Why cloud vulnerabilities need CVEs 2024-05-01 at 08:01 By Help Net Security When considering vulnerability management’s purpose in a modern world, it’s imperative to recognize the huge transition to new technologies and how you manage risk within these different paradigms and environments (e.g., the cloud). Patch network security isn’t applicable in the same way for […]
React to this headline:
Why cloud vulnerabilities need CVEs Read More »
Making cybersecurity more appealing to women, closing the skills gap 2024-05-01 at 07:31 By Mirko Zorz In this Help Net Security interview, Charly Davis, CCO at Sapphire, provides insights into the current challenges and barriers women face in the cybersecurity industry. Davis emphasizes the need for proactive strategies to attract diverse talent, improve mentorship opportunities,
React to this headline:
Making cybersecurity more appealing to women, closing the skills gap Read More »
Building a strong cloud security posture 2024-05-01 at 06:31 By Help Net Security In this Help Net Security video, David Kellerman, Field CTO at Cymulate, discusses how cloud security still seems to lag even as the cloud grows in popularity and usage. Many leaders are unaware that they need to secure the cloud the same
React to this headline:
Building a strong cloud security posture Read More »
Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades 2024-04-30 at 15:47 By Zeljka Zorz There are proof-of-concept techniques allowing attackers to achieve persistence on Palo Alto Networks firewalls after CVE-2024-3400 has been exploited, the company has confirmed on Monday, but they are “not aware at this time of any malicious attempts to
React to this headline:
Triangulation fraud: The costly scam hitting online retailers 2024-04-30 at 08:01 By Mirko Zorz In this Help Net Security interview, Mike Lemberger, Visa’s SVP, Chief Risk Officer, North America, discusses the severe financial losses resulting from triangulation fraud, estimating monthly losses to range from $660 million to $1 billion among merchants. He also highlights the
React to this headline:
Triangulation fraud: The costly scam hitting online retailers Read More »
Tracecat: Open-source SOAR 2024-04-30 at 07:31 By Mirko Zorz Tracecat is an open-source automation platform for security teams. The developers believe security automation should be accessible to everyone, especially understaffed small- to mid-sized teams. Core features, user interfaces, and day-to-day workflows are based on existing best practices from best-in-class security teams. Use specialized AI models
React to this headline:
Tracecat: Open-source SOAR Read More »
Why the automotive sector is a target for email-based cyber attacks 2024-04-30 at 07:01 By Help Net Security While every organization across every vertical is at risk of advanced email attacks, certain industries periodically become the go-to target for threat actors. In this Help Net Security video, Mick Leach, Field CISO at Abnormal Security, discusses
React to this headline:
Why the automotive sector is a target for email-based cyber attacks Read More »
eBook: Do you have what it takes to lead in cybersecurity? 2024-04-30 at 05:31 By Help Net Security Organizations worldwide need talented, experienced, and knowledgeable cybersecurity teams who understand the advantages and risks of emerging technologies. Aspiring leaders in the cybersecurity field need more than just job experience. They need a diverse and robust set
React to this headline:
eBook: Do you have what it takes to lead in cybersecurity? Read More »
UK enacts IoT cybersecurity law 2024-04-29 at 17:01 By Zeljka Zorz The Product Security and Telecommunications Infrastructure (PSTI) Act has come into effect today, requiring manufacturers of consumer-grade IoT products sold in the UK to stop using guessable default passwords and have a vulnerability disclosure policy. “Most smart devices are manufactured outside the UK, but
React to this headline:
UK enacts IoT cybersecurity law Read More »
Okta warns customers about credential stuffing onslaught 2024-04-29 at 14:01 By Zeljka Zorz Credential stuffing attacks have exploded this April, Okta warns, and advises its customers to use available tools to block access requests originating from residential proxies before authentication takes place. Abuse of proxy networks “In credential stuffing attacks, adversaries attempt to sign-in to
React to this headline:
Okta warns customers about credential stuffing onslaught Read More »
