The challenges of GenAI in fintech 2024-05-20 at 08:01 By Help Net Security Due to the cybersecurity disclosure rules the Securities and Exchange Commission (SEC) has adopted in 2023, public entities in the US are required to disclose any material cybersecurity incidents. Moving forward, these organizations will need in-depth knowledge of the impact, nature, scope […]
React to this headline:
The challenges of GenAI in fintech Read More »
Grafana: Open-source data visualization platform 2024-05-20 at 07:31 By Mirko Zorz Grafana is an open-source solution for querying, visualizing, alerting, and exploring metrics, logs, and traces regardless of where they are stored. Grafana provides tools to transform your time-series database (TSDB) data into meaningful graphs and visualizations. Additionally, its plugin framework lets you integrate various
React to this headline:
Grafana: Open-source data visualization platform Read More »
US exposes scheme enabling North Korean IT workers to bypass sanctions 2024-05-17 at 14:46 By Zeljka Zorz The US Justice Department had unsealed charges against a US woman and an Ukranian man who, along with three unidentified foreign nationals, have allegedly helped North Korean IT workers work remotely for US companies under assumed US identities
React to this headline:
US exposes scheme enabling North Korean IT workers to bypass sanctions Read More »
The importance of access controls in incident response 2024-05-17 at 12:31 By Help Net Security The worst time to find out your company doesn’t have adequate access controls is when everything is on fire. The worst thing that can happen during an incident is that your development and operations teams are blocked from solving the
React to this headline:
The importance of access controls in incident response Read More »
Organizations struggle to defend against ransomware 2024-05-17 at 07:01 By Help Net Security In this Help Net Security video, Jeremy Nichols, Director, Global Threat Intelligence Center at NTT Security Holdings, discusses a recent surge in ransomware incidents. After a down year in 2022, ransomware and extortion incidents increased in 2023. More than 5,000 ransomware victims
React to this headline:
Organizations struggle to defend against ransomware Read More »
Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002) 2024-05-16 at 14:16 By Zeljka Zorz New versions of Git are out, with fixes for five vulnerabilities, the most critical (CVE-2024-32002) of which can be used by attackers to remotely execute code during a “clone” operation. About Git Git is a widely-popular distributed version
React to this headline:
Google fixes third exploited Chrome zero-day in a week (CVE-2024-4947) 2024-05-16 at 12:01 By Zeljka Zorz For the third time in the last seven days, Google has fixed a Chrome zero-day vulnerability (CVE-2024-4947) for which an exploit exists in the wild. About CVE-2024-4947 CVE-2024-4947 is a type confusion vulnerability in V8, Chrome’s JavaScript and WebAssembly
React to this headline:
Google fixes third exploited Chrome zero-day in a week (CVE-2024-4947) Read More »
Is an open-source AI vulnerability next? 2024-05-16 at 08:31 By Help Net Security AI has captured widespread interest and offers numerous benefits. However, its rapid advancement and widespread adoption raise concerns, especially for those of us in cybersecurity. With so much interest, there are lots of insecure applications finding their way onto our devices and
React to this headline:
Is an open-source AI vulnerability next? Read More »
OWASP dep-scan: Open-source security and risk audit tool 2024-05-16 at 08:01 By Mirko Zorz OWASP dep-scan is an open-source security and risk assessment tool that leverages information on vulnerabilities, advisories, and licensing restrictions for project dependencies. It supports local repositories and container images as input sources, making it suitable for integration with ASPM/VM platforms and
React to this headline:
OWASP dep-scan: Open-source security and risk audit tool Read More »
Product showcase: Block ads, cookie pop-ups, trackers with CleanWeb 2024-05-16 at 07:01 By Help Net Security A study by PageFair revealed that ad blocker usage surged by 30% in 2016 alone, reflecting a growing public concern for privacy and uninterrupted browsing. Fast-forward to today, and the numbers are even more dramatic. According to Forbes, Americans
React to this headline:
Product showcase: Block ads, cookie pop-ups, trackers with CleanWeb Read More »
