Hot stuff

The essence of OT security: A proactive guide to achieving CISA’s Cybersecurity Performance Goals

CISA, Claroty, Don't miss, Expert analysis, Expert corner, Hot stuff, MFA, NIST, opinion, remote access, remote working, supply chain, threats, vulnerability /

The essence of OT security: A proactive guide to achieving CISA’s Cybersecurity Performance Goals 25/05/2023 at 08:12 By Help Net Security The widespread adoption of remote and hybrid working practices in recent years has brought numerous benefits to various industries, but has also introduced new cyber threats, particularly in the critical infrastructure sector. These threats […]

React to this headline:

Loading spinner

The essence of OT security: A proactive guide to achieving CISA’s Cybersecurity Performance Goals Read More »

How smart bots are infecting and exploiting the internet

bot, cybersecurity, Don't miss, Hot stuff, Imperva, strategy, tips, Video /

How smart bots are infecting and exploiting the internet 25/05/2023 at 07:15 By Help Net Security According to Imperva, bad bot traffic grew to 30.2%, a 2.5% increase over 2021. In this Help Net Security video, Lynn Marks, Senior Product Manager at Imperva, discusses malicious bot activity. This is a substantial threat for businesses, leading

React to this headline:

Loading spinner

How smart bots are infecting and exploiting the internet Read More »

IT employee piggybacked on cyberattack for personal gain

Don't miss, Hot stuff, Insider Threat, News, Ransomware, UK /

IT employee piggybacked on cyberattack for personal gain 24/05/2023 at 14:34 By Helga Labus A 28-year-old former IT employee of an Oxford-based company has been convicted of blackmailing his employer and unauthorized access to a computer with intent to commit other offences, after pleading guilty during a hearing at Reading Crown Court, England. IT employee

React to this headline:

Loading spinner

IT employee piggybacked on cyberattack for personal gain Read More »

How to avoid shadow AI in your SOC

Artificial Intelligence, ChatGPT, cybersecurity, Devo Technology, Don't miss, Expert analysis, Expert corner, Hot stuff, opinion, security operations /

How to avoid shadow AI in your SOC 24/05/2023 at 07:57 By Help Net Security Samsung’s recent discovery that employees had uploaded sensitive code to ChatGPT should serve as a reminder for security leaders to tread carefully when it comes to integrating new artificial intelligence tools throughout their organizations. Shadow AI Employees are using the

React to this headline:

Loading spinner

How to avoid shadow AI in your SOC Read More »

CISO-level tips for securing corporate data in the cloud

cloud security, cybersecurity, data security, Don't miss, Hot stuff, SaaS, strategy, tips, Video /

CISO-level tips for securing corporate data in the cloud 24/05/2023 at 07:17 By Help Net Security The presence of each third-party application increases the potential for attacks, particularly when end users install them without proper oversight or approval. IT security teams face challenges in obtaining comprehensive knowledge about the apps connected to their corporate SaaS

React to this headline:

Loading spinner

CISO-level tips for securing corporate data in the cloud Read More »

Navigating the quantum leap in cybersecurity

CISO, cyber risk, cybersecurity, Don't miss, Features, Hot stuff, ISARA, News, opinion, quantum computing /

Navigating the quantum leap in cybersecurity 24/05/2023 at 07:17 By Mirko Zorz In this Help Net Security interview, we sit down with Dr. Atsushi Yamada, the newly appointed CEO of ISARA, a security solutions company specializing in creating quantum-safe cryptography. With over two decades of experience in cryptography and cybersecurity, Dr. Yamada discusses his vision

React to this headline:

Loading spinner

Navigating the quantum leap in cybersecurity Read More »

Simple OSINT techniques to spot AI-fueled disinformation, fake reviews

Artificial Intelligence, ChatGPT, Don't miss, Hot stuff, News, OSINT, ShadowDragon /

Simple OSINT techniques to spot AI-fueled disinformation, fake reviews 23/05/2023 at 12:20 By Helga Labus Error messages that ChatGPT and other AI language models generate can be used to uncover disinformation campaigns, hate speech and fake reviews via OSINT collection and analysis, says Nico Dekens, director of intelligence at ShadowDragon. AI-generated content found via Google