Prompt Fuzzer: Open-source tool for strengthening GenAI apps 2024-04-29 at 08:01 By Mirko Zorz Prompt Fuzzer is an open-source tool that evaluates the security of your GenAI application’s system prompt against dynamic LLM-based threats. Prompt Fuzzer features Simulation of over a dozen types of GenAI attacks The tool contextualizes itself automatically based on the system
React to this headline:
Prompt Fuzzer: Open-source tool for strengthening GenAI apps Read More »
How insider threats can cause serious security breaches 2024-04-29 at 07:34 By Help Net Security Insider threats are a prominent issue and can lead to serious security breaches. Just because someone is a colleague or employee does not grant inherent trust. In this Help Net Security video, Tara Lemieux, CMMC Consultant for Redspin, discusses insider
React to this headline:
How insider threats can cause serious security breaches Read More »
What AI can tell organizations about their M&A risk 2024-04-26 at 07:01 By Help Net Security Following the past few years of economic turbulence, merger and acquisition (M&A) activity is on the rise in 2024, with several acquisition deals being announced in the first few months of the year valued at billions of dollars. With
React to this headline:
What AI can tell organizations about their M&A risk Read More »
Breaking down the numbers: Cybersecurity funding activity recap 2024-04-26 at 06:45 By Help Net Security Here’s a list of interesting cybersecurity companies that received funding so far in 2024. Aim Security January | $10 million Aim Security raised $10 million in seed funding, led by YL Ventures, with participation from CCL (Cyber Club London), the
React to this headline:
Breaking down the numbers: Cybersecurity funding activity recap Read More »
Applying DevSecOps principles to machine learning workloads 2024-04-25 at 07:33 By Help Net Security Protecting data and other enterprise assets is an increasingly challenging task, and one that touches nearly every corner of an organization. As the complexity of digital systems grows, the challenges mount. One method that helps reign in the chaos is bringing
React to this headline:
Applying DevSecOps principles to machine learning workloads Read More »
Overcoming GenAI challenges in healthcare cybersecurity 2024-04-25 at 07:01 By Mirko Zorz In this Help Net Security interview, Assaf Mischari, Managing Partner, Team8 Health, discusses the risks associated with GenAI healthcare innovations and their impact on patient privacy. What are the key cybersecurity challenges in healthcare in the context of GenAI, and how can they
React to this headline:
Overcoming GenAI challenges in healthcare cybersecurity Read More »
25 cybersecurity AI stats you should know 2024-04-25 at 06:31 By Help Net Security In this article, you will find excerpts from reports we recently covered, which offer stats and insights into the challenges and cybersecurity issues arising from the expansion of AI. Security pros are cautiously optimistic about AI Cloud Security Alliance and Google
React to this headline:
25 cybersecurity AI stats you should know Read More »
Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359) 2024-04-24 at 21:31 By Zeljka Zorz A state-sponsored threat actor has managed to compromise Cisco Adaptive Security Appliances (ASA) used on government networks across the globe and use two zero-day vulnerabilities (CVE-2024-20353, CVE-2024-20359) to install backdoors on them, Cisco Talos researchers have shared on Wednesday.
React to this headline:
Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359) Read More »
GISEC Global 2024 video walkthrough 2024-04-24 at 13:01 By Help Net Security In this Help Net Security video, we take you inside GISEC Global, which is taking place from April 23 to April 25, 2024, at the Dubai World Trade Centre. The video features the following vendors: Sophos, Waterfall Security Solutions, UAE Cyber Security Council,
React to this headline:
GISEC Global 2024 video walkthrough Read More »
GenAI can enhance security awareness training 2024-04-24 at 07:31 By Help Net Security One of the biggest concerns over generative AI is its ability to manipulate us, which makes it ideal for orchestrating social engineering attacks. From mining someone’s digital footprint to crafting highly convincing spear phishing emails, to voice capture enabling vishing and deep
React to this headline:
GenAI can enhance security awareness training Read More »