Why is everyone talking about certificate automation? 2024-03-19 at 07:19 By Help Net Security Digital Certificates are not new. In this Help Net Security video, Andreas Brix, Senior Program Manager at GlobalSign, discusses why they are back in the news and what you should do about it. The post Why is everyone talking about certificate […]
React to this headline:
Why is everyone talking about certificate automation? Read More »
Lynis: Open-source security auditing tool 2024-03-19 at 06:06 By Mirko Zorz Lynis is a comprehensive open-source security auditing tool for UNIX-based systems, including Linux, macOS, and BSD. Hardening with Lynis Lynis conducts a thorough security examination of the system directly. Its main objective is to evaluate security measures and recommend enhancing system hardening. The tool
React to this headline:
Lynis: Open-source security auditing tool Read More »
Fujitsu finds malware on company systems, investigates possible data breach 2024-03-18 at 22:27 By Helga Labus Fujitsu Limited, the largest Japanese IT services provider, has announced that several of the company’s computers have been compromised with malware, leading to a possible data breach. Known details about the Fujitsu data breach The company published the security
React to this headline:
Fujitsu finds malware on company systems, investigates possible data breach Read More »
Nissan breach exposed data of 100,000 individuals 2024-03-18 at 13:46 By Helga Labus Nissan Oceania has confirmed that the data breach it suffered in December 2023 affected around 100,000 individuals and has begun notifying them. First response In early December 2023, the company – a regional Nissan division which includes Nissan Motor Corporation and Nissan
React to this headline:
Nissan breach exposed data of 100,000 individuals Read More »
Harnessing the power of privacy-enhancing tech for safer AI adoption 2024-03-18 at 12:01 By Help Net Security A consensus on regulatory AI frameworks seems distant. Yet, the imperative for secure and responsible AI deployment cannot be overstated. How can leaders proactively address AI adoption challenges while waiting for regulatory clarity? In this Help Net Security
React to this headline:
Harnessing the power of privacy-enhancing tech for safer AI adoption Read More »
43 million workers potentially affected in France Travail data breach 2024-03-18 at 10:29 By Helga Labus French national unemployment agency France Travail (formerly Pôle emploi) and Cap emploi, a government employment service for people with disabilities, have suffered a data breach that might have exposed personal data of 43 million people. The breach The agencies
React to this headline:
43 million workers potentially affected in France Travail data breach Read More »
AI and the future of corporate security 2024-03-15 at 06:30 By Help Net Security In this Help Net Security video, Tracy Reinhold, CSO at Everbridge, discusses why AI technology must be embraced while also exploring some guardrails that must be in place to protect organizations against threats using AI to penetrate facilities. The post AI
React to this headline:
AI and the future of corporate security Read More »
Critical FortiClient EMS vulnerability fixed, (fake?) PoC for sale (CVE-2023-48788) 2024-03-14 at 16:36 By Zeljka Zorz A recently fixed SQL injection vulnerability (CVE-2023-48788) in Fortinet’s FortiClient Endpoint Management Server (EMS) solution has apparently piqued the interest of many: Horizon3’s Attack Team means to publish technical details and a proof-of-concept exploit for it next week, and
React to this headline:
Critical FortiClient EMS vulnerability fixed, (fake?) PoC for sale (CVE-2023-48788) Read More »
PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800) 2024-03-14 at 13:00 By Zeljka Zorz Arcserve has fixed critical security vulnerabilities (CVE-2024-0799, CVE-2024-0800) in its Unified Data Protection (UDP) solution that can be chained to upload malicious files to the underlying Windows system. Tenable researchers have published a PoC exploit script demonstrating the attack, as
React to this headline:
PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800) Read More »
MobSF: Open-source security research platform for mobile apps 2024-03-14 at 07:30 By Mirko Zorz The Mobile Security Framework (MobSF) is an open-source research platform for mobile application security, encompassing Android, iOS, and Windows Mobile. MobSF can be used for mobile app security assessment, penetration testing, malware analysis, and privacy evaluation. The Static Analyzer is adept
React to this headline:
