Hot stuff

Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671)

CISA, Don't miss, enterprise, exploit, Hot stuff, News, PoC, Sophos, vulnerability /

Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671) 20/11/2023 at 14:47 By Helga Labus CISA has added three vulnerabilities to its Known Exploited Vulnerabilities catalog, among them a critical vulnerability (CVE-2023-1671) in Sophos Web Appliance that has been patched by the company in April 2023. About CVE-2023-1671 CVE-2023-1671 is a pre-auth command injection vulnerability […]

React to this headline:

Loading spinner

Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671) Read More »

MFA under fire, attackers undermine trust in security measures

attacks, cybersecurity, Don't miss, Hot stuff, Infoblox, MFA, phishing, Video /

MFA under fire, attackers undermine trust in security measures 20/11/2023 at 08:31 By Help Net Security In this Help Net Security video, Renée Burton, Head of Threat Intelligence at Infoblox, discusses MFA attacks. MFA adds security to online accounts, but MFA lookalikes are a real threat to consumers and enterprises. Consumers have come to trust

React to this headline:

Loading spinner

MFA under fire, attackers undermine trust in security measures Read More »

Transforming cybersecurity from reactive to proactive with attack path analysis

attack, Cloud, cybercriminals, cybersecurity, Don't miss, Hot stuff, risk, Skybox Security, Video /

Transforming cybersecurity from reactive to proactive with attack path analysis 17/11/2023 at 08:03 By Help Net Security An attack path is important to prioritize potential risks in cloud environments. The attack path offers the ability to look at cloud environments from the attacker’s perspective. With today’s general awareness and concerted effort toward cybersecurity, cybercriminals rarely

React to this headline:

Loading spinner

Transforming cybersecurity from reactive to proactive with attack path analysis Read More »

Review: Cyberbunker: The Criminal Underworld

cybercrime, dark web, Don't miss, Hot stuff, Netflix, News, Review, Reviews /

Review: Cyberbunker: The Criminal Underworld 16/11/2023 at 08:31 By Helga Labus Written and directed by Kilian Lieb and Max Rainer, Cyberbunker is a Netflix documentary about a group of hackers that enabled the proliferation of dark web forums where illegal materials were bought and sold. Cyberbunker: The Criminal Underworld The documentary begins with a special

React to this headline:

Loading spinner

Review: Cyberbunker: The Criminal Underworld Read More »

Cyber insurance predictions for 2024

BEC scams, cyber insurance, cybersecurity, Don't miss, Hot stuff, Optiv Security, predictions, Ransomware, Video /

Cyber insurance predictions for 2024 16/11/2023 at 08:01 By Help Net Security In this Help Net Security video, Dara Gibson, Senior Cyber Insurance Manager at Optiv, discusses cyber insurance and what we should expect to see in 2024: Ransomware, BEC, and pixel privacy claims will remain at the forefront of cyber insurance claims Cyber insurance

React to this headline:

Loading spinner

Cyber insurance predictions for 2024 Read More »

Crypto asset discovery and the post-quantum migration

Crypto, cybersecurity, Don't miss, education, Encryption, Expert analysis, Expert corner, Hot stuff, News, NIST, opinion, quantum computing, Quantum Xchange, standards /

Crypto asset discovery and the post-quantum migration 15/11/2023 at 09:33 By Help Net Security Quantum computing is reshaping our world and will revolutionize many industries, including materials science, life sciences, transportation, and energy. Google recently demonstrated the power of quantum computers by solving a problem in seconds that today’s supercomputers require nearly 50 years to

React to this headline:

Loading spinner

Crypto asset discovery and the post-quantum migration Read More »

Modeling organizations’ defensive mechanisms with MITRE D3FEND

CISO, collaboration, Compliance, cybersecurity, Don't miss, Features, framework, Hot stuff, MITRE, News, NSA, opinion, security ROI, security standard, standards, strategy /

Modeling organizations’ defensive mechanisms with MITRE D3FEND 15/11/2023 at 09:02 By Mirko Zorz Funded by the National Security Agency, MITRE’s D3FEND framework is helping to provide standardization, specificity, and repeatability needed by cybersecurity engineers. As the framework moves from the beta version to version 1.0 in 2024, we asked D3FEND creator Peter Kaloroumakis how D3FEND