The critical role of IT staffing in strengthening cybersecurity 2024-05-16 at 06:01 By Help Net Security Many organizations lack adequate IT staffing to combat cyber threats. A comprehensive approach to cybersecurity requires more than technical solutions. It involves the right staff with the unique expertise necessary to recognize and prevent potential threats. This makes IT
React to this headline:
The critical role of IT staffing in strengthening cybersecurity Read More »
How attackers deliver malware to Foxit PDF Reader users 2024-05-15 at 16:31 By Zeljka Zorz Threat actors are taking advantage of the flawed design of Foxit PDF Reader’s alerts to deliver malware via booby-trapped PDF documents, Check Point researchers have warned. Exploiting the issue The researchers have analyzed several campaigns using malicious PDF files that
React to this headline:
How attackers deliver malware to Foxit PDF Reader users Read More »
Core security measures to strengthen privacy and data protection programs 2024-05-15 at 08:01 By Mirko Zorz As privacy laws evolve globally, organizations face increasing complexity in adapting their data protection strategies to stay compliant. In this Help Net Security interview, Kabir Barday, CEO at OneTrust, emphasizes that embracing privacy by design enables organizations to navigate
React to this headline:
Core security measures to strengthen privacy and data protection programs Read More »
Ransomware statistics that reveal alarming rate of cyber extortion 2024-05-15 at 07:01 By Help Net Security In this article, you will find excerpts from various reports that offer statistics and insights about the current ransomware landscape. Global ransomware crisis worsens NTT Security Holdings | 2024 Global Threat Intelligence Report | May 2024 Ransomware and extortion
React to this headline:
Ransomware statistics that reveal alarming rate of cyber extortion Read More »
Key questions to ask when tailoring defensive stacks 2024-05-15 at 06:31 By Help Net Security In this Help Net Security video, Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber, outlines the questions you need to ask your security team when tailoring a defense stack against your current threat landscape. Small talks about what
React to this headline:
Key questions to ask when tailoring defensive stacks Read More »
May 2024 Patch Tuesday: Microsoft fixes exploited zero-days (CVE-2024-30051, CVE-2024-30040) 2024-05-14 at 22:02 By Zeljka Zorz For May 2024 Patch Tuesday, Microsoft has released fixes for 59 CVE-numbered vulnerabilities, including two zero-days (CVE-2024-30051, CVE-2024-30040) actively exploited by attackers. CVE-2024-30051 and CVE-2024-30040 CVE-2024-30051 is a heap-based buffer overflow vulnerability affecting the Windows DWM Core Library that
React to this headline:
Apple backports iOS zero-day patch, adds Bluetooth tracker alert 2024-05-14 at 16:32 By Zeljka Zorz Apple has backported the patch for CVE-2024-23296 to the iOS 16 branch and has fixed a bug (CVE-2024-27852) in MarketplaceKit that may allow maliciously crafted webpages to distribute a script that tracks iOS users on other webpages. The company has
React to this headline:
Apple backports iOS zero-day patch, adds Bluetooth tracker alert Read More »
How a GRC consultant passed the CISSP exam in six weeks 2024-05-14 at 08:01 By Help Net Security Ask any IT security professional which certification they would consider to be the “gold standard” in terms of prestige, credibility, or difficulty, and almost invariably they will answer: the CISSP. If an organization is seeking some peace
React to this headline:
How a GRC consultant passed the CISSP exam in six weeks Read More »
Tailoring responsible AI: Defining ethical guidelines for industry-specific use 2024-05-14 at 07:01 By Mirko Zorz In this Help Net Security interview, Chris Peake, CISO & SVP at Smartsheet, explains how responsible AI should be defined by each organization to guide their AI development and usage. Peake emphasizes that implementing responsible AI requires balancing ethical considerations,
React to this headline:
Tailoring responsible AI: Defining ethical guidelines for industry-specific use Read More »
Are you meeting your cyber insurance requirements? 2024-05-14 at 06:31 By Help Net Security Cyber insurance policies are specifically designed to offer financial protection to organizations in the face of cyber attacks, data breaches, or other cybersecurity incidents. While they can provide a sense of security, it’s crucial to be aware of their limitations. In
React to this headline:
Are you meeting your cyber insurance requirements? Read More »