The most concerning risks for 2024 and beyond 2024-03-13 at 07:13 By Help Net Security In this Help Net Security video, Melissa Bischoping, Director, Endpoint Security Research at Tanium, discusses the most concerning risks for 2024 and beyond, from both an internal and external perspective. The post The most concerning risks for 2024 and beyond […]
React to this headline:
The most concerning risks for 2024 and beyond Read More »
March 2024 Patch Tuesday: Microsoft fixes critical bugs in Windows Hyper-V 2024-03-12 at 22:11 By Zeljka Zorz On this March 2024 Patch Tuesday, Microsoft has released fixes for 59 CVE-numbered vulnerabilities, but – welcome news! – none of them are currently publicly known or actively exploited. Last month, though, several days after Patch Tuesday, the
React to this headline:
March 2024 Patch Tuesday: Microsoft fixes critical bugs in Windows Hyper-V Read More »
Hackers leverage 1-day vulnerabilities to deliver custom Linux malware 2024-03-12 at 11:01 By Helga Labus A financially motivated threat actor is using known vulnerabilities to target public-facing services and deliver custom malware to unpatched Windows and Linux systems. Among the exploited vulnerabilities are also two recently discovered Ivanti Connect Secure VPN flaws that are widely
React to this headline:
Hackers leverage 1-day vulnerabilities to deliver custom Linux malware Read More »
How advances in AI are impacting business cybersecurity 2024-03-12 at 07:52 By Help Net Security While ChatGPT and Bard have proven to be valuable tools for developers, marketers, and consumers, they also carry the risk of unintentionally exposing sensitive and confidential data. From a security point of view, it always pays to think one step
React to this headline:
How advances in AI are impacting business cybersecurity Read More »
Cybersecurity jobs available right now: March 12, 2024 2024-03-12 at 07:52 By Mirko Zorz CISO / Head of Enterprise IT Stitch Fix | USA | Remote – View job details Reporting directly to the Chief Product and Technology Officer, you will oversee all aspects of information security, including cloud security, DevSecOps, security operations, and security
React to this headline:
Cybersecurity jobs available right now: March 12, 2024 Read More »
Tax-related scams escalate as filing deadline approaches 2024-03-12 at 07:18 By Helga Labus As the April 15, 2024 tax filing deadline approaches in the US, some old and some new tax-related scams targeting both taxpayers and tax professionals. Tax-related scams targeting taxpayers With taxpayers rushing to file their personal federal income tax return, scammers are
React to this headline:
Tax-related scams escalate as filing deadline approaches Read More »
How organizations can keep up with shifting data privacy regulations 2024-03-12 at 06:31 By Help Net Security With no sign of regulations slowing down, enterprises struggle to keep pace with the rapid changes. According to a recent NTT Data survey of business executives, 3 in 4 organizations can’t keep up with data regulations, holding them
React to this headline:
How organizations can keep up with shifting data privacy regulations Read More »
Microsoft: Russian hackers accessed internal systems, code repositories 2024-03-11 at 14:14 By Zeljka Zorz Midnight Blizzard (aka APT29), a group of Russian hackers tied to the country’s Foreign Intelligence Service (SVR), has leveraged information stolen from Microsoft corporate email systems to burrow into the company’s source code repositories and internal systems. “It is apparent that
React to this headline:
Microsoft: Russian hackers accessed internal systems, code repositories Read More »
Transitioning to memory-safe languages: Challenges and considerations 2024-03-11 at 09:07 By Mirko Zorz In this Help Net Security interview, Omkhar Arasaratnam, General Manager at the Open Source Security Foundation (OpenSSF), discusses the evolution of memory-safe programming languages and their emergence in response to the limitations of languages like C and C++. Memory safety concerns, prevailing
React to this headline:
Transitioning to memory-safe languages: Challenges and considerations Read More »
10 free cybersecurity guides you might have missed 2024-03-11 at 09:07 By Help Net Security This collection of free cybersecurity guides covers a broad range of topics, from resources for developing cybersecurity programs to specific guides for various sectors and organizations. Whether you work for a small business, a large corporation, or a specific industry,
React to this headline:
10 free cybersecurity guides you might have missed Read More »
