Hot stuff

Key steps to scaling automated compliance while maintaining security

Artificial Intelligence, automation, Compliance, cybersecurity, Data Protection, Don't miss, Features, Hot stuff, Meta, News, opinion, Risk Management, strategy /

Key steps to scaling automated compliance while maintaining security 2024-12-18 at 07:01 By Mirko Zorz In this Help Net Security interview, Vivek Agarwal, Privacy Program Manager at Meta Platforms, shares insights on strategies for reducing time to market, improving vendor onboarding, and updating privacy requirements to ensure compliance across third-party contracts. From leveraging automation and […]

React to this headline:

Loading spinner

Key steps to scaling automated compliance while maintaining security Read More »

Vanir: Open-source security patch validation for Android

Android, Don't miss, GitHub, Google, Hot stuff, News, open source, patch, software /

Vanir: Open-source security patch validation for Android 2024-12-18 at 06:34 By Help Net Security Google’s open-source tool Vanir enables Android developers to quickly scan custom platform code for missing or applicable security patches. By automating patch validation, Vanir helps OEMs deliver critical security updates faster, enhancing the security of the Android ecosystem. Vanir uses source-code-based

React to this headline:

Loading spinner

Vanir: Open-source security patch validation for Android Read More »

Researchers reveal OT-specific malware in use and in development

Claroty, Don't miss, Forescout, Hot stuff, IIoT, IoT, Malware, malware analysis, News, OT, VirusTotal /

Researchers reveal OT-specific malware in use and in development 2024-12-17 at 16:43 By Zeljka Zorz Malware that’s made specifically to target industrial control systems (ICS), Internet of Things (IoT) and operational technology (OT) control devices is still rare, but in the last few weeks security researchers have identified two salient threats based on samples uploaded

React to this headline:

Loading spinner

Researchers reveal OT-specific malware in use and in development Read More »

Malvertising on steroids serves Lumma infostealer

Don't miss, Guardio, Hot stuff, Infoblox, malvertising, Malware, News /

Malvertising on steroids serves Lumma infostealer 2024-12-17 at 14:30 By Zeljka Zorz A large-scale malvertising campaign distributing the Lumma infostealer malware via intrusive “ads” leading to fake CAPTCHA pages has been tied by researchers to a threat actor abusing the Monetag ad network. The campaign from the users’ perspective Internet users usually land on one

React to this headline:

Loading spinner

Malvertising on steroids serves Lumma infostealer Read More »

The shifting security landscape: 2025 predictions and challenges

Artificial Intelligence, Blancco Technology Group, CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, predictions, quantum computing /

The shifting security landscape: 2025 predictions and challenges 2024-12-17 at 07:33 By Help Net Security As the borderless threat ecosystem poses new challenges for companies and governments worldwide, CISA’s 2025-2026 International Plan aims to address this problem. CISA’s plan calls for integrated cyber defense across borders, addressing the complex, global cybersecurity challenges that businesses, governments

React to this headline:

Loading spinner

The shifting security landscape: 2025 predictions and challenges Read More »

Serbian government used Cellebrite to unlock phones, install spyware

0-day, Amnesty International, Android, Cellebrite, digital forensics, Don't miss, Google, Hot stuff, law enforcement, News, Privacy, Qualcomm, spyware /

Serbian government used Cellebrite to unlock phones, install spyware 2024-12-16 at 20:19 By Zeljka Zorz Serbian police and intelligence officers used Cellebrite forensic extraction software to unlock journalists’ and activists’ phones and install previously unknown Android spyware called NoviSpy, a new Amnesty International report claims. The unlocking was made possible through exploitation of a zero-day

React to this headline:

Loading spinner

Serbian government used Cellebrite to unlock phones, install spyware Read More »

MUT-1244 targeting security researchers, red teamers, and threat actors

Checkmarx, cryptojacking, data theft, Datadog, Don't miss, GitHub, Hot stuff, News, phishing, WordPress /

MUT-1244 targeting security researchers, red teamers, and threat actors 2024-12-16 at 17:33 By Zeljka Zorz A threat actor tracked as MUT-1244 by DataDog researchers has been targeting academics, pentesters, red teamers, security researchers, as well as other threat actors, in order to steal AWS access keys, WordPress account credentials and other sensitive data. MUT-1244 has

React to this headline:

Loading spinner

MUT-1244 targeting security researchers, red teamers, and threat actors Read More »

Evasive Node.js loader masquerading as game hack

Don't miss, Hot stuff, Malware, malware detection, News, online gaming, Zscaler /

Evasive Node.js loader masquerading as game hack 2024-12-16 at 15:03 By Zeljka Zorz Malware peddlers are using NodeLoader, a loader written in Node.js, to foil security solutions and deliver infostealers and cryptominers to gamers. The malicious links in YouTube comments (Source: Zscaler ThreatLabz) Attackers leveraging the Node.js loader In this latest malware delivery campaign, the

React to this headline:

Loading spinner

Evasive Node.js loader masquerading as game hack Read More »

With DORA approaching, financial institutions must strengthen their cyber resilience

AttackIQ, Compliance, cyber resilience, cybersecurity, Don't miss, EU, Expert analysis, Expert corner, financial industry, Hot stuff, News, opinion, regulation, Risk Management /

