Hot stuff

CISA offers cybersecurity services to non-federal orgs in critical infrastructure sector

CISA, critical infrastructure, cyber risk, Don't miss, Hot stuff, News, USA /

CISA offers cybersecurity services to non-federal orgs in critical infrastructure sector 22/11/2023 at 12:47 By Helga Labus The Cybersecurity and Infrastructure Security Agency (CISA) has announced a pilot program that aims to offer cybersecurity services to critical infrastructure entities as they have become a common target in cyberattacks. “In alignment with CISA’s ‘Target Rich, Resource […]

React to this headline:

Loading spinner

CISA offers cybersecurity services to non-federal orgs in critical infrastructure sector Read More »

CISOs can marry security and business success

CISO, Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, strategy, WithSecure /

CISOs can marry security and business success 22/11/2023 at 08:33 By Help Net Security With an endless string of cyber fires to be put out, it’s easy to forget that the cybersecurity function in an organization doesn’t exist in a vacuum. Its main purpose is to ensure the organization succeeds, and that’s the reason CISOs

React to this headline:

Loading spinner

CISOs can marry security and business success Read More »

Why boards must prioritize cybersecurity expertise

boardroom, cybersecurity, Don't miss, Hot stuff, Kudelski Security, threats, Video /

Why boards must prioritize cybersecurity expertise 22/11/2023 at 08:02 By Help Net Security In this Help Net Security video, Graeme Payne, US Advisory Service Leader at Kudelski Security, discusses how, with the incredible number of complex threats facing modern businesses, board members must take an increased role in cybersecurity decisions – or face the consequences.

React to this headline:

Loading spinner

Why boards must prioritize cybersecurity expertise Read More »

Apache ActiveMQ bug exploited to deliver Kinsing malware

Apache ActiveMQ, cryptojacking, Don't miss, exploit, Hot stuff, Linux, Malware, News, Trend Micro, vulnerability /

Apache ActiveMQ bug exploited to deliver Kinsing malware 21/11/2023 at 15:02 By Helga Labus Attackers are exploiting a recently fixed vulnerability (CVE-2023-46604) in Apache ActiveMQ to install Kinsing malware and cryptocurrency miners on targeted Linux systems. CVE-2023-46604 exploitation Apache ActiveMQ is a popular Java-based open source message broker that allows communication between applications and services

React to this headline:

Loading spinner

Apache ActiveMQ bug exploited to deliver Kinsing malware Read More »

The shifting sands of the war against cyber extortion

Analyst1, CISA, Don't miss, extortion, FBI, Government, Hot stuff, law enforcement, News, Ransomware /

The shifting sands of the war against cyber extortion 21/11/2023 at 14:33 By Zeljka Zorz Ransomware and cyber extortion attacks aimed at organizations are not letting up. Occasionally, they even come in pairs. The often large and sometimes massive ransomware recovery costs companies incur when they decide not to meet the demands deter many other

React to this headline:

Loading spinner

The shifting sands of the war against cyber extortion Read More »

Segmentation proves crucial for fast response to security incidents

Akamai, attacks, cybersecurity, Don't miss, Hot stuff, Ransomware, threats, Video /

Segmentation proves crucial for fast response to security incidents 21/11/2023 at 08:04 By Help Net Security In this Help Net Security video, Steve Winterfeld, Advisory CISO at Akamai, discusses the recent surge of ransomware attacks in the U.S. and how it relates to microsegmentation. Recovery after a security breach happens 11 hours faster with segmentation.