Email security trends in the energy and infrastructure sector 2024-03-11 at 09:07 By Help Net Security In this Help Net Security video, Mike Britton, CISO at Abnormal Security, discusses how energy and infrastructure organizations face an increased risk of business email compromise and vendor email compromise attacks. According to Abnormal Security data, from February 2023
React to this headline:
Email security trends in the energy and infrastructure sector Read More »
CloudGrappler: Open-source tool detects activity in cloud environments 2024-03-11 at 09:07 By Mirko Zorz CloudGrappler is an open-source tool designed to assist security teams in identifying threat actors within their AWS and Azure environments. The tool, built on the foundation of Cado Security’s cloudgrep project, offers enhanced detection capabilities based on the tactics, techniques, and
React to this headline:
CloudGrappler: Open-source tool detects activity in cloud environments Read More »
Cisco patches Secure Client VPN flaw that could reveal authentication tokens (CVE-2024-20337) 2024-03-08 at 13:03 By Zeljka Zorz Cisco has fixed two high-severity vulnerabilities affecting its Cisco Secure Client enterprise VPN and endpoint security solution, one of which (CVE-2024-20337) could be exploited by unauthenticated, remote attackers to grab users’ valid SAML authentication token. “The attacker
React to this headline:
March 2024 Patch Tuesday forecast: A popular framework updated 2024-03-08 at 08:47 By Help Net Security We’re almost at our third Patch Tuesday and wrapping up the first quarter 2024. Time flies by! Microsoft is starting to push users to update their operating systems as their active version is approaching end-of-support. The February 2024 Patch
React to this headline:
March 2024 Patch Tuesday forecast: A popular framework updated Read More »
Immediate AI risks and tomorrow’s dangers 2024-03-08 at 08:37 By Helga Labus “At the most basic level, AI has given malicious attackers superpowers,” Mackenzie Jackson, developer and security advocate at GitGuardian, told the audience last week at Bsides Zagreb. These superpowers are most evident in the growing impact of fishing, smishing and vishing attacks since
React to this headline:
Immediate AI risks and tomorrow’s dangers Read More »
Leveraging AI and automation for enhanced cloud communication security 2024-03-08 at 07:32 By Mirko Zorz In this Help Net Security interview, Sanjay Macwan, CIO and CISO at Vonage, addresses emerging threats to cloud communications and the role of AI and automation in cybersecurity. What emerging threats to cloud communications are you most concerned about, and
React to this headline:
Leveraging AI and automation for enhanced cloud communication security Read More »
Securing the future: Addressing cybersecurity challenges in the education sector 2024-03-08 at 07:03 By Help Net Security In this Help Net Security video, Kory Daniels, CISO at Trustwave, shines a light on the impact the current threat environment can have for both universities and students. Key findings from a recent Trustwave report include: – 1.8
React to this headline:
Securing the future: Addressing cybersecurity challenges in the education sector Read More »
VMware patches critical flaws in ESXi, Workstation, Fusion and Cloud Foundation 2024-03-07 at 15:07 By Helga Labus VMware has fixed four vulnerabilities (CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255) in ESXi, Workstation, Fusion and Cloud Foundation, some of which could allow attackers to escape the sandbox and execute code on the host machine. About the vulnerabilities VMware ESXi
React to this headline:
VMware patches critical flaws in ESXi, Workstation, Fusion and Cloud Foundation Read More »
Web-based PLC malware: A new potential threat to critical infrastructure 2024-03-07 at 13:47 By Zeljka Zorz A group of researchers from Georgia Tech’s College of Engineering have developed web-based programmable logic controller (PLC) malware able to target most PLCs produced by major manufacturers. “Our Web-Based (WB) PLC malware resides in PLC memory, but ultimately gets
React to this headline:
Web-based PLC malware: A new potential threat to critical infrastructure Read More »
Major shifts in identity, ransomware, and critical infrastructure threat trends 2024-03-07 at 07:20 By Help Net Security In this Help Net Security video, Michelle Alvarez, Strategic Threat Analysis Manager at IBM X-Force, discusses the 2024 X-Force Threat Intelligence Index, revealing top threats and trends the team observed last year across its global engagements and how
React to this headline:
Major shifts in identity, ransomware, and critical infrastructure threat trends Read More »