MobSF: Open-source security research platform for mobile apps Read More »
How teams can improve incident recovery time to minimize damages 2024-03-14 at 06:30 By Help Net Security With breach recovery costs skyrocketing, speeding time to recovery to minimize downtime and losses should be top of mind for security leaders. Yet, most focus on adding more prevention and detection tools. In this Help Net Security video,
React to this headline:
How teams can improve incident recovery time to minimize damages Read More »
The effects of law enforcement takedowns on the ransomware landscape 2024-03-13 at 17:03 By Zeljka Zorz While the results of law enforcement action against ransomware-as-a-service operators Alphv/BlackCat and LockBit are yet to be fully realized, the August 2023 disruption of the Qakbot botnet has had one notable effect: ransomware affiliates have switched to vulnerability exploitation
React to this headline:
The effects of law enforcement takedowns on the ransomware landscape Read More »
BSAM: Open-source methodology for Bluetooth security assessment 2024-03-13 at 08:39 By Zeljka Zorz Many wireless headsets using Bluetooth technology have vulnerabilities that may allow malicious individuals to covertly listen in on private conversations, Tarlogic Security researchers have demonstrated last week at RootedCON in Madrid. “Many of the examples presented during the conference were real tests
React to this headline:
BSAM: Open-source methodology for Bluetooth security assessment Read More »
LastPass’ CIO vision for driving business strategy, innovation 2024-03-13 at 08:39 By Mirko Zorz Recently, LastPass appointed Asad Siddiqui as its CIO. He brings over two decades of experience leading startups and large technology organizations. It was the perfect time for Help Net Security to find out what’s next for Siddiqui in his new role
React to this headline:
LastPass’ CIO vision for driving business strategy, innovation Read More »
The most concerning risks for 2024 and beyond 2024-03-13 at 07:13 By Help Net Security In this Help Net Security video, Melissa Bischoping, Director, Endpoint Security Research at Tanium, discusses the most concerning risks for 2024 and beyond, from both an internal and external perspective. The post The most concerning risks for 2024 and beyond
React to this headline:
The most concerning risks for 2024 and beyond Read More »
March 2024 Patch Tuesday: Microsoft fixes critical bugs in Windows Hyper-V 2024-03-12 at 22:11 By Zeljka Zorz On this March 2024 Patch Tuesday, Microsoft has released fixes for 59 CVE-numbered vulnerabilities, but – welcome news! – none of them are currently publicly known or actively exploited. Last month, though, several days after Patch Tuesday, the
React to this headline:
March 2024 Patch Tuesday: Microsoft fixes critical bugs in Windows Hyper-V Read More »
Hackers leverage 1-day vulnerabilities to deliver custom Linux malware 2024-03-12 at 11:01 By Helga Labus A financially motivated threat actor is using known vulnerabilities to target public-facing services and deliver custom malware to unpatched Windows and Linux systems. Among the exploited vulnerabilities are also two recently discovered Ivanti Connect Secure VPN flaws that are widely
React to this headline:
Hackers leverage 1-day vulnerabilities to deliver custom Linux malware Read More »
How advances in AI are impacting business cybersecurity 2024-03-12 at 07:52 By Help Net Security While ChatGPT and Bard have proven to be valuable tools for developers, marketers, and consumers, they also carry the risk of unintentionally exposing sensitive and confidential data. From a security point of view, it always pays to think one step
React to this headline:
How advances in AI are impacting business cybersecurity Read More »
Cybersecurity jobs available right now: March 12, 2024 2024-03-12 at 07:52 By Mirko Zorz CISO / Head of Enterprise IT Stitch Fix | USA | Remote – View job details Reporting directly to the Chief Product and Technology Officer, you will oversee all aspects of information security, including cloud security, DevSecOps, security operations, and security
React to this headline:
Cybersecurity jobs available right now: March 12, 2024 Read More »
Tax-related scams escalate as filing deadline approaches 2024-03-12 at 07:18 By Helga Labus As the April 15, 2024 tax filing deadline approaches in the US, some old and some new tax-related scams targeting both taxpayers and tax professionals. Tax-related scams targeting taxpayers With taxpayers rushing to file their personal federal income tax return, scammers are
React to this headline:
Tax-related scams escalate as filing deadline approaches Read More »