React to this headline:

Loading spinner

Segmentation proves crucial for fast response to security incidents Read More »

Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671)

CISA, Don't miss, enterprise, exploit, Hot stuff, News, PoC, Sophos, vulnerability /

Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671) 20/11/2023 at 14:47 By Helga Labus CISA has added three vulnerabilities to its Known Exploited Vulnerabilities catalog, among them a critical vulnerability (CVE-2023-1671) in Sophos Web Appliance that has been patched by the company in April 2023. About CVE-2023-1671 CVE-2023-1671 is a pre-auth command injection vulnerability

React to this headline:

Loading spinner

Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671) Read More »

MFA under fire, attackers undermine trust in security measures

attacks, cybersecurity, Don't miss, Hot stuff, Infoblox, MFA, phishing, Video /

MFA under fire, attackers undermine trust in security measures 20/11/2023 at 08:31 By Help Net Security In this Help Net Security video, Renée Burton, Head of Threat Intelligence at Infoblox, discusses MFA attacks. MFA adds security to online accounts, but MFA lookalikes are a real threat to consumers and enterprises. Consumers have come to trust

React to this headline:

Loading spinner

MFA under fire, attackers undermine trust in security measures Read More »

Transforming cybersecurity from reactive to proactive with attack path analysis

attack, Cloud, cybercriminals, cybersecurity, Don't miss, Hot stuff, risk, Skybox Security, Video /

Transforming cybersecurity from reactive to proactive with attack path analysis 17/11/2023 at 08:03 By Help Net Security An attack path is important to prioritize potential risks in cloud environments. The attack path offers the ability to look at cloud environments from the attacker’s perspective. With today’s general awareness and concerted effort toward cybersecurity, cybercriminals rarely

React to this headline:

Loading spinner

Transforming cybersecurity from reactive to proactive with attack path analysis Read More »

Review: Cyberbunker: The Criminal Underworld

cybercrime, dark web, Don't miss, Hot stuff, Netflix, News, Review, Reviews /

Review: Cyberbunker: The Criminal Underworld 16/11/2023 at 08:31 By Helga Labus Written and directed by Kilian Lieb and Max Rainer, Cyberbunker is a Netflix documentary about a group of hackers that enabled the proliferation of dark web forums where illegal materials were bought and sold. Cyberbunker: The Criminal Underworld The documentary begins with a special

React to this headline:

Loading spinner

Review: Cyberbunker: The Criminal Underworld Read More »

Cyber insurance predictions for 2024

BEC scams, cyber insurance, cybersecurity, Don't miss, Hot stuff, Optiv Security, predictions, Ransomware, Video /

Cyber insurance predictions for 2024 16/11/2023 at 08:01 By Help Net Security In this Help Net Security video, Dara Gibson, Senior Cyber Insurance Manager at Optiv, discusses cyber insurance and what we should expect to see in 2024: Ransomware, BEC, and pixel privacy claims will remain at the forefront of cyber insurance claims Cyber insurance

React to this headline:

Loading spinner

Cyber insurance predictions for 2024 Read More »

Crypto asset discovery and the post-quantum migration

Crypto, cybersecurity, Don't miss, education, Encryption, Expert analysis, Expert corner, Hot stuff, News, NIST, opinion, quantum computing, Quantum Xchange, standards /

Crypto asset discovery and the post-quantum migration 15/11/2023 at 09:33 By Help Net Security Quantum computing is reshaping our world and will revolutionize many industries, including materials science, life sciences, transportation, and energy. Google recently demonstrated the power of quantum computers by solving a problem in seconds that today’s supercomputers require nearly 50 years to

React to this headline:

Loading spinner

Crypto asset discovery and the post-quantum migration Read More »

Modeling organizations’ defensive mechanisms with MITRE D3FEND

CISO, collaboration, Compliance, cybersecurity, Don't miss, Features, framework, Hot stuff, MITRE, News, NSA, opinion, security ROI, security standard, standards, strategy /

Modeling organizations’ defensive mechanisms with MITRE D3FEND 15/11/2023 at 09:02 By Mirko Zorz Funded by the National Security Agency, MITRE’s D3FEND framework is helping to provide standardization, specificity, and repeatability needed by cybersecurity engineers. As the framework moves from the beta version to version 1.0 in 2024, we asked D3FEND creator Peter Kaloroumakis how D3FEND

React to this headline:

Loading spinner

Modeling organizations’ defensive mechanisms with MITRE D3FEND Read More »

Enhancing mainframe security with proven best practices

cybersecurity, Data Protection, DevOps, Don't miss, Hot stuff, hybrid cloud, mainframe security, network, open source, risk, Rocket Software, Video /

