of quantum computers Read More »
Unpacking the challenges of anti-money laundering obligations 09/11/2023 at 08:32 By Help Net Security When managing anti-money laundering (AML) obligations, many challenger banks turn to basic or unproven in-house risk management solutions. Although these solutions can, in some ways, be innovative, they are often built quickly and lack thorough testing, leading to potential vulnerabilities. In
Unpacking the challenges of anti-money laundering obligations Read More »
Microsoft Authenticator suppresses suspicious MFA notifications 08/11/2023 at 17:46 By Helga Labus Microsoft has quietly rolled out a new mechanism that shields users of its mobile Authenticator app from suspicious (and annoying) push notifications triggered by attackers. Preventing attacks relying on MFA fatigue When faced with MFA-protected accounts, threat actors repeatedly try to gain access
Microsoft Authenticator suppresses suspicious MFA notifications Read More »
Sumo Logic discloses potential breach via compromised AWS credential 08/11/2023 at 14:49 By Helga Labus Cloud-native big data and security analytics firm Sumo Logic is investigating a potential security incident within their platform, the company revealed on Tuesday. The Sumo Logic incident “On Friday, November 3rd, 2023, Sumo Logic discovered evidence of a potential security
Sumo Logic discloses potential breach via compromised AWS credential Read More »
The 3 key stages of ransomware attacks and useful indicators of compromise 08/11/2023 at 09:02 By Help Net Security For SOC teams to be able to defend their organization against ransomware attacks, they need to have the right security toolset, but also an understanding of the three primary ransomware attack stages. In this article, we
The 3 key stages of ransomware attacks and useful indicators of compromise Read More »