Hot stuff

LockBit leader unmasked: US charges Russian national

Australia, cybercrime, cybercriminals, disruption, DOJ, Don't miss, Europol, Hot stuff, law enforcement, News, Ransomware, UK, USA /

LockBit leader unmasked: US charges Russian national 2024-05-07 at 18:33 By Zeljka Zorz Russian national Dmitry Khoroshev is “LockBitSupp”, the creator, developer and administator of the infamous LockBit ransomware group, according to UK, US and Australia law enforcement agencies. The US Justice Deparment has unsealed charges against Khoroshev and the US Department of the Treasury’s […]

LockBit leader unmasked: US charges Russian national Read More »

Ransomware operations are becoming less profitable

Chainalysis, cybercrime, disruption, Don't miss, Hot stuff, law enforcement, News, Ransomware /

Ransomware operations are becoming less profitable 2024-05-07 at 14:01 By Zeljka Zorz As the number of real (and fake) victims of ransomware gangs continues to rise, the number of ransomware payments is falling, along with the average ransom payment. The reasons behind this decrease are many: increased cyber resilience of organizations (which includes having recoverable

Ransomware operations are becoming less profitable Read More »

6 tips to implement security gamification effectively

CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, SeeMetrics, tips, training /

6 tips to implement security gamification effectively 2024-05-07 at 08:01 By Help Net Security There’s not a CISO in the industry who’s not aware of the extremely short median CISO tenure. That’s why the best CISOs are those who constantly seek ways to strengthen their teams. They help members evolve and grow in their roles,

6 tips to implement security gamification effectively Read More »

Cybercrime stats you can’t ignore

Abnormal Security, Akamai, Cofense, cybercrime, cybersecurity, Don't miss, Egress, GuidePoint Security, Hot stuff, Imperva, Ironscales, News, Osterman Research, ReliaQuest, report, SecurityScorecard, Sophos, SpyCloud, survey, Thales, Trustwave, VIPRE Security, Visa /

Cybercrime stats you can’t ignore 2024-05-07 at 07:31 By Help Net Security In this article, you will find excerpts from various reports that offer stats and insights about the current cybercrime landscape. Behavioral patterns of ransomware groups are changing GuidePoint Security | GRIT Q1 2024 Ransomware Report | April 2024 Q1 2024 resulted in a

Cybercrime stats you can’t ignore Read More »

The strategic advantages of targeted threat intelligence

cyberattacks, cybersecurity, Cybersixgill, Don't miss, Hot stuff, Threat Intelligence, threats, Video /

The strategic advantages of targeted threat intelligence 2024-05-07 at 07:01 By Help Net Security In this Help Net Security video, Gabi Reish, Chief Business Development and Product Officer at Cybersixgill, discusses the role of threat intelligence in every enterprise’s security stack. Threat intelligence plays a significant role in proactively managing a company’s threat exposure. High-quality

The strategic advantages of targeted threat intelligence Read More »

BlackBasta claims Synlab attack, leaks some stolen documents

Data leak, Don't miss, Europe, Hot stuff, News, Ransomware /

BlackBasta claims Synlab attack, leaks some stolen documents 2024-05-06 at 14:16 By Zeljka Zorz The BlackBasta ransomware / cyber extortion gang is behind the recent cyber attack that resulted in the temporary shutdown of operations at Synlab Italia. The group claimed the attack on their leak site on Saturday and says they have exfiltrated approximately

BlackBasta claims Synlab attack, leaks some stolen documents Read More »

Strategies for preventing AI misuse in cybersecurity

analytics, Artificial Intelligence, awareness, cybersecurity, deepfakes, Don't miss, Features, Hot stuff, News, opinion, remediation, risk, SecurityPal, strategy /

Strategies for preventing AI misuse in cybersecurity 2024-05-06 at 08:01 By Mirko Zorz As organizations increasingly adopt AI, they face unique challenges in updating AI models to keep pace with evolving threats while ensuring seamless integration into existing cybersecurity frameworks. In this Help Net Security interview, Pukar Hamal, CEO at SecurityPal, discusses the integration of

Strategies for preventing AI misuse in cybersecurity Read More »

How to prepare for the CISSP exam: Tips from industry leaders

certification, CISO, cybersecurity, Don't miss, Features, Hot stuff, how-to, ISC2, News, skill development, strategy, tips /

How to prepare for the CISSP exam: Tips from industry leaders 2024-05-06 at 07:31 By Mirko Zorz The Certified Information Systems Security Professional (CISSP) is the most widely recognized certification in the information security industry. CISSP certifies that an information security professional possesses extensive technical and managerial expertise for designing, engineering, and managing an organization’s

How to prepare for the CISSP exam: Tips from industry leaders Read More »

eBook: CISSP fundamentals in focus

Don't miss, Hot stuff, ISC2, News, Whitepapers and webinars /

eBook: CISSP fundamentals in focus 2024-05-06 at 05:31 By Help Net Security From the technical tools that help manage access control to non-technical skills like collaboration, learn about the fundamentals required in cybersecurity – and how CISSP guides you with the knowledge and skills you need to succeed. Inside the eBook: The Many Sides of

eBook: CISSP fundamentals in focus Read More »

Bug hunters can get up to $450,000 for an RCE in Google’s Android apps

Android, bug bounty, Don't miss, Google, Hot stuff, mobile apps, News /

Bug hunters can get up to $450,000 for an RCE in Google’s Android apps 2024-05-03 at 17:16 By Zeljka Zorz Google has drastically increased the rewards bug hunters can get for reporting vulnerabilities in Android apps it develops and maintains. “We increased reward amounts by up to 10x in some categories (for example Remote Arbitrary

Bug hunters can get up to $450,000 for an RCE in Google’s Android apps Read More »

What is cybersecurity mesh architecture (CSMA)?

CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, framework, Gutsy, Hot stuff, Incident Response, News, opinion, Threat Intelligence /

What is cybersecurity mesh architecture (CSMA)? 2024-05-03 at 07:01 By Help Net Security Cybersecurity mesh architecture (CSMA) is a set of organizing principles used to create an effective security framework. Using a CSMA approach means designing a security architecture that is composable and scalable with easily extensible interfaces, a common data schema and well-defined interfaces

What is cybersecurity mesh architecture (CSMA)? Read More »

New SOHO router malware aims for cloud accounts, internal company resources

data collection, Don't miss, Hot stuff, Lumen, Malware, networking, News, router, SMBs, Trend Micro, trojan /

New SOHO router malware aims for cloud accounts, internal company resources 2024-05-02 at 14:46 By Zeljka Zorz Cuttlefish, a new malware family that targets enterprise-grade small office/home office (SOHO) routers, is used by criminals to steal account credentials / secrets for AWS, CloudFlare, Docker, BitBucket and other cloud-based services. “With the stolen key material, the

New SOHO router malware aims for cloud accounts, internal company resources Read More »

Dropbox says attackers accessed customer and MFA info, API keys

data breach, digital signature, Don't miss, Dropbox, Hot stuff, News, privileged accounts /

Dropbox says attackers accessed customer and MFA info, API keys 2024-05-02 at 12:01 By Zeljka Zorz File hosting service Dropbox has confirmed that attackers have breached the Dropbox Sign production environment and accessed customer personal and authentication information. “From a technical perspective, Dropbox Sign’s infrastructure is largely separate from other Dropbox services. That said, we

Dropbox says attackers accessed customer and MFA info, API keys Read More »

2024 Data Breach Investigations Report: Most breaches involve a non-malicious human element

CISO, cybersecurity, Don't miss, Hot stuff, News, report, strategy, Verizon /

2024 Data Breach Investigations Report: Most breaches involve a non-malicious human element 2024-05-02 at 08:31 By Help Net Security The exploitation of vulnerabilities as an initial point of entry almost tripled from the previous year, accounting for 14% of all breaches, according to Verizon’s 2024 Data Breach Investigations Report, which analyzed a record-high 30,458 security

2024 Data Breach Investigations Report: Most breaches involve a non-malicious human element Read More »

Securing your organization’s supply chain: Reducing the risks of third parties

cybercrime, cybersecurity, data security, Don't miss, Expert analysis, Expert corner, Hot stuff, i-confidential, News, opinion, risk, supply chain, third party compromise /

Securing your organization’s supply chain: Reducing the risks of third parties 2024-05-02 at 08:16 By Help Net Security When Stephen Hawking said that “we are all now connected by the internet, like neurons in a giant brain”, very few people understood the gravity of his statement. But ten years on from his famous interview with

Securing your organization’s supply chain: Reducing the risks of third parties Read More »

Understanding emerging AI and data privacy regulations

Artificial Intelligence, Compliance, cybersecurity, Data Protection, Don't miss, EU, Europe, Features, Government, Hot stuff, Immuta, law, News, opinion, regulation, Risk Management, USA /

Understanding emerging AI and data privacy regulations 2024-05-02 at 08:01 By Mirko Zorz In this Help Net Security interview, Sophie Stalla-Bourdillon, Senior Privacy Counsel & Legal Engineer at Immuta, discusses the AI Act, the Data Act, and the Health Data Space Regulation. Learn how these regulations interact, their implications for both public and private sectors,

Understanding emerging AI and data privacy regulations Read More »

reNgine: Open-source automated reconnaissance framework for web applications

automation, Don't miss, GitHub, Hot stuff, News, open source, penetration testing, reconnaissance, software /

reNgine: Open-source automated reconnaissance framework for web applications 2024-05-02 at 07:31 By Mirko Zorz reNgine is an open-source automated reconnaissance framework for web applications that focuses on a highly configurable and streamlined recon process. Developing reNgine reNgine was developed to overcome the constraints of conventional reconnaissance tools. It is a good choice for bug bounty

reNgine: Open-source automated reconnaissance framework for web applications Read More »

A closer look at Apiiro’s SHINE partner program

API security, Apiiro, Application Security, cybersecurity, Don't miss, Hot stuff, Risk Management, Video /

A closer look at Apiiro’s SHINE partner program 2024-05-01 at 16:46 By Help Net Security In this Help Net Security video, Adam LaGreca, Founder of 10KMedia, sat down with John Leon, VP of Partnerships at Apiiro, discusses the company’s new technology partner program SHINE. The name stands for the program’s guiding principles – Seamless, Holistic,

A closer look at Apiiro’s SHINE partner program Read More »

Why cloud vulnerabilities need CVEs

Cloud, CVE, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, Nucleus Security, opinion, patching, vulnerability management /

Why cloud vulnerabilities need CVEs 2024-05-01 at 08:01 By Help Net Security When considering vulnerability management’s purpose in a modern world, it’s imperative to recognize the huge transition to new technologies and how you manage risk within these different paradigms and environments (e.g., the cloud). Patch network security isn’t applicable in the same way for

Why cloud vulnerabilities need CVEs Read More »

Scroll to Top