Hot stuff

Building a culture of security awareness in healthcare begins with leadership

CISO, cyber risk, cybersecurity, Don't miss, Features, healthcare, Hot stuff, how-to, News, security controls, strategy, tips /

Building a culture of security awareness in healthcare begins with leadership 12/06/2023 at 07:35 By Mirko Zorz With the rise of modern trends such as cloud computing and remote work, healthcare institutions strive to balance accessibility, convenience, and robust security. In this Help Net Security interview, Ken Briggs, General Counsel at Salucro, discusses how fostering […]

React to this headline:

Loading spinner

Building a culture of security awareness in healthcare begins with leadership Read More »

Examining the long-term effects of data privacy violations

CCPA, cybersecurity, Data Protection, data security, Don't miss, GDPR, Hot stuff, Privacy, Video /

Examining the long-term effects of data privacy violations 12/06/2023 at 07:02 By Help Net Security Regulatory bodies are taking potential data privacy violations much more seriously this year after a relatively quiet period that followed the enactment of regulations such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We

React to this headline:

Loading spinner

Examining the long-term effects of data privacy violations Read More »

Fortinet patches pre-auth RCE, update your Fortigate firewalls ASAP! (CVE-2023-27997)

Don't miss, Fortinet, FortiOS, Hot stuff, Lexfo, News, Olympe Cyberdefense, security update, vulnerability /

Fortinet patches pre-auth RCE, update your Fortigate firewalls ASAP! (CVE-2023-27997) 11/06/2023 at 22:06 By Zeljka Zorz Fortinet has released several versions of FortiOS, the OS/firmware powering its Fortigate firewalls and other devices, without mentioning that they include a fix for CVE-2023-27997, a remote code execution (RCE) flaw that does not require the attacker to be

React to this headline:

Loading spinner

Fortinet patches pre-auth RCE, update your Fortigate firewalls ASAP! (CVE-2023-27997) Read More »

Replace Barracuda ESG appliances, company urges

Barracuda Networks, data theft, Don't miss, exploit, Hot stuff, Malware, News, Rapid7, vulnerability /

Replace Barracuda ESG appliances, company urges 09/06/2023 at 18:47 By Helga Labus Barracuda Networks is urging customers running phyisical Email Security Gateway (ESG) appliances to replace them immediately, “regardless of patch version level.” Vulnerability identification and disclosure Barracuda has identified a critical vulnerability (CVE-2023-2868) in their ESG appliances on May 19, 2023, and pushed a

React to this headline:

Loading spinner

Replace Barracuda ESG appliances, company urges Read More »

June 2023 Patch Tuesday forecast: Don’t forget about Apple

apple, Don't miss, Expert analysis, Expert corner, Google, Hot stuff, Ivanti, Microsoft, News, Patch Tuesday /

June 2023 Patch Tuesday forecast: Don’t forget about Apple 09/06/2023 at 08:39 By Help Net Security The odd month-to-month pattern of CVEs addressed by Microsoft continued with the May Patch Tuesday. After seeing high numbers for April, we saw 20 and 23 CVEs fixed for Windows 11 and 10, respectively, in May. And after 62

React to this headline:

Loading spinner

June 2023 Patch Tuesday forecast: Don’t forget about Apple Read More »

Introducing the book: Creating a Small Business Cybersecurity Program, Second Edition

books, Center for Internet Security, cybersecurity, Don't miss, Hot stuff, Video /

Introducing the book: Creating a Small Business Cybersecurity Program, Second Edition 09/06/2023 at 07:02 By Help Net Security In this Help Net Security video interview, Alan Watkins, CIS Controls Ambassador, CIS, talks about his new book – Creating a Small Business Cybersecurity Program, Second Edition. This book provides guidance and essential steps small businesses with

React to this headline:

Loading spinner

Introducing the book: Creating a Small Business Cybersecurity Program, Second Edition Read More »

Cl0p announces rules for extortion negotiation after MOVEit hack

Censys, Don't miss, extortion, file-sharing, Hot stuff, Huntress, News, Progress, vulnerability /

Cl0p announces rules for extortion negotiation after MOVEit hack 08/06/2023 at 14:03 By Zeljka Zorz The Cl0p cyber extortion crew says that the many organizations whose data they have pilfered by exploiting a vulnerability in the MOVEit Transfer solution have until June 14 to get in contact with them – or they will post their

React to this headline:

Loading spinner

Cl0p announces rules for extortion negotiation after MOVEit hack Read More »

AI: Interpreting regulation and implementing good practice

Artificial Intelligence, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, machine learning, opinion, regulation, standards, WithSecure /

AI: Interpreting regulation and implementing good practice 08/06/2023 at 08:05 By Help Net Security Businesses have been using artificial intelligence for years, and while machine learning (ML) models have often been taken from open-source repositories and built into business-specific systems, model provenance and assurance have not always necessarily been documented nor built into company policy.

