Hot stuff

PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362)

data theft, Don't miss, exploit, extortion, Horizon3.ai, Hot stuff, Huntress, News, PoC, Progress, Rapid7, UK, USA /

PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362) 13/06/2023 at 14:18 By Zeljka Zorz As more victim organizations of Cl0p gang’s MOVEit rampage continue popping up, security researchers have released a PoC exploit for CVE-2023-34362, the RCE vulnerability exploited by the Cl0p cyber extortion group to plunder confidential data. CVE-2023-34362 PoC exploit released Horizon3 security […]

PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362) Read More »

How to achieve cyber resilience?

CIO, CISO, cyber resilience, cybersecurity, Don't miss, Expert analysis, Expert corner, framework, Hot stuff, Immersive Labs, opinion, threats, training /

How to achieve cyber resilience? 13/06/2023 at 07:32 By Help Net Security Cyber resilience is a leading strategic priority today, and most enterprises are now pursuing programs to bolster their ability to mitigate attacks. Yet despite the importance placed on cyber resilience, many organizations struggle to measure their capabilities or track their progress. They are

How to achieve cyber resilience? Read More »

Quantum computing’s threat to national security

cybersecurity, Don't miss, Government, Hot stuff, Qrypt, quantum computing, strategy, tips, Video /

Quantum computing’s threat to national security 13/06/2023 at 07:02 By Help Net Security In this Help Net Security video, Denis Mandich, CTO at Qrypt, talks about quantum computing. If we thought AI turned security and privacy on their head, quantum computing will break how we encrypt data today and risk revealing sensitive data of citizens,

Quantum computing’s threat to national security Read More »

Building a hyper-connected future with 6G networks

Artificial Intelligence, Capgemini, digital transformation, Don't miss, Features, Hot stuff, networking, News, opinion /

Building a hyper-connected future with 6G networks 13/06/2023 at 06:36 By Mirko Zorz The advent of 6G communication systems brings forth new possibilities and advancements compared to previous generations. With hyper-connectivity and machine-to-machine communication at its core, 6G aims to bridge the gap between humanity and the world of machines. In this Help Net Security

Building a hyper-connected future with 6G networks Read More »

It’s time to patch your MOVEit Transfer solution again!

Don't miss, Hot stuff, Huntress, Kroll, Netcraft, News, Progress, SQL injection, vulnerability /

It’s time to patch your MOVEit Transfer solution again! 12/06/2023 at 16:47 By Zeljka Zorz Progress Software customers who use the MOVEit Transfer managed file transfer solution might not want to hear it, but they should quickly patch their on-prem installations again: With the help of researchers from Huntress, the company has uncovered additional SQL

It’s time to patch your MOVEit Transfer solution again! Read More »

The multiplying impact of BEC attacks

BEC scams, Don't miss, enterprise, FBI, Hot stuff, Microsoft, News, phishing, SMBs, social engineering /

The multiplying impact of BEC attacks 12/06/2023 at 16:22 By Helga Labus The 2023 Verizon Data Breach Investigations Report (DBIR) has confirmed what FBI’s Internet Crime Complaint Center has pointed out earlier this year: BEC scammers are ramping up their social engineering efforts to great success. BEC attackers targeting the real estate sector The FBI

The multiplying impact of BEC attacks Read More »

Building a culture of security awareness in healthcare begins with leadership

CISO, cyber risk, cybersecurity, Don't miss, Features, healthcare, Hot stuff, how-to, News, security controls, strategy, tips /

Building a culture of security awareness in healthcare begins with leadership 12/06/2023 at 07:35 By Mirko Zorz With the rise of modern trends such as cloud computing and remote work, healthcare institutions strive to balance accessibility, convenience, and robust security. In this Help Net Security interview, Ken Briggs, General Counsel at Salucro, discusses how fostering

Building a culture of security awareness in healthcare begins with leadership Read More »

Examining the long-term effects of data privacy violations

CCPA, cybersecurity, Data Protection, data security, Don't miss, GDPR, Hot stuff, Privacy, Video /

Examining the long-term effects of data privacy violations 12/06/2023 at 07:02 By Help Net Security Regulatory bodies are taking potential data privacy violations much more seriously this year after a relatively quiet period that followed the enactment of regulations such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We

Examining the long-term effects of data privacy violations Read More »

Fortinet patches pre-auth RCE, update your Fortigate firewalls ASAP! (CVE-2023-27997)

Don't miss, Fortinet, FortiOS, Hot stuff, Lexfo, News, Olympe Cyberdefense, security update, vulnerability /

Fortinet patches pre-auth RCE, update your Fortigate firewalls ASAP! (CVE-2023-27997) 11/06/2023 at 22:06 By Zeljka Zorz Fortinet has released several versions of FortiOS, the OS/firmware powering its Fortigate firewalls and other devices, without mentioning that they include a fix for CVE-2023-27997, a remote code execution (RCE) flaw that does not require the attacker to be

Fortinet patches pre-auth RCE, update your Fortigate firewalls ASAP! (CVE-2023-27997) Read More »

Replace Barracuda ESG appliances, company urges

Barracuda Networks, data theft, Don't miss, exploit, Hot stuff, Malware, News, Rapid7, vulnerability /

