News

Critical Atlassian Confluence zero-day exploited by attackers (CVE-2023-22515)

0-day, Atlassian, Atlassian Confluence, Don't miss, Hot stuff, News, Rapid7, security update, vulnerability /

Critical Atlassian Confluence zero-day exploited by attackers (CVE-2023-22515) 05/10/2023 at 13:02 By Helga Labus Atlassian has fixed a critical zero-day vulnerability (CVE-2023-22515) in Confluence Data Center and Server that is being exploited in the wild. “Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited […]

React to this headline:

Loading spinner

Critical Atlassian Confluence zero-day exploited by attackers (CVE-2023-22515) Read More »

Eyes everywhere: How to safely navigate the IoT video revolution

cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Internet of Things, IoT, Nabto, News, opinion, passwords, Privacy, software /

Eyes everywhere: How to safely navigate the IoT video revolution 05/10/2023 at 12:31 By Help Net Security Cameras are coming to a connected device near you. Cheap image sensors from old mobile phones are flooding the market and bringing video to the Internet of Things (IoT). Vacuum cleaners, bird feeders, connected cars and even smart

React to this headline:

Loading spinner

Eyes everywhere: How to safely navigate the IoT video revolution Read More »

LLMs lower the barrier for entry into cybercrime

cybercrime, cybercriminals, cybersecurity, Egress, Email, Malware, News, phishing, report, social engineering, social media, threats /

LLMs lower the barrier for entry into cybercrime 05/10/2023 at 07:31 By Help Net Security Cybercriminals employ evolving attack methodologies designed to breach traditional perimeter security, including secure email gateways, according to Egress. “Without a doubt chatbots or large language models (LLM) lower the barrier for entry to cybercrime, making it possible to create well-written

React to this headline:

Loading spinner

LLMs lower the barrier for entry into cybercrime Read More »

Soft skills continue to challenge the cybersecurity sector

Adobe, cybersecurity, ISACA, News, report, skill development, survey /

Soft skills continue to challenge the cybersecurity sector 05/10/2023 at 06:31 By Help Net Security New cybersecurity findings pinpoint areas where cybersecurity experts are lacking, with interpersonal skills, cloud computing, and security measures standing out as the most prominent skill deficiencies in cybersecurity specialists, according to a new ISACA report. 59 percent of cybersecurity leaders

React to this headline:

Loading spinner

Soft skills continue to challenge the cybersecurity sector Read More »

The root cause of open-source risk

CISO, cybersecurity, News, open source, report, software development, Sonatype, strategy, survey /

The root cause of open-source risk 05/10/2023 at 06:02 By Help Net Security 2023 saw twice as many software supply chain attacks as 2019-2022 combined. Sonatype logged 245,032 malicious packages in 2023. One in eight open-source downloads today poses known and avoidable risks. Vulnerabilities can still be prevented Nearly all (96%) vulnerabilities are still avoidable.

React to this headline:

Loading spinner

The root cause of open-source risk Read More »

A Hollywood-Backed Nonprofit’s App Promises To Identify Sex Traffickers. But Critics Say It Endangers Survivors

cybersecurity, Editors' Pick, Innovation, News, premium, Technology /

A Hollywood-Backed Nonprofit’s App Promises To Identify Sex Traffickers. But Critics Say It Endangers Survivors 04/10/2023 at 21:32 By Thomas Brewster, Forbes Staff Cofounded by an ex-CIA agent and former NavySeal, DeliverFund was gaining plaudits and big-name donors for its work to prevent trafficking. But critics have accused it of endangering victims of the same

React to this headline:

Loading spinner

A Hollywood-Backed Nonprofit’s App Promises To Identify Sex Traffickers. But Critics Say It Endangers Survivors Read More »

Backdoored Android phones, TVs used for ad fraud – and worse!

Android, backdoor, data theft, Don't miss, fraud, Hot stuff, HUMAN Security, iOS, mobile apps, News, smart tv, smartphones /

Backdoored Android phones, TVs used for ad fraud – and worse! 04/10/2023 at 19:46 By Help Net Security A key monetization mechanism of a sophisticated series of cybercriminal operations involving backdoored off-brand mobile and CTV Android devices has been disrupted, Human Security has announced. The company’s Satori Threat Intelligence and Research Team observed more than

React to this headline:

Loading spinner

Backdoored Android phones, TVs used for ad fraud – and worse! Read More »

Qualcomm patches 3 actively exploited zero-days

0-day, Don't miss, drivers, Hot stuff, News, Qualcomm, security update, vulnerability /

Qualcomm patches 3 actively exploited zero-days 04/10/2023 at 16:46 By Helga Labus Qualcomm has fixed three actively exploited vulnerabilities (CVE-2023-33106, CVE-2023-33107, CVE-2023-33063) in its Adreno GPU and Compute DSP drivers. Vulnerabilities exploited in Qualcomm GPU and DSP drivers