React to this headline:

Loading spinner

Simple OSINT techniques to spot AI-fueled disinformation, fake reviews Read More »

7 access management challenges during M&A

data, Don't miss, Expert analysis, Expert corner, financial industry, Hot stuff, opinion, SecureAuth, threats /

7 access management challenges during M&A 23/05/2023 at 07:37 By Help Net Security Integrating an acquired company into a single organization is a daunting task that can take weeks, months, or even years to complete. To have a successful conclusion to the mergers and acquisitions (M&As) process, identity and access management (IAM) teams need time

React to this headline:

Loading spinner

7 access management challenges during M&A Read More »

Gap between OT security assumptions and reality

CISO, cybersecurity, Don't miss, Hot stuff, Otorio, strategy, tips, Video /

Gap between OT security assumptions and reality 23/05/2023 at 07:02 By Help Net Security In the fast-evolving landscape of technology and connectivity, ensuring the security of operational technology (OT) systems has become a paramount concern for organizations worldwide. In this Help Net Security video, Daniel Bren, CEO at OTORIO, discusses a significant discrepancy between how

React to this headline:

Loading spinner

Gap between OT security assumptions and reality Read More »

Vulnerability in Zyxel firewalls may soon be widely exploited (CVE-2023-28771)

Don't miss, enterprise, firewall, firmware, Hot stuff, News, PoC, Rapid7, security update, SMBs, vulnerability, Zyxel /

Vulnerability in Zyxel firewalls may soon be widely exploited (CVE-2023-28771) 22/05/2023 at 14:05 By Zeljka Zorz A recently fixed command injection vulnerability (CVE-2023-28771) affecting a variety Zyxel firewalls may soon be exploited in the wild, Rapid7 researchers have warned, after publishing a technical analysis and a PoC script that triggers the vulnerability and achieves a

React to this headline:

Loading spinner

Vulnerability in Zyxel firewalls may soon be widely exploited (CVE-2023-28771) Read More »

Blacklist untrustworthy apps that peek behind your firewall

BYOD, data security, Don't miss, Expert analysis, Expert corner, Hexnode, Hot stuff, opinion, Privacy, remote working, threats, XDR /

Blacklist untrustworthy apps that peek behind your firewall 22/05/2023 at 08:05 By Help Net Security With an increasing number of endpoints and expanding attack surfaces, dodgy apps can offer a way around your firewall. Due to data privacy concerns, Montana has passed the first bill in the United States to ban TikTok. Previously, India has

React to this headline:

Loading spinner

Blacklist untrustworthy apps that peek behind your firewall Read More »

Wireless Broadband Alliance CEO on key drivers for Wi-Fi adoption in enterprise networks

5G, Don't miss, Features, Hot stuff, networking, News, opinion, wireless, Wireless Broadband Alliance /

Wireless Broadband Alliance CEO on key drivers for Wi-Fi adoption in enterprise networks 22/05/2023 at 07:47 By Mirko Zorz The demand for robust, reliable, and high-speed connectivity is increasing rapidly in the era of relentless digital transformation. This Help Net Security interview with Tiago Rodrigues, CEO at Wireless Broadband Alliance (WBA), delves into the future

React to this headline:

Loading spinner

Wireless Broadband Alliance CEO on key drivers for Wi-Fi adoption in enterprise networks Read More »

How generative AI is reshaping the identity verification landscape

Artificial Intelligence, cyber risk, Don't miss, Hot stuff, identity verification, Video /

How generative AI is reshaping the identity verification landscape 22/05/2023 at 07:32 By Help Net Security The identity verification market is experiencing a significant surge in growth. In recent years, many solutions have emerged to assist businesses in establishing trust and facilitating remote user onboarding. This demand arises from the alarming rise in identity fraud,

React to this headline:

Loading spinner

How generative AI is reshaping the identity verification landscape Read More »

How continuous security monitoring is changing the compliance game

CISO, Compliance, cyber risk, Don't miss, Hot stuff, opinion, Scytale, strategy, Video /

How continuous security monitoring is changing the compliance game 22/05/2023 at 07:01 By Help Net Security Managing compliance doesn’t have to be draining, time-consuming, or overly complicated. In this Help Net Security video, Wesley Van Zyl, Senior Manager, Compliance Success at Scytale, discusses how keeping track of all your security controls can be challenging, particularly