Replace Barracuda ESG appliances, company urges 09/06/2023 at 18:47 By Helga Labus Barracuda Networks is urging customers running phyisical Email Security Gateway (ESG) appliances to replace them immediately, “regardless of patch version level.” Vulnerability identification and disclosure Barracuda has identified a critical vulnerability (CVE-2023-2868) in their ESG appliances on May 19, 2023, and pushed a

Replace Barracuda ESG appliances, company urges Read More »

June 2023 Patch Tuesday forecast: Don’t forget about Apple

apple, Don't miss, Expert analysis, Expert corner, Google, Hot stuff, Ivanti, Microsoft, News, Patch Tuesday /

June 2023 Patch Tuesday forecast: Don’t forget about Apple 09/06/2023 at 08:39 By Help Net Security The odd month-to-month pattern of CVEs addressed by Microsoft continued with the May Patch Tuesday. After seeing high numbers for April, we saw 20 and 23 CVEs fixed for Windows 11 and 10, respectively, in May. And after 62

June 2023 Patch Tuesday forecast: Don’t forget about Apple Read More »

Introducing the book: Creating a Small Business Cybersecurity Program, Second Edition

books, Center for Internet Security, cybersecurity, Don't miss, Hot stuff, Video /

Introducing the book: Creating a Small Business Cybersecurity Program, Second Edition 09/06/2023 at 07:02 By Help Net Security In this Help Net Security video interview, Alan Watkins, CIS Controls Ambassador, CIS, talks about his new book – Creating a Small Business Cybersecurity Program, Second Edition. This book provides guidance and essential steps small businesses with

Introducing the book: Creating a Small Business Cybersecurity Program, Second Edition Read More »

Cl0p announces rules for extortion negotiation after MOVEit hack

Censys, Don't miss, extortion, file-sharing, Hot stuff, Huntress, News, Progress, vulnerability /

Cl0p announces rules for extortion negotiation after MOVEit hack 08/06/2023 at 14:03 By Zeljka Zorz The Cl0p cyber extortion crew says that the many organizations whose data they have pilfered by exploiting a vulnerability in the MOVEit Transfer solution have until June 14 to get in contact with them – or they will post their

Cl0p announces rules for extortion negotiation after MOVEit hack Read More »

AI: Interpreting regulation and implementing good practice

Artificial Intelligence, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, machine learning, opinion, regulation, standards, WithSecure /

AI: Interpreting regulation and implementing good practice 08/06/2023 at 08:05 By Help Net Security Businesses have been using artificial intelligence for years, and while machine learning (ML) models have often been taken from open-source repositories and built into business-specific systems, model provenance and assurance have not always necessarily been documented nor built into company policy.

AI: Interpreting regulation and implementing good practice Read More »

20 cybersecurity projects on GitHub you should check out

ARMO, CISA, cybersecurity, Don't miss, Faraday Technology Corporation, GitHub, Google, Hot stuff, Metasploit, MISP, MITRE ATT&CK, News, open source, software /

20 cybersecurity projects on GitHub you should check out 08/06/2023 at 07:47 By Helga Labus Open-source GitHub cybersecurity projects, developed and maintained by dedicated contributors, provide valuable tools, frameworks, and resources to enhance security practices. From vulnerability scanning and network monitoring to encryption and incident response, the following collection encompasses a diverse range of projects

20 cybersecurity projects on GitHub you should check out Read More »

The evolution of DDoS attacks in 2023

Arelion, attacks, CISO, cybersecurity, DDoS, Don't miss, Hot stuff, threat, Video /

The evolution of DDoS attacks in 2023 08/06/2023 at 07:10 By Help Net Security In this Help Net Security video, Mattias Fridström, Chief Evangelist at Arelion, talks about the DDoS threat landscape during 2023. DDoS attacks reflect significant geo-political challenges and social tensions and have become an increasingly important part of the hybrid warfare arsenal.

The evolution of DDoS attacks in 2023 Read More »

Exploited zero-day patched in Chrome (CVE-2023-3079)

0-day, Chrome, Don't miss, Google, Hot stuff, News, security update, vulnerability /

Exploited zero-day patched in Chrome (CVE-2023-3079) 07/06/2023 at 13:07 By Helga Labus Google has fixed a high-severity vulnerability in the Chrome browser (CVE-2023-3079) that is being exploited by attackers. About the vulnerability CVE-2023-3079 is a vulnerability that stems from a type confusion in the V8 JavaScript engine, and has been uncovered by Clément Lecigne of

Exploited zero-day patched in Chrome (CVE-2023-3079) Read More »

How to make developers love security

Arnica, cybersecurity, DevOps, Don't miss, Expert analysis, Expert corner, Hot stuff, opinion /

How to make developers love security 07/06/2023 at 08:01 By Help Net Security In my last post I discussed how developers can be your security secret weapon… but how to help them love doing security work? That’s a whole other challenge! Stories of the tension between developers and security teams are a longstanding feature of

How to make developers love security Read More »

Embracing realistic simulations in cybersecurity training programs

Don't miss, Hot stuff, Security Innovation, skill development, training, Video /

Embracing realistic simulations in cybersecurity training programs 07/06/2023 at 07:09 By Help Net Security In this Help Net Security video, Ed Adams, CEO of Security Innovation, discusses the shifts in cybersecurity training. 60% of companies now include realistic simulations in their cybersecurity training programs compared to 36% in 2020. According to Security Innovation research, organizations

Embracing realistic simulations in cybersecurity training programs Read More »

Scroll to Top