Spotting AI-generated scams: Red flags to watch for 2024-10-03 at 07:32 By Mirko Zorz In this Help Net Security interview, Andrius Popovas, Chief Risk Officer at Mano Bank, discusses the most prevalent AI-driven fraud schemes, such as phishing attacks and deepfakes. He explains how AI manipulates videos and audio to deceive victims and highlights key […]
Spotting AI-generated scams: Red flags to watch for Read More »
Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) 2024-10-02 at 14:16 By Zeljka Zorz Attackers are actively exploiting CVE-2024-45519, a critical Zimbra vulnerability that allows them to execute arbitrary commands on vulnerable installations. Proofpoint’s threat researchers say that the attacks started on September 28 – several weeks after Zimbra developers released patches for CVE-2024-45519 and
Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) Read More »
4 new LockBit-related arrests, identities of suspected Evil Corp members, affiliates revealed 2024-10-02 at 12:46 By Zeljka Zorz The third phase of Operation Cronos, which involved officers from the UK National Crime Agency (NCA), the FBI, Europol and other law enforcement agencies, has resulted in the arrest of four persons for allegedly participating in the
Enhancing firewall management with automation tools 2024-10-02 at 08:01 By Mirko Zorz In this Help Net Security interview, Raymond Brancato, CEO at Tufin, discusses the considerations organizations must weigh when selecting a next-generation firewall to effectively balance security needs with network performance. What factors should organizations prioritize when selecting a next-generation firewall to balance security
Enhancing firewall management with automation tools Read More »
Suricata: Open-source network analysis and threat detection 2024-10-02 at 07:31 By Help Net Security Suricata is an open-source network intrusion detection system (IDS), intrusion prevention system (IPS), and network security monitoring engine. Suricata features Suricata offers comprehensive capabilities for network security monitoring (NSM), including logging HTTP requests, capturing and storing TLS certificates, and extracting files
Suricata: Open-source network analysis and threat detection Read More »
Cybersecurity jobs available right now: October 2, 2024 2024-10-02 at 07:01 By Anamarija Pogorelec Applied Cybersecurity Engineer (Center for Securing the Homeland) MITRE | USA | Hybrid – View job details As an Applied Cybersecurity Engineer (Center for Securing the Homeland), you will apply interdisciplinary competencies in secure systems architecture and design, security operations, threat
Cybersecurity jobs available right now: October 2, 2024 Read More »
What bots mean for businesses and consumers 2024-10-02 at 06:31 By Help Net Security Simple bots have existed since the early to mid-2000s when organizations had no means to protect themselves or their website’s users from them. Yet today, despite having tools to protect against these simple bots, two in three organizations have made no
What bots mean for businesses and consumers Read More »
Use Windows event logs for ransomware investigations, JPCERT/CC advises 2024-10-01 at 13:46 By Zeljka Zorz The JPCERT Coordination Center – the first Computer Security Incident Response Team established in Japan – has compiled a list of entries in Windows event logs that could help enterprise defenders respond to human-operated ransomware attacks and potentially limit the
Use Windows event logs for ransomware investigations, JPCERT/CC advises Read More »
3 easy microsegmentation projects 2024-10-01 at 07:31 By Help Net Security Like many large-scale network security projects, microsegmentation can seem complex, time-consuming, and expensive. It involves managing intricate details about inter-device service connectivity. One web server should connect to specific databases but not to others, or load balancers should connect to some web servers while
3 easy microsegmentation projects Read More »
Reducing credential complexity with identity federation 2024-10-01 at 07:01 By Mirko Zorz In this Help Net Security interview, Omer Cohen, Chief Security Officer at Descope, discusses the impact of identity federation on organizational security and user experience. He explains how this approach streamlines credential management and enhances security by leveraging trusted identity providers while simplifying
Reducing credential complexity with identity federation Read More »
Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts 2024-09-30 at 17:01 By Zeljka Zorz Storm-0501, an affiliate of several high-profile ransomware-as-a-service outfits, has been spotted compromising targets’ cloud environments and on-premises systems. “Storm-0501 is the latest threat actor observed to exploit weak credentials and over-privileged accounts to move from organizations’
Microsoft revised the controversial Copilot+ Recall feature 2024-09-30 at 13:46 By Zeljka Zorz Microsoft has made changes to Recall – the screenshot-taking, AI-powered search feature for Copilot+ PCs running Windows 11 – to reassure users worried about security and privacy. The security of the feature has been assessed by Microsoft’s Offensive Research & Security Engineering
Microsoft revised the controversial Copilot+ Recall feature Read More »
Could APIs be the undoing of AI? 2024-09-30 at 08:01 By Help Net Security Application programming interfaces (APIs) are essential to how generative AI (GenAI) functions with agents (e.g., calling upon them for data). But the combination of API and LLM issues coupled with rapid rollouts is likely to see numerous organizations having to combat
Could APIs be the undoing of AI? Read More »
Open source maintainers: Key to software health and security 2024-09-30 at 07:01 By Help Net Security Open source has become the foundation of modern application development, with up to 98% of applications incorporating open-source components and open-source code accounting for 70% or more of the typical application. In this Help Net Security video, Donald Fischer,
Open source maintainers: Key to software health and security Read More »
Businesses turn to private AI for enhanced security and data management 2024-09-30 at 06:31 By Mirko Zorz In this Help Net Security interview, Joe Baguley, CTO EMEA at Broadcom, shares insights on private AI and its significance in data security. He explains how it helps organizations maintain control over sensitive information while addressing the complexities
Businesses turn to private AI for enhanced security and data management Read More »
CUPS vulnerabilities affecting Linux, Unix systems can lead to RCE 2024-09-27 at 13:31 By Zeljka Zorz After much hyping and following prematurely leaked information by a third party, security researcher Simone Margaritelli has released details about four zero-day vulnerabilities in the Common UNIX Printing System (CUPS) that can be abused by remote, unauthenticated attackers to
CUPS vulnerabilities affecting Linux, Unix systems can lead to RCE Read More »
3 tips for securing IoT devices in a connected world 2024-09-27 at 08:01 By Help Net Security IoT devices have become integral to how many organizations operate. From Smart TVs in conference rooms to connected sensors and wireless security cameras, these connected devices are now a fixture in the modern workplace. They also, however, present
3 tips for securing IoT devices in a connected world Read More »
Tosint: Open-source Telegram OSINT tool 2024-09-27 at 07:31 By Mirko Zorz Tosint is an open-source Telegram OSINT tool that extracts useful information from Telegram bots and channels. It’s suited for security researchers, investigators, and others who want to gather insights from Telegram sources. Several law enforcement agencies utilize Tosint to gather intelligence and monitor cybercriminal
Tosint: Open-source Telegram OSINT tool Read More »
Developing an effective cyberwarfare response plan 2024-09-27 at 07:01 By Mirko Zorz In this Help Net Security interview, Nadir Izrael, CTO at Armis, discusses how AI has transformed cyberwarfare by amplifying attacks’ scale and sophistication. Izrael emphasizes the need for AI-powered defenses and proactive cybersecurity strategies to combat these evolving threats. How has adopting AI
Developing an effective cyberwarfare response plan Read More »
Active Directory compromise: Cybersecurity agencies provde guidance 2024-09-26 at 17:31 By Zeljka Zorz Active Directory (AD), Microsoft’s on-premises directory service for Windows domain networks, is so widely used for enterprise identity and access management that compromising it has become almost a standard step in cyber intrusions. “Active Directory is susceptible to compromise due to its
Active Directory compromise: Cybersecurity agencies provde guidance Read More »