React to this headline:

Loading spinner

How continuous security monitoring is changing the compliance game Read More »

Apple fixes WebKit 0-days under attack (CVE-2023-28204, CVE-2023-32373, CVE-2023-32409)

0-day, apple, Don't miss, Hot stuff, iOS, iPad, macOS, News, security update /

Apple fixes WebKit 0-days under attack (CVE-2023-28204, CVE-2023-32373, CVE-2023-32409) 19/05/2023 at 14:19 By Zeljka Zorz Apple has released security updates for iOS and iPadOS, macOS, tvOS and watchOS, delivering fixes for many vulnerabilities but, most importantly, for CVE-2023-32409, a WebKit 0-day that “may have been actively exploited.” The notes accompanying the updates also revealed that

React to this headline:

Loading spinner

Apple fixes WebKit 0-days under attack (CVE-2023-28204, CVE-2023-32373, CVE-2023-32409) Read More »

DarkBERT could help automate dark web mining for cyber threat intelligence

Artificial Intelligence, dark web, Don't miss, Hot stuff, News, research, Threat Intelligence /

DarkBERT could help automate dark web mining for cyber threat intelligence 19/05/2023 at 13:05 By Helga Labus Researchers have developed DarkBERT, a language model pretrained on dark web data, to help cybersecurity pros extract cyber threat intelligence (CTI) from the Internet’s virtual underbelly. DarkBERT pretraining process and evaluated use case scenarios (Source: KAIST/S2W) DarkBERT: A

React to this headline:

Loading spinner

DarkBERT could help automate dark web mining for cyber threat intelligence Read More »

Exploring the tactics of phishing and scam websites in 2023

Don't miss, Hot stuff, Video /

Exploring the tactics of phishing and scam websites in 2023 19/05/2023 at 07:02 By Help Net Security Phishing scams pose an escalating danger as cybercriminals employ increasingly sophisticated techniques, rendering their detection and prevention more challenging. In this Help Net Security video, Abhilash Garimella, Head of Research at Bolster, talks about the evolution of phishing

React to this headline:

Loading spinner

Exploring the tactics of phishing and scam websites in 2023 Read More »

Introducing Permit.io: Simplifying access control and policy management for developers

AWS, Don't miss, Hot stuff, Permit.io, Video /

Introducing Permit.io: Simplifying access control and policy management for developers 18/05/2023 at 08:00 By Zeljka Zorz In this Help Net Security video interview, Or Weis, Co-Founder and CEO of Permit.io, discusses an innovative approach to managing permissions and access control within applications. We will explore policy as code and how it addresses organizations’ challenges in

React to this headline:

Loading spinner

Introducing Permit.io: Simplifying access control and policy management for developers Read More »

Enhancing open source security: Insights from the OpenSSF on addressing key challenges

CISO, Don't miss, Features, Hot stuff, News, open source, OpenSSF, opinion, software, strategy, The Linux Foundation, tips /

Enhancing open source security: Insights from the OpenSSF on addressing key challenges 18/05/2023 at 08:00 By Mirko Zorz In this Help Net Security interview, we meet a prominent industry leader. Brian Behlendorf, CTO at the Open Source Security Foundation (OpenSSF), shares insights on the influence of his experiences with the White House CTO office, World

React to this headline:

Loading spinner

Enhancing open source security: Insights from the OpenSSF on addressing key challenges Read More »

TP-Link routers implanted with malicious firmware in state-sponsored attacks

backdoor, Check Point, Don't miss, Hot stuff, Malware, News, router, TP-LINK /

TP-Link routers implanted with malicious firmware in state-sponsored attacks 17/05/2023 at 16:44 By Helga Labus A Chinese state-sponsored APT group implanted malicious firmware into TP-Link routers as part of attack campaigns aimed at European foreign affairs entities, say Check Point researchers. Custom malicious firmware for TP-Link routers The malicious firmware was exclusively created for TP-Link

React to this headline:

Loading spinner

TP-Link routers implanted with malicious firmware in state-sponsored attacks Read More »

Scroll to Top