React to this headline:

Loading spinner

AI: Interpreting regulation and implementing good practice Read More »

20 cybersecurity projects on GitHub you should check out

ARMO, CISA, cybersecurity, Don't miss, Faraday Technology Corporation, GitHub, Google, Hot stuff, Metasploit, MISP, MITRE ATT&CK, News, open source, software /

20 cybersecurity projects on GitHub you should check out 08/06/2023 at 07:47 By Helga Labus Open-source GitHub cybersecurity projects, developed and maintained by dedicated contributors, provide valuable tools, frameworks, and resources to enhance security practices. From vulnerability scanning and network monitoring to encryption and incident response, the following collection encompasses a diverse range of projects

React to this headline:

Loading spinner

20 cybersecurity projects on GitHub you should check out Read More »

The evolution of DDoS attacks in 2023

Arelion, attacks, CISO, cybersecurity, DDoS, Don't miss, Hot stuff, threat, Video /

The evolution of DDoS attacks in 2023 08/06/2023 at 07:10 By Help Net Security In this Help Net Security video, Mattias Fridström, Chief Evangelist at Arelion, talks about the DDoS threat landscape during 2023. DDoS attacks reflect significant geo-political challenges and social tensions and have become an increasingly important part of the hybrid warfare arsenal.

React to this headline:

Loading spinner

The evolution of DDoS attacks in 2023 Read More »

Exploited zero-day patched in Chrome (CVE-2023-3079)

0-day, Chrome, Don't miss, Google, Hot stuff, News, security update, vulnerability /

Exploited zero-day patched in Chrome (CVE-2023-3079) 07/06/2023 at 13:07 By Helga Labus Google has fixed a high-severity vulnerability in the Chrome browser (CVE-2023-3079) that is being exploited by attackers. About the vulnerability CVE-2023-3079 is a vulnerability that stems from a type confusion in the V8 JavaScript engine, and has been uncovered by Clément Lecigne of

React to this headline:

Loading spinner

Exploited zero-day patched in Chrome (CVE-2023-3079) Read More »

How to make developers love security

Arnica, cybersecurity, DevOps, Don't miss, Expert analysis, Expert corner, Hot stuff, opinion /

How to make developers love security 07/06/2023 at 08:01 By Help Net Security In my last post I discussed how developers can be your security secret weapon… but how to help them love doing security work? That’s a whole other challenge! Stories of the tension between developers and security teams are a longstanding feature of

React to this headline:

Loading spinner

How to make developers love security Read More »

Embracing realistic simulations in cybersecurity training programs

Don't miss, Hot stuff, Security Innovation, skill development, training, Video /

Embracing realistic simulations in cybersecurity training programs 07/06/2023 at 07:09 By Help Net Security In this Help Net Security video, Ed Adams, CEO of Security Innovation, discusses the shifts in cybersecurity training. 60% of companies now include realistic simulations in their cybersecurity training programs compared to 36% in 2020. According to Security Innovation research, organizations

React to this headline:

Loading spinner

Embracing realistic simulations in cybersecurity training programs Read More »

Verizon 2023 Data Breach Investigations Report: 74% of breaches involve human element

BEC scams, CISO, cybercrime, cybersecurity, Don't miss, Hot stuff, human error, News, Ransomware, report, social engineering, threat, Verizon /

Verizon 2023 Data Breach Investigations Report: 74% of breaches involve human element 06/06/2023 at 16:01 By Help Net Security Verizon Business today released the results of its 16th annual Data Breach Investigations Report (2023 DBIR), which analyzed 16,312 security incidents and 5,199 breaches. Chief among its findings is the soaring cost of ransomware – malicious

React to this headline:

Loading spinner

Verizon 2023 Data Breach Investigations Report: 74% of breaches involve human element Read More »

Zoom announces privacy enhancements and tools

CCPA, Compliance, Don't miss, GDPR, Hot stuff, News, Privacy, regulation, Zoom /

Zoom announces privacy enhancements and tools 06/06/2023 at 15:17 By Helga Labus Zoom has introduced a new range of privacy enhancements and tools to make sure users have control over their data and their privacy preferences. These enhancements not only cater to global customers but also include features specifically designed for users in the European

React to this headline:

Loading spinner

Zoom announces privacy enhancements and tools Read More »

MOVEit Transfer hack fallout: BBC, Aer Lingus, Boots among the victims

0-day, British Airways, cybercrime, data theft, Don't miss, enterprise, extortion, Hot stuff, News, Orange Cyberdefense, Progress, Rapid7, SMBs, supply chain attacks /

MOVEit Transfer hack fallout: BBC, Aer Lingus, Boots among the victims 06/06/2023 at 13:50 By Zeljka Zorz The fallout of the MOVEit Transfer hack via CVE-2023-34362 by the Cl0p gang is expanding, as several UK-based companies have now confirmed that some of their data has been stolen. Victimized organizations The confirmed victims so far are

React to this headline:

Loading spinner

MOVEit Transfer hack fallout: BBC, Aer Lingus, Boots among the victims Read More »

Leveraging large language models (LLMs) for corporate security and privacy

Artificial Intelligence, ChatGPT, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, opinion, Zscaler /

Leveraging large language models (LLMs) for corporate security and privacy 06/06/2023 at 07:33 By Help Net Security “Once a new technology rolls over you, if you’re not part of the steamroller, you’re part of the road.” – Stewart Brand The digital world is vast and ever-evolving, and central to this evolution are large language models

React to this headline:

Loading spinner

Leveraging large language models (LLMs) for corporate security and privacy Read More »

Generative AI’s influence on data governance and compliance

Artificial Intelligence, Compliance, data security, Don't miss, Hot stuff, SECURITI.ai, strategy, tips, Video /

Generative AI’s influence on data governance and compliance 06/06/2023 at 07:02 By Help Net Security In this Help Net Security video, Michael Rinehart, VP of Artificial Intelligence at Securiti.ai, discusses a dark side to generative AI that isn’t talked about enough. Organizations must remember that anything that goes into the learning process can never be

React to this headline:

Loading spinner

Generative AI’s influence on data governance and compliance Read More »

Scroll to Top