React to this headline:

Loading spinner

Modeling organizations’ defensive mechanisms with MITRE D3FEND Read More »

Enhancing mainframe security with proven best practices

cybersecurity, Data Protection, DevOps, Don't miss, Hot stuff, hybrid cloud, mainframe security, network, open source, risk, Rocket Software, Video /

Enhancing mainframe security with proven best practices 15/11/2023 at 08:35 By Help Net Security Mainframe systems have served as the bedrock of enterprise networks for years, standing unmatched in terms of reliability, scalability, and data protection. However, security risks have become a pressing concern as the digital landscape evolves, emerging practices like DevOps, the rise

React to this headline:

Loading spinner

Enhancing mainframe security with proven best practices Read More »

Danish energy sector hit by a wave of coordinated cyberattacks

critical infrastructure, cyberattack, Don't miss, energy sector, exploit, Hot stuff, News, SektorCERT, vulnerability, Zyxel /

Danish energy sector hit by a wave of coordinated cyberattacks 14/11/2023 at 21:16 By Helga Labus The Danish energy sector has suffered what is believed to be the most extensive cyberattack in Danish history, according to SektorCERT. Danish energy sector under attack SektorCERT, an organization owned and funded by Danish critical infrastructure (CI) companies, uses

React to this headline:

Loading spinner

Danish energy sector hit by a wave of coordinated cyberattacks Read More »

Juniper networking devices under attack

CISA, Don't miss, enterprise, exploit, firewall, Hot stuff, Juniper Networks, News, vulnerability, WatchTowr /

Juniper networking devices under attack 14/11/2023 at 16:46 By Zeljka Zorz CISA has ordered US federal agencies to patch five vulnerabilities used by attackers to compromise Juniper networking devices, and to do so by Friday. Most of these bugs are not particularly severe by themselves, but they can be – and have been – chained

React to this headline:

Loading spinner

Juniper networking devices under attack Read More »

4 warning signs that your low-code development needs DevSecOps

automation, cloud computing, code, Compliance, Copado, cybersecurity, DevSecOps, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, product testing /

4 warning signs that your low-code development needs DevSecOps 14/11/2023 at 09:31 By Help Net Security Low code platforms have democratized development in the enterprise. They improve efficiency and enable companies to do more with less. But as you begin to do more you will start hitting speed bumps that eventually become roadblocks. If your

React to this headline:

Loading spinner

4 warning signs that your low-code development needs DevSecOps Read More »

10 corporate cybersecurity blogs worth your time

Akamai, AT&T Cybersecurity, AWS, Cloudflare, cybersecurity, Don't miss, Dropbox, ESET, GitHub, Google Cloud, Hot stuff, IBM, Intel, Mandiant, News, Sophos /

10 corporate cybersecurity blogs worth your time 14/11/2023 at 09:02 By Help Net Security In this article, we’ve curated a list of insightful corporate cybersecurity blogs that provide analysis and actionable advice to help you keep your company’s digital assets secure. This list is not meant to be exhaustive since thousands of companies have infosec

React to this headline:

Loading spinner

10 corporate cybersecurity blogs worth your time Read More »

Collaborative strategies are key to enhanced ICS security

access control, antivirus, collaboration, cybersecurity, Don't miss, Encryption, Features, firewall, framework, Hot stuff, identity management, News, opinion, regulation, risk assessment, Schneider Electric, standards, strategy, training /

Collaborative strategies are key to enhanced ICS security 14/11/2023 at 08:32 By Mirko Zorz In this Help Net Security interview, Marko Gulan, Cyber Security Consultant at Schneider Electric, discusses the complexities of safeguarding industrial control systems (ICS). Our conversation will explore the importance of cross-departmental collaboration, balancing security with system functionality, and the dynamic nature

React to this headline:

Loading spinner

Collaborative strategies are key to enhanced ICS security Read More »

Using real-time monitoring to identify and mitigate threats

access control, cybersecurity, Don't miss, Hot stuff, monitoring, Netdata, threats, user behavior, Video /