With DORA approaching, financial institutions must strengthen their cyber resilience 2024-12-16 at 07:33 By Help Net Security The clock is ticking for financial institutions across the EU as the January 17, 2025, deadline for the Digital Operational Resilience Act (DORA) approaches. This regulation will reshape how organizations in the financial sector approach cybersecurity and operational

React to this headline:

Loading spinner

With DORA approaching, financial institutions must strengthen their cyber resilience Read More »

How companies can address bias and privacy challenges in AI models

Artificial Intelligence, cybersecurity, Don't miss, Features, Holistic AI, Hot stuff, News, opinion, strategy /

How companies can address bias and privacy challenges in AI models 2024-12-16 at 07:03 By Mirko Zorz In this Help Net Security interview, Emre Kazim, Co-CEO of Holistic AI, discusses the need for companies to integrate responsible AI practices into their business strategies from the start. He explores how addressing issues like bias, privacy, and

React to this headline:

Loading spinner

How companies can address bias and privacy challenges in AI models Read More »

Tackling software vulnerabilities with smarter developer strategies

Application Security, code, cybersecurity, Don't miss, Endor Labs, Features, Hot stuff, News, opinion, software, web application security /

Tackling software vulnerabilities with smarter developer strategies 2024-12-13 at 07:03 By Mirko Zorz In this Help Net Security interview, Karl Mattson, CISO at Endor Labs, discusses strategies for enhancing secure software development. Mattson covers how developers can address vulnerabilities in complex systems, ways organizations can better support secure coding practices, and the role of languages

React to this headline:

Loading spinner

Tackling software vulnerabilities with smarter developer strategies Read More »

Krispy Kreme cybersecurity incident disrupts online ordering

cyberattack, disruption, Don't miss, Hot stuff, News, Retail, USA /

Krispy Kreme cybersecurity incident disrupts online ordering 2024-12-12 at 13:39 By Zeljka Zorz Popular US doughnut chain Krispy Kreme has been having trouble with its online ordering system as well as digital payments at their brick-and-mortar shops since late November, and now we finally know why: an 8-K report filed with the US Securities and

React to this headline:

Loading spinner

Krispy Kreme cybersecurity incident disrupts online ordering Read More »

27 DDoS-for hire platforms seized by law enforcement

arrest, cybercriminals, DDoS, Don't miss, Europe, Europol, Hot stuff, Justice Department, News, USA /

27 DDoS-for hire platforms seized by law enforcement 2024-12-12 at 12:39 By Zeljka Zorz As part of an ongoing international crackdown known as Operation PowerOFF, international law enforcement has seized over two dozen platforms used to carry out Distributed Denial-of-Service (DDoS) attacks. These “booter” (aka “stresser”) sites were used by both cybercriminals and hacktivists to

React to this headline:

Loading spinner

27 DDoS-for hire platforms seized by law enforcement Read More »

We must adjust expectations for the CISO role

CISO, Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, Portnox, resilience /

We must adjust expectations for the CISO role 2024-12-12 at 11:52 By Help Net Security Cybersecurity has become one of the most high-stakes facets of business operations in the past few years. The chief information security officer (CISO) role, once a back-office function primarily focused on technical oversight, has moved squarely into the executive spotlight.

React to this headline:

Loading spinner

We must adjust expectations for the CISO role Read More »

Only Cynet delivers 100% protection and detection visibility in the 2024 MITRE ATT&CK Evaluation

Cynet, Don't miss, Hot stuff, News /

Only Cynet delivers 100% protection and detection visibility in the 2024 MITRE ATT&CK Evaluation 2024-12-12 at 10:07 By Help Net Security Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders is to keep IT environments up and running. To guard against cyber threats and prevent data breaches, it’s vital

React to this headline:

Loading spinner

Only Cynet delivers 100% protection and detection visibility in the 2024 MITRE ATT&CK Evaluation Read More »

Shaping effective AI governance is about balancing innovation with humanity

Artificial Intelligence, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, ServiceNow, strategy /

Shaping effective AI governance is about balancing innovation with humanity 2024-12-12 at 07:04 By Mirko Zorz In this Help Net Security interview, Ben de Bont, CISO at ServiceNow, discusses AI governance, focusing on how to foster innovation while ensuring responsible oversight. He emphasizes the need for collaboration between technologists, policymakers, and ethicists to create ethical

React to this headline:

Loading spinner

Shaping effective AI governance is about balancing innovation with humanity Read More »

Exposed APIs and issues in the world’s largest organizations

access control, API security, authentication, cybersecurity, Don't miss, Escape, Hot stuff, Video /

Exposed APIs and issues in the world’s largest organizations 2024-12-12 at 06:32 By Help Net Security In this Help Net Security video, Tristan Kalos, CEO of Escape, discusses the results of its 2024 State of API Exposure report. The study highlights significant API security gaps affecting Fortune 1000 organizations, with over 28,500 exposed APIs and

React to this headline:

Loading spinner

Exposed APIs and issues in the world’s largest organizations Read More »

Keycloak: Open-source identity and access management

access management, Don't miss, GitHub, Hot stuff, identity management, News, open source, software /

Keycloak: Open-source identity and access management 2024-12-12 at 06:04 By Help Net Security Keycloak is an open-source project for identity and access management (IAM). It provides user federation, strong authentication, user management, authorization, and more. Keycloak is based on standard protocols and supports OpenID Connect, OAuth 2.0, and SAML. Single Sign-On: Users authenticate through Keycloak

React to this headline:

Loading spinner

Keycloak: Open-source identity and access management Read More »

Scroll to Top