News

ESET HOME Security enhancements strengthen protection against AI-driven threats

ESET, News /

ESET HOME Security enhancements strengthen protection against AI-driven threats 2024-10-23 at 12:33 By Industry News ESET announced its upgraded consumer offering, ESET HOME Security, with new features, such as ESET Folder Guard and Multithread Scanning. These enhancements to ESET HOME Security, as an all-in-one solution for consumers, correspond to the increasing number of advanced, automated, and […]

React to this headline:

Loading spinner

ESET HOME Security enhancements strengthen protection against AI-driven threats Read More »

Effective strategies for measuring and testing cyber resilience

attacks, CISO, cyber hygiene, cyber resilience, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, strategy, supply chain, UK /

Effective strategies for measuring and testing cyber resilience 2024-10-23 at 08:02 By Mirko Zorz In this Help Net Security interview, Detective Superintendent Ian Kirby, CEO of the National Cyber Resilience Centre Group (NCRCG), discusses the emerging cyber threats and strategies organizations can use to increase cyber resilience. He emphasizes basic cyber hygiene, security awareness training,

React to this headline:

Loading spinner

Effective strategies for measuring and testing cyber resilience Read More »

Argus: Open-source information gathering toolkit

Don't miss, GitHub, Hot stuff, News, open source, penetration testing, software /

Argus: Open-source information gathering toolkit 2024-10-23 at 07:33 By Help Net Security Argus is an open-source toolkit that simplifies information gathering and reconnaissance. It features a user-friendly interface and a collection of powerful modules, enabling the exploration of networks, web applications, and security configurations. Argus offers a collection of tools categorized into three main areas:

React to this headline:

Loading spinner

Argus: Open-source information gathering toolkit Read More »

Cybersecurity jobs available right now: October 23, 2024

cybersecurity jobs, News /

Cybersecurity jobs available right now: October 23, 2024 2024-10-23 at 06:33 By Anamarija Pogorelec Cybersecurity Engineer Texas Instruments | USA | On-site – View job details As a Cybersecurity Engineer, you will design, implement and maintain cybersecurity controls for security tools to help drive zero trust and secure by design principles across complex environments. Validate

React to this headline:

Loading spinner

Cybersecurity jobs available right now: October 23, 2024 Read More »

Most women in IT work overtime to advance in their careers

Acronis, cybersecurity, News, report, skill development, survey /

Most women in IT work overtime to advance in their careers 2024-10-23 at 06:03 By Help Net Security As a historically male-dominated industry, many IT companies have been described as having limited career development opportunities for female employees, according to Acronis. Issues like lack of mentorship, inadequate policies for work-life balance, and sometimes even a

React to this headline:

Loading spinner

Most women in IT work overtime to advance in their careers Read More »

VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812)

Broadcom, CVE, Don't miss, Hot stuff, News, security update, virtualization, VMWare, vulnerability /

VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812) 2024-10-22 at 14:02 By Zeljka Zorz Broadcom has released new patches for previously fixed vulnerabilities (CVE-2024-38812, CVE-2024-38813) in vCenter Server, one of which hasn’t been fully addressed the first time and could allow attackers to achieve remote code execution. The vulnerabilities were privately reported by

React to this headline:

Loading spinner

VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812) Read More »

Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383)

CVE, Don't miss, exploit, Hot stuff, News, Positive Technologies, Roundcube, vulnerability /

Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383) 2024-10-22 at 12:34 By Zeljka Zorz Attackers have exploited an XSS vulnerability (CVE-2024-37383) in the Roundcube Webmail client to target a governmental organization of a CIS country, Positive Technologies (PT) analysts have discovered. The vulnerability was patched in May 2024, in Roundcube Webmail versions 1.5.7 and

React to this headline:

Loading spinner

Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383) Read More »

IT security and government services: Balancing transparency and security

CivicPlus, cyberattacks, cybersecurity, Don't miss, Expert analysis, Expert corner, Government, Hot stuff, News, opinion, strategy, training /

IT security and government services: Balancing transparency and security 2024-10-22 at 07:33 By Help Net Security Government information technology leaders find themselves at a challenging balance point: On one end of the scale are increasing threats from cyber actors, bolstered by advanced technology like artificial intelligence (AI); on the other end is a longstanding commitment

React to this headline:

Loading spinner

IT security and government services: Balancing transparency and security Read More »

Phishing scams and malicious domains take center stage as the US election approaches

cybercrime, dark web, election security, Fortinet, News, phishing, report, scams, survey, USA /

Phishing scams and malicious domains take center stage as the US election approaches 2024-10-22 at 07:03 By Help Net Security Phishing scams aimed at voters, malicious domain registrations impersonating candidates, and other threat activity designed to exploit unassuming victims take center stage as the US election approaches, according to Fortinet. “As the 2024 US presidential

React to this headline:

Loading spinner

Phishing scams and malicious domains take center stage as the US election approaches Read More »

Myths holding women back from cybersecurity careers

awareness, certification, cybersecurity, Don't miss, education, Features, Hot stuff, News, opinion, professional, skill development /

Myths holding women back from cybersecurity careers 2024-10-22 at 06:33 By Mirko Zorz In this Help Net Security interview, Dr Kathryn Jones, Head of School, Computer Science and Informatics at Cardiff University, discusses the challenges and misconceptions that deter women from pursuing careers in cybersecurity. Dr Jones also outlines the diverse skills, mentorship, and outreach

React to this headline:

Loading spinner

Myths holding women back from cybersecurity careers Read More »

Hackers are finding new ways to leverage AI

Artificial Intelligence, Bugcrowd, cybersecurity, hacking, News, report, survey /

Hackers are finding new ways to leverage AI 2024-10-22 at 06:20 By Help Net Security AI adoption and integration has continued its rapid momentum within the hacking community, according to Bugcrowd. Nevertheless, it continues to pose both benefits and unfortunate cyber risks. This year’s report revealed a significant shift in the perceived value of AI

React to this headline:

Loading spinner

Hackers are finding new ways to leverage AI Read More »

Whitepaper: Securing GenAI

Don't miss, Hot stuff, IronCore Labs, News, Whitepapers and webinars /

Whitepaper: Securing GenAI 2024-10-22 at 05:48 By Help Net Security The ultimate guide to AI security: key AI security risks, vulnerabilities and strategies for protection. 61% of companies use AI, but few secure it. This whitepaper covers the key AI risks being overlooked from LLMs to RAG. Inside the Securing GenAI whitepaper: GenAI attack surface

React to this headline:

Loading spinner

Whitepaper: Securing GenAI Read More »

Fortinet releases patches for undisclosed critical FortiManager vulnerability

Don't miss, enterprise, Fortinet, Hot stuff, News, patch, security update /

Fortinet releases patches for undisclosed critical FortiManager vulnerability 2024-10-21 at 16:48 By Zeljka Zorz In the last couple of days, Fortinet has released critical security updates for FortiManager, to fix a critical vulnerability that is reportedly being exploited by Chinese threat actors. Security updates are trickling out The company, which is known for pushing out

React to this headline:

Loading spinner

Fortinet releases patches for undisclosed critical FortiManager vulnerability Read More »

The Internet Archive breach continues

credentials, data breach, Don't miss, Hot stuff, Internet Archive, News /

The Internet Archive breach continues 2024-10-21 at 12:46 By Zeljka Zorz Cybersecurity troubles are not over for the Internet Archive (IA), the nonprofit organization behind the popular digital library site: after the recent DDoS attacks, defacement and data breach, an email sent via its Zendesk customer service platform has shown that some of its IT

React to this headline:

Loading spinner

The Internet Archive breach continues Read More »

Building secure AI with MLSecOps

Artificial Intelligence, cybersecurity, Don't miss, Features, Hot stuff, machine learning, News, opinion, Protect AI /

Building secure AI with MLSecOps 2024-10-21 at 07:31 By Mirko Zorz In this Help Net Security interview, Ian Swanson, CEO of Protect AI, discusses the concept of “secure AI by design.” By adopting frameworks like Machine Learning Security Operations (MLSecOps) and focusing on transparency, organizations can build resilient AI systems that are both safe and

React to this headline:

Loading spinner

Building secure AI with MLSecOps Read More »

Aranya: Open-source toolkit to accelerate secure by design concepts

Don't miss, GitHub, News, open source, software, SpiderOak /

Aranya: Open-source toolkit to accelerate secure by design concepts 2024-10-21 at 06:31 By Help Net Security SpiderOak launched its core technology platform as an open-source project called Aranya. This release provides the same level of security as the company’s platform, which is already in use by the Department of Defense. The Aranya project marks a

React to this headline:

Loading spinner

Aranya: Open-source toolkit to accelerate secure by design concepts Read More »

Should the CISOs role be split into two functions?

CISO, cybersecurity, News, regulation, report, survey, Trellix /

Should the CISOs role be split into two functions? 2024-10-21 at 06:01 By Help Net Security 84% of CISOs believe the role needs to be split into two functions – one technical and one business-focused, to maximize security and organizational resilience, according to Trellix. Regulatory demands pose a growing challenge for CISOs The research reveals

React to this headline:

Loading spinner

Should the CISOs role be split into two functions? Read More »

Week in review: 87k+ Fortinet devices still open to attack, red teaming tool used for EDR evasion

News, Week in review /

Week in review: 87k+ Fortinet devices still open to attack, red teaming tool used for EDR evasion 2024-10-20 at 11:10 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113) Last week, CISA added

React to this headline:

Loading spinner

Week in review: 87k+ Fortinet devices still open to attack, red teaming tool used for EDR evasion Read More »

Microsoft lost some customers’ cloud security logs

cloud security, Don't miss, enterprise, Hot stuff, logging, Microsoft, Microsoft Azure, News /

Microsoft lost some customers’ cloud security logs 2024-10-18 at 16:46 By Zeljka Zorz Microsoft has lost several weeks of cloud security logs that its customers rely on to spot cyber intrusions. What happened As reported by Business Insider earlier this month, Microsoft privately notified affected customers of this incident and told them the failure was

React to this headline:

Loading spinner

Microsoft lost some customers’ cloud security logs Read More »

Israeli orgs targeted with wiper malware via ESET-branded emails

ESET, Hot stuff, Israel, Malware, News, phishing /

Israeli orgs targeted with wiper malware via ESET-branded emails 2024-10-18 at 13:32 By Zeljka Zorz Attackers have tried to deliver wiper malware to employees at organizations across Israel by impersonating cybersecurity company ESET via email. The phishing email The attack took the form of a phishing email ostensibly sent by the “Eset Advanced Threat Defense

React to this headline:

Loading spinner

Israeli orgs targeted with wiper malware via ESET-branded emails Read More »

Scroll to Top