Enhancing mainframe security with proven best practices 15/11/2023 at 08:35 By Help Net Security Mainframe systems have served as the bedrock of enterprise networks for years, standing unmatched in terms of reliability, scalability, and data protection. However, security risks have become a pressing concern as the digital landscape evolves, emerging practices like DevOps, the rise

React to this headline:

Loading spinner

Enhancing mainframe security with proven best practices Read More »

Danish energy sector hit by a wave of coordinated cyberattacks

critical infrastructure, cyberattack, Don't miss, energy sector, exploit, Hot stuff, News, SektorCERT, vulnerability, Zyxel /

Danish energy sector hit by a wave of coordinated cyberattacks 14/11/2023 at 21:16 By Helga Labus The Danish energy sector has suffered what is believed to be the most extensive cyberattack in Danish history, according to SektorCERT. Danish energy sector under attack SektorCERT, an organization owned and funded by Danish critical infrastructure (CI) companies, uses

React to this headline:

Loading spinner

Danish energy sector hit by a wave of coordinated cyberattacks Read More »

Juniper networking devices under attack

CISA, Don't miss, enterprise, exploit, firewall, Hot stuff, Juniper Networks, News, vulnerability, WatchTowr /

Juniper networking devices under attack 14/11/2023 at 16:46 By Zeljka Zorz CISA has ordered US federal agencies to patch five vulnerabilities used by attackers to compromise Juniper networking devices, and to do so by Friday. Most of these bugs are not particularly severe by themselves, but they can be – and have been – chained

React to this headline:

Loading spinner

Juniper networking devices under attack Read More »

4 warning signs that your low-code development needs DevSecOps

automation, cloud computing, code, Compliance, Copado, cybersecurity, DevSecOps, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, product testing /

4 warning signs that your low-code development needs DevSecOps 14/11/2023 at 09:31 By Help Net Security Low code platforms have democratized development in the enterprise. They improve efficiency and enable companies to do more with less. But as you begin to do more you will start hitting speed bumps that eventually become roadblocks. If your

React to this headline:

Loading spinner

4 warning signs that your low-code development needs DevSecOps Read More »

10 corporate cybersecurity blogs worth your time

Akamai, AT&T Cybersecurity, AWS, Cloudflare, cybersecurity, Don't miss, Dropbox, ESET, GitHub, Google Cloud, Hot stuff, IBM, Intel, Mandiant, News, Sophos /

10 corporate cybersecurity blogs worth your time 14/11/2023 at 09:02 By Help Net Security In this article, we’ve curated a list of insightful corporate cybersecurity blogs that provide analysis and actionable advice to help you keep your company’s digital assets secure. This list is not meant to be exhaustive since thousands of companies have infosec

React to this headline:

Loading spinner

10 corporate cybersecurity blogs worth your time Read More »

Collaborative strategies are key to enhanced ICS security

access control, antivirus, collaboration, cybersecurity, Don't miss, Encryption, Features, firewall, framework, Hot stuff, identity management, News, opinion, regulation, risk assessment, Schneider Electric, standards, strategy, training /

Collaborative strategies are key to enhanced ICS security 14/11/2023 at 08:32 By Mirko Zorz In this Help Net Security interview, Marko Gulan, Cyber Security Consultant at Schneider Electric, discusses the complexities of safeguarding industrial control systems (ICS). Our conversation will explore the importance of cross-departmental collaboration, balancing security with system functionality, and the dynamic nature

React to this headline:

Loading spinner

Collaborative strategies are key to enhanced ICS security Read More »

Using real-time monitoring to identify and mitigate threats

access control, cybersecurity, Don't miss, Hot stuff, monitoring, Netdata, threats, user behavior, Video /

Using real-time monitoring to identify and mitigate threats 14/11/2023 at 08:02 By Help Net Security From identifying unusual behavior patterns to detecting unauthorized access, real-time monitoring provides a view of your digital environment, ensuring that threats are spotted and dealt with before they can cause harm. In this Help Net Security video, Costa Tsaousis, CEO

React to this headline:

Loading spinner

Using real-time monitoring to identify and mitigate threats Read More »

Scroll to Top