Using real-time monitoring to identify and mitigate threats 14/11/2023 at 08:02 By Help Net Security From identifying unusual behavior patterns to detecting unauthorized access, real-time monitoring provides a view of your digital environment, ensuring that threats are spotted and dealt with before they can cause harm. In this Help Net Security video, Costa Tsaousis, CEO

React to this headline:

Loading spinner

Using real-time monitoring to identify and mitigate threats Read More »

Cyber risk is business risk: Qualys Enterprise TruRisk Platform sets new industry standard

CEO, CISO, cyber risk, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Qualys, Risk Management, strategy /

Cyber risk is business risk: Qualys Enterprise TruRisk Platform sets new industry standard 13/11/2023 at 10:33 By Help Net Security In this Help Net Security interview, Sumedh Thakar, President and CEO of Qualys explores the vision behind the Qualys Enterprise TruRisk Platform, a strategic move aimed at redefining how enterprises measure, communicate, and eliminate cyber

React to this headline:

Loading spinner

Cyber risk is business risk: Qualys Enterprise TruRisk Platform sets new industry standard Read More »

Success eludes the International Counter Ransomware Initiative

attacks, collaboration, communication, critical infrastructure, cybercriminals, cybersecurity, Don't miss, Eclipz.io, Expert analysis, Expert corner, extortion, Hot stuff, News, opinion, Ransomware, regulation, threats /

Success eludes the International Counter Ransomware Initiative 13/11/2023 at 09:46 By Help Net Security A swing and a miss by the 50 member countries of the International Counter Ransomware Initiative (CRI), headlined by the US, who have confirmed a commitment to collectively address ransomware. Ransomware, as predicted, is growing at tremendous rates and focusing on

React to this headline:

Loading spinner

Success eludes the International Counter Ransomware Initiative Read More »

The real cost of healthcare cybersecurity breaches

CISO, cybersecurity, data breach, Don't miss, Features, Google, Google Cloud, healthcare, Hot stuff, News, opinion, strategy, tips /

The real cost of healthcare cybersecurity breaches 13/11/2023 at 09:33 By Mirko Zorz With each step towards digitalization, from cloud computing to electronic records, the healthcare sector faces mounting risks that threaten not just the privacy but the very wellbeing of patients. In this Help Net Security interview, Taylor Lehmann, Director, Office of the CISO,

React to this headline:

Loading spinner

The real cost of healthcare cybersecurity breaches Read More »

Building resilience to shield your digital transformation from cyber threats

Cloud, code, cybersecurity, digital transformation, Don't miss, Hot stuff, Onapsis, resilience, SAP, threats, Video /

Building resilience to shield your digital transformation from cyber threats 13/11/2023 at 08:01 By Help Net Security Digital transformation projects are top of mind for enterprises. 91% of businesses are currently engaged in some form of digital initiative. Yet, the average cost of a failed, delayed, or scaled-back digital transformation project is more than $4

React to this headline:

Loading spinner

Building resilience to shield your digital transformation from cyber threats Read More »

Chinese multinational bank hit by ransomware

Banks, China, Citrix, Don't miss, financial industry, Hot stuff, News, Ransomware /

Chinese multinational bank hit by ransomware 10/11/2023 at 14:46 By Helga Labus The state-owned Industrial and Commercial Bank of China (ICBC), which is one of the largest banks in the world, has been hit by a ransomware attack that led to disrupted trades in the US Treasury market. The attack “On November 8, 2023, U.S.

React to this headline:

Loading spinner

Chinese multinational bank hit by ransomware Read More »

November 2023 Patch Tuesday forecast: Year 21 begins

Adobe, apple, Chrome, Don't miss, Expert analysis, Expert corner, Firefox, Hot stuff, Ivanti, Microsoft, Mozilla, News, patch, Patch Tuesday, patching, Windows, Windows Server /

November 2023 Patch Tuesday forecast: Year 21 begins 10/11/2023 at 09:03 By Help Net Security The October forecast for large numbers of CVEs addressed in Windows 10 and 11 and the recent record on the number fixed in Windows Server 2012 was spot on! Microsoft addressed 75 CVEs in Windows 11, 80 in Windows 10,

React to this headline:

Loading spinner

November 2023 Patch Tuesday forecast: Year 21 begins Read More »

Scroll to Top