Hot stuff

Exploring the persistent threat of cyberattacks on healthcare

CISO, cyberattack, data, Don't miss, Features, healthcare, Hot stuff, how-to, News, opinion, Siemens, strategy, tips /

Exploring the persistent threat of cyberattacks on healthcare 26/06/2023 at 07:38 By Mirko Zorz In this Help Net Security interview, Brett Harris, Cybersecurity Officer for the Americas at Siemens Healthineers, discusses the long-term impacts of cyberattacks on healthcare institutions and what healthcare providers can do to protect patients’ personal data and medical devices. Can you […]

React to this headline:

Loading spinner

Exploring the persistent threat of cyberattacks on healthcare Read More »

How hardening Microsoft 365 tenants mitigates potential cloud attacks

CISO, Don't miss, Hot stuff, Microsoft, Microsoft 365, strategy, tips, Vectra, Video /

How hardening Microsoft 365 tenants mitigates potential cloud attacks 26/06/2023 at 07:01 By Help Net Security Moving critical data and workloads to the cloud has significantly changed information security teams. But most don’t have the resources to be successful in their cloud attack modeling—not to mention the deployment of measurable controls to defend against these

React to this headline:

Loading spinner

How hardening Microsoft 365 tenants mitigates potential cloud attacks Read More »

5 free online cybersecurity courses you should check out

Coursera, Don't miss, Hot stuff, ISC2, News, skill development, strategy, tips /

5 free online cybersecurity courses you should check out 26/06/2023 at 06:30 By Help Net Security Cryptography In this course, you’ll learn how to protect information to ensure its integrity, confidentiality, authenticity, and non-repudiation. You will develop a basic understanding of cryptographic concepts and how to apply them, implement secure protocols, key management concepts, critical

React to this headline:

Loading spinner

5 free online cybersecurity courses you should check out Read More »

PoC exploit released for Cisco AnyConnect, Secure Client vulnerability (CVE-2023-20178)

Cisco, Don't miss, exploit, Hot stuff, News, PoC, security update, vulnerability, Windows /

PoC exploit released for Cisco AnyConnect, Secure Client vulnerability (CVE-2023-20178) 23/06/2023 at 17:19 By Helga Labus Proof-of-concept (PoC) exploit code for the high-severity vulnerability (CVE-2023-20178) in Cisco Secure Client Software for Windows and Cisco AnyConnect Secure Mobility Client Software for Windows has been published. About the vulnerability Cisco Secure Client Software – previously known as

React to this headline:

Loading spinner

PoC exploit released for Cisco AnyConnect, Secure Client vulnerability (CVE-2023-20178) Read More »

Microsoft Teams vulnerability allows attackers to deliver malware to employees

collaboration, Don't miss, enterprise, Hot stuff, Jumpsec, Malware, Microsoft 365, Microsoft Teams, News, red team, SMBs, vulnerability /

Microsoft Teams vulnerability allows attackers to deliver malware to employees 23/06/2023 at 15:24 By Zeljka Zorz Security researchers have uncovered a bug that could allow attackers to deliver malware directly into employees’ Microsoft Teams inbox. “Organisations that use Microsoft Teams inherit Microsoft’s default configuration which allows users from outside of their organisation to reach out

React to this headline:

Loading spinner

Microsoft Teams vulnerability allows attackers to deliver malware to employees Read More »

Operationalizing zero trust in the cloud

Cloud, cloud security, cybersecurity, Don't miss, Expert analysis, Expert corner, Gigamon, Hot stuff, opinion, zero trust /

Operationalizing zero trust in the cloud 23/06/2023 at 07:39 By Help Net Security Some organizations have bought into the idea that workloads in the cloud are inherently more secure than those on premises. This idea is reinforced by the concept that the cloud service provider (CSP) assumes responsibility for security. However, while a secure cloud

React to this headline:

Loading spinner

Operationalizing zero trust in the cloud Read More »

Security investments that help companies navigate the macroeconomic climate

CISO, cybersecurity, Don't miss, Hot stuff, how-to, investment, security ROI, strategy, tips, Video /

