Hot stuff

Unnamed APT eyes vulnerabilities in Rockwell Automation industrial contollers (CVE-2023-3595 CVE-2023-3596)

critical infrastructure, Don't miss, Dragos, energy sector, firmware, Hot stuff, ICS/SCADA, manufacturing sector, News, PLC, Rockwell Automation, security update, vulnerability /

Unnamed APT eyes vulnerabilities in Rockwell Automation industrial contollers (CVE-2023-3595 CVE-2023-3596) 13/07/2023 at 15:46 By Zeljka Zorz Rockwell Automation has fixed two vulnerabilities (CVE-2023-3595, CVE-2023-3596) in the communication modules of its ControlLogix industrial programmable logic controllers (PLCs), ahead of expected (and likely) in-the-wild exploitation. “An unreleased exploit capability leveraging these vulnerabilities is associated with an […]

React to this headline:

Loading spinner

Unnamed APT eyes vulnerabilities in Rockwell Automation industrial contollers (CVE-2023-3595 CVE-2023-3596) Read More »

Combatting data governance risks of public generative AI tools

Artificial Intelligence, ChatGPT, CISO, cybersecurity, data, data security, Don't miss, Expert analysis, Expert corner, generative AI, Hot stuff, Mindbreeze, opinion /

Combatting data governance risks of public generative AI tools 13/07/2023 at 08:02 By Help Net Security When companies utilize public generative AI tools, the models are refined on input data provided by the company. Regarding data security, unauthorized use of sensitive data or the accidental exposure of proprietary information can lead to reputational damage, legal

React to this headline:

Loading spinner

Combatting data governance risks of public generative AI tools Read More »

Attack Surface Management: Identify and protect the unknown

attack, CISO, cybersecurity, Don't miss, Hot stuff, NetSPI, penetration testing, Video /

Attack Surface Management: Identify and protect the unknown 13/07/2023 at 07:33 By Help Net Security In this Help Net Security video, Brianna McGovern, Product Manager, Attack Surface Management, NetSPI, discusses Attack Surface Management (ASM). Attack Surface Management detects known, unknown, and potentially vulnerable public-facing assets and changes to your attack surface that may introduce risk.

React to this headline:

Loading spinner

Attack Surface Management: Identify and protect the unknown Read More »

Chinese hackers forged authentication tokens to breach government emails

cloud security, cyber espionage, data theft, Don't miss, Europe, Government, Hot stuff, Microsoft, News, Outlook, USA, vulnerability /

Chinese hackers forged authentication tokens to breach government emails 12/07/2023 at 13:17 By Zeljka Zorz Sophisticated hackers have accessed email accounts of organizations and government agencies via authentication tokens they forged by using an acquired Microsoft account (MSA) consumer signing key, the company has revealed on Tuesday. “The threat actor Microsoft links to this incident

React to this headline:

Loading spinner

Chinese hackers forged authentication tokens to breach government emails Read More »

Staying ahead of the “professionals”: The service-oriented ransomware crime industry

cybercrime, cybersecurity, Expert analysis, Expert corner, Hot stuff, opinion, Ransomware, threats, WithSecure /

Staying ahead of the “professionals”: The service-oriented ransomware crime industry 12/07/2023 at 07:35 By Help Net Security Ransomware has been a hugely profitable industry for criminal gangs for the last few years. The total amount of ransom paid since 2020 is estimated to be at least $2 billion, and this has both motivated and enabled

React to this headline:

Loading spinner

Staying ahead of the “professionals”: The service-oriented ransomware crime industry Read More »

How Google Cloud’s AML AI redefines the fight against money laundering

Artificial Intelligence, Compliance, Don't miss, Features, financial industry, Google, Google Cloud, Hot stuff, News, opinion /

How Google Cloud’s AML AI redefines the fight against money laundering 12/07/2023 at 07:02 By Mirko Zorz Google Cloud’s AML AI represents an advancement in the fight against money laundering. By replacing outdated transaction monitoring systems and embracing AI technology, financial institutions can now stay ahead of evolving financial crime risks, improve operational efficiency, ensure

React to this headline:

Loading spinner

How Google Cloud’s AML AI redefines the fight against money laundering Read More »

Microsoft patches four exploited zero-days, but lags with fixes for a fifth (CVE-2023-36884)

0-day, BlackBerry, Cisco, cyber espionage, cybercrime, Don't miss, drivers, Google, Hot stuff, Microsoft, MS Office, News, Ransomware, rootkits, security update, Tenable, Trend Micro, Volexity, vulnerability, Windows /

Microsoft patches four exploited zero-days, but lags with fixes for a fifth (CVE-2023-36884) 11/07/2023 at 22:31 By Zeljka Zorz For July 2023 Patch Tuesday, Microsoft has delivered 130 patches; among them are four for vulnerabilites actively exploited by attackers, but no patch for CVE-2023-36884, an Office and Windows HTML RCE vulnerability exploited in targeted attacks

React to this headline:

Loading spinner

Microsoft patches four exploited zero-days, but lags with fixes for a fifth (CVE-2023-36884) Read More »

Apple pushes out emergency fix for actively exploited zero-day (CVE-2023-37450)

0-day, apple, Don't miss, Hot stuff, iOS, iPad, macOS, News, security update /

Apple pushes out emergency fix for actively exploited zero-day (CVE-2023-37450) 11/07/2023 at 13:02 By Zeljka Zorz Apple has patched an actively exploited zero-day vulnerability (CVE-2023-37450) by releasing Rapid Security Response updates for iPhones, iPads and Macs running the latest versions of its operating systems. The vulnerability has also been fixed with a regular security update

React to this headline:

Loading spinner

Apple pushes out emergency fix for actively exploited zero-day (CVE-2023-37450) Read More »

CISO perspective on why Boards don’t fully grasp cyber attack risks

attacks, CISO, cyber risk, cybersecurity, Don't miss, Features, Hot stuff, investment, News, opinion, PlanSource, strategy /

CISO perspective on why Boards don’t fully grasp cyber attack risks 11/07/2023 at 07:33 By Mirko Zorz Due to their distinct perspectives, Board members and CISOs often have differing views on cyber attack risks. The discrepancy arises when Boards need cybersecurity expertise, need help comprehending technical jargon, or when CISOs need to communicate in business

React to this headline:

Loading spinner

CISO perspective on why Boards don’t fully grasp cyber attack risks Read More »

Cybersecurity best practices while working in the summer

BYOD, CISO, cybersecurity, Don't miss, Hot stuff, how-to, strategy, tips, Video /

Cybersecurity best practices while working in the summer 11/07/2023 at 07:02 By Help Net Security IT teams need help to monitor and enforce BYOD policies during summer months when more employees often travel or work remotely. In this Help Net Security video, Jeremy Ventura, Director, Security Strategy & Field CISO at ThreatX, discusses how employees

React to this headline:

Loading spinner

Cybersecurity best practices while working in the summer Read More »

Flaw in Revolut payment systems exploited to steal $20 million

Don't miss, financial industry, Hot stuff, News, Picus Security, Revolut /

Flaw in Revolut payment systems exploited to steal $20 million 10/07/2023 at 17:05 By Zeljka Zorz Organized criminal groups exploited a flaw in Revolut’s payment systems and made off with $20+ million of the company’s money, the Financial Times reported on Sunday, citing people with knowledge of the situation. Revolut’s cybersecurity troubles Revolut is a

React to this headline:

Loading spinner

Flaw in Revolut payment systems exploited to steal $20 million Read More »

Malware delivery to Microsoft Teams users made easy

collaboration, Don't miss, enterprise, Hot stuff, Malware, Microsoft 365, Microsoft Teams, News, red team, SMBs, vulnerability /

Malware delivery to Microsoft Teams users made easy 10/07/2023 at 14:33 By Zeljka Zorz A tool that automates the delivery of malware from external attackers to target employees’ Microsoft Teams inbox has been released. TeamsPhisher (Source: Alex Reid) About the exploited vulnerability As noted by Jumpsec researchers Max Corbridge and Tom Ellson, Microsoft Teams’ default

React to this headline:

Loading spinner

Malware delivery to Microsoft Teams users made easy Read More »

Law firms under cyberattack

cyberattack, data breach, Don't miss, eSentire, Hot stuff, law firms, NCSC, News, Ransomware, Trend Micro, Waratah /

Law firms under cyberattack 10/07/2023 at 07:31 By Helga Labus In April 2023, Australian law firm HWL Ebsworth was hit by a cyberattack that possibly resulted in data of hundreds of its clients and dozens of government agencies being compromised. The attack was claimed by the Russian-linked ALPHV/Blackcat ransomware group “Earlier this month, the group

React to this headline:

Loading spinner

Law firms under cyberattack Read More »

Overcoming user resistance to passwordless authentication

1Kosmos, authentication, Compliance, Don't miss, Expert analysis, Hot stuff, identity, News, opinion, passwordless, Privacy, zero trust /

Overcoming user resistance to passwordless authentication 10/07/2023 at 07:14 By Help Net Security Many organizations agree in theory that passwordless authentication is the future, but getting there represents a significant change management challenge. The migration to passwordless requires forethought and planning. For example, an organization needs to establish strategic imperatives around security, the user experience,

React to this headline:

Loading spinner

Overcoming user resistance to passwordless authentication Read More »

July 2023 Patch Tuesday forecast: A month of instability and uncertainty

Adobe, Adobe Acrobat, apple, Cisco, Don't miss, Expert analysis, Google, Hot stuff, Ivanti, Linux, Malwarebytes, Microsoft, Mozilla, News, Oracle, Patch Tuesday /

July 2023 Patch Tuesday forecast: A month of instability and uncertainty 07/07/2023 at 12:17 By Help Net Security We’re halfway through 2023 already and moving into our seventh Patch Tuesday of the year next week. There’s been a lot of activity with Microsoft this month which may impact updates we’ll see. But first taking a

React to this headline:

Loading spinner

July 2023 Patch Tuesday forecast: A month of instability and uncertainty Read More »

How to cultivate a culture of continuous cybersecurity improvement

cybersecurity, Don't miss, Expert analysis, Expert corner, Hackuity, Hot stuff, opinion, security, Threat Intelligence /

How to cultivate a culture of continuous cybersecurity improvement 06/07/2023 at 07:32 By Help Net Security Regulatory compliance and cybersecurity improvement are not two sides of the same coin: they are distinct pillars that demand specialized attention. Achieving compliance does not create an impenetrable fortress against threats, it merely creates a baseline defense. So, how

React to this headline:

Loading spinner

How to cultivate a culture of continuous cybersecurity improvement Read More »

Promoting responsible AI: Balancing innovation and regulation

Armis, Artificial Intelligence, cybersecurity, deepfakes, Don't miss, Features, Government, Hot stuff, News, opinion, policy /

Promoting responsible AI: Balancing innovation and regulation 06/07/2023 at 07:02 By Mirko Zorz As AI technology advances, it is essential to remain mindful of familiar and emerging risks. Education is critical to fostering responsible AI innovation, as understanding the technology and its limitations raises standards and benefits everyone. In this Help Net Security interview, Nadir

React to this headline:

Loading spinner

Promoting responsible AI: Balancing innovation and regulation Read More »

How ransomware impacts the healthcare industry

CISO, cybercrime, cybersecurity, Don't miss, healthcare, Hot stuff, Malware, Ransomware, strategy, tips, Video /

How ransomware impacts the healthcare industry 05/07/2023 at 07:02 By Help Net Security Healthcare continues to be one of the most attractive targets for cyberattackers, and the number of breaches affecting the industry is increasing yearly. In this Help Net Security video, Steve Gwizdala, VP of Healthcare at ForgeRock, discusses how vigilance and new ways

React to this headline:

Loading spinner

How ransomware impacts the healthcare industry Read More »

Island Enterprise Browser: Intelligent security built into the browsing session

browser, data, Don't miss, Features, Hot stuff, Island, News, opinion, policy, Privacy /

Island Enterprise Browser: Intelligent security built into the browsing session 05/07/2023 at 06:31 By Mirko Zorz In this Help Net Security interview, Mike Fey, CEO of Island, explains the differences between consumer browsers and the Island Enterprise Browser, how it protects organizations’ data, and how it uses contextual information to provide users with a safe

React to this headline:

Loading spinner

Island Enterprise Browser: Intelligent security built into the browsing session Read More »

Cloud security: Sometimes the risks may outweigh the rewards

Akamai, Cloud, cloud computing, cloud security, cybersecurity, Don't miss, Expert analysis, Hot stuff, News, opinion, vulnerability /

Cloud security: Sometimes the risks may outweigh the rewards 03/07/2023 at 07:32 By Help Net Security Threat actors are well-aware of the vulnerability of our cloud infrastructure. The internet we have today is not equipped to serve the data needs of the future. When data is stored in the cloud, it can end up across

React to this headline:

Loading spinner

Cloud security: Sometimes the risks may outweigh the rewards Read More »

Scroll to Top