Security investments that help companies navigate the macroeconomic climate 23/06/2023 at 07:01 By Help Net Security As data transformation progresses, cyber attacks are among the most significant growing threats to the enterprise. As seen in the recent MOVEit situation, enterprises must immediately enact cybersecurity solutions that are right for them. Every enterprise is unique, so

React to this headline:

Loading spinner

Security investments that help companies navigate the macroeconomic climate Read More »

Apple fixes zero-day vulnerabilities used to covertly deliver spyware (CVE-2023-32435)

0-day, apple, Don't miss, Hot stuff, iOS, Kaspersky, macOS, News, security update, spyware /

Apple fixes zero-day vulnerabilities used to covertly deliver spyware (CVE-2023-32435) 22/06/2023 at 13:36 By Zeljka Zorz Apple has released patches for three zero-day vulnerabilities (CVE-2023-32434, CVE-2023-32435, CVE-2023-32439) exploited in the wild. The first two have been reported by Kaspersky researchers Georgy Kucherin, Leonid Bezvershenko and Boris Larin following their discovery of the iOS spyware implant

React to this headline:

Loading spinner

Apple fixes zero-day vulnerabilities used to covertly deliver spyware (CVE-2023-32435) Read More »

ChatGPT shows promise in detecting phishing sites

Artificial Intelligence, ChatGPT, Don't miss, Hot stuff, Kaspersky, News, NTT Security, phishing, research /

ChatGPT shows promise in detecting phishing sites 22/06/2023 at 08:24 By Helga Labus ChatGPT can be used to generate phishing sites, but could it also be used to reliably detect them? Security researchers have tried to answer that question. Can ChatGPT detect phishing sites based on URLs? Kaspersky researchers tested 5,265 (2322 phishing and 2943

React to this headline:

Loading spinner

ChatGPT shows promise in detecting phishing sites Read More »

Cloud-native security hinges on open source

containers, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Kubernetes, open source, opinion, SUSE /

Cloud-native security hinges on open source 22/06/2023 at 07:33 By Help Net Security Technologies like Kubernetes and K3S are synonymous with the success of cloud native computing and the power of open source. It is no accident they have steamrolled the competition. As enterprises look to secure cloud-native environments, open source is the critical piece

React to this headline:

Loading spinner

Cloud-native security hinges on open source Read More »

Understanding the interplay between DevOps productivity and security

CISO, DevOps, Don't miss, Hot stuff, strategy, Teleport, tips, Video /

Understanding the interplay between DevOps productivity and security 22/06/2023 at 07:09 By Help Net Security Not only are macroeconomic headwinds causing more significant stress for security and DevOps teams, but the increasing number of threats against shrinking teams is causing an uneven playing field. In this Help Net Security video, Ev Kontsevoy, CEO at Teleport,

React to this headline:

Loading spinner

Understanding the interplay between DevOps productivity and security Read More »

Unraveling the multifaceted threats facing telecom companies

cyberattack, cybersecurity, Don't miss, ENISA, EU, Features, Hot stuff, Malware, News, opinion, telecommunications /

Unraveling the multifaceted threats facing telecom companies 22/06/2023 at 07:09 By Mirko Zorz In today’s interconnected world, telecom companies serve as gateways, connecting individuals, businesses, and governments. However, this role also makes them prime targets for cyberattacks. From DDoS attacks to sophisticated spyware infiltration, telecom providers face a wide range of threats that can disrupt

React to this headline:

Loading spinner

Unraveling the multifaceted threats facing telecom companies Read More »

VMware Aria Operations for Networks vulnerability exploited in the wild (CVE-2023-20887)

Don't miss, enterprise, GreyNoise, Hot stuff, News, patch, VMWare, vulnerability /

VMware Aria Operations for Networks vulnerability exploited in the wild (CVE-2023-20887) 21/06/2023 at 11:42 By Zeljka Zorz CVE-2023-20887, a pre-authentication command injection vulnerability in VMware Aria Operations for Networks (formerly vRealize Network Insight), has been spotted being exploited in the wild. There are no workarounds to mitigate the risk of exploitation – enterprise admins are

React to this headline:

Loading spinner

VMware Aria Operations for Networks vulnerability exploited in the wild (CVE-2023-20887) Read More »

The limitations of shifting left in application security

Application Security, Bionic, Don't miss, Hot stuff, microservices, strategy, tips, Video /

The limitations of shifting left in application security 21/06/2023 at 07:40 By Help Net Security In this Help Net Security video, Jacob Garrison, Security Research for Bionic, explains the limitations of shifting left in application security. Key factors hindering the effectiveness of shifting left: Achieving 50%+ application test coverage is unrealistic, especially in microservices environments

React to this headline:

Loading spinner

The limitations of shifting left in application security Read More »

Empowering Google security and networking solutions with AI

Artificial Intelligence, cybersecurity, Don't miss, Features, framework, Google, Google Cloud, Hot stuff, Mandiant, News, opinion, threats /

Empowering Google security and networking solutions with AI 21/06/2023 at 06:47 By Mirko Zorz In this Help Net Security interview, Sunil Potti, VP and GM, Cloud Security Google Cloud, talks about how new security and networking solutions powered by AI help improve security so Google customers can address their most pressing security challenges and remain

React to this headline:

Loading spinner

Empowering Google security and networking solutions with AI Read More »

Compromised Linux SSH servers engage in DDoS attacks, cryptomining

AhnLab, backdoor, bot, DDoS, Don't miss, Hot stuff, Linux, Malware, News /

Compromised Linux SSH servers engage in DDoS attacks, cryptomining 20/06/2023 at 13:36 By Helga Labus Poorly managed Linux SSH servers are getting compromised by unknown attackers and instructed to engage in DDoS attacks while simultaneously mining cryptocurrency in the background. The Tsunami DDoS bot Tsunami, also known as Kaiten, is a type of DDoS bot

React to this headline:

Loading spinner

Compromised Linux SSH servers engage in DDoS attacks, cryptomining Read More »

The significance of CIS Control mapping in the 2023 Verizon DBIR

Center for Internet Security, cybersecurity, Don't miss, Expert analysis, Expert corner, framework, Hot stuff, Nucleus Security, opinion, risk assessment, security awareness, security controls, security culture, Verizon /

The significance of CIS Control mapping in the 2023 Verizon DBIR 20/06/2023 at 07:48 By Help Net Security Verizon’s recently released 2023 Data Breach Investigation Report (DBIR) provides organizations with a comprehensive analysis of the evolving threat landscape and valuable insights into incident types and vulnerabilities. This year, the report includes the mapping of CIS

React to this headline:

Loading spinner

The significance of CIS Control mapping in the 2023 Verizon DBIR Read More »

ChatGPT and data protection laws: Compliance challenges for businesses

Artificial Intelligence, ChatGPT, Compliance, cyber risk, Data Protection, data security, Don't miss, Features, GDPR, HIPAA, Hot stuff, law, News, opinion, PCI DSS, Privacy, Private AI, regulation, training /

ChatGPT and data protection laws: Compliance challenges for businesses 20/06/2023 at 07:33 By Mirko Zorz In this Help Net Security interview, Patricia Thaine, CEO at Private AI, reviews the main privacy concerns when using ChatGPT in a business context, as well as the risks that businesses can face if they betray customers’ trust. Thaine also

React to this headline:

Loading spinner

ChatGPT and data protection laws: Compliance challenges for businesses Read More »

10 open-source recon tools worth your time

cybersecurity, Don't miss, Hot stuff, News, open source, OWASP, penetration testing, software /

10 open-source recon tools worth your time 20/06/2023 at 07:02 By Help Net Security Recon is the initial stage in the penetration testing process. It’s a vital phase allowing the tester to understand their target and strategize their moves. Here are ten open-source recon tools that deserve to be in your arsenal. Altdns Altdns is

React to this headline:

Loading spinner

10 open-source recon tools worth your time Read More »

The future of passwords and authentication

authentication, Bitwarden, CISO, Don't miss, Hot stuff, passwords, predictions, strategy, Video /

The future of passwords and authentication 20/06/2023 at 06:31 By Help Net Security In this Help Net Security video, Michael Crandell, CEO of Bitwarden, discusses the future of passwords and authentication. Although interest in passwordless technology, which aims to eliminate the need for passwords, is relatively low, 65% of consumers are receptive to using new

React to this headline:

Loading spinner

The future of passwords and authentication Read More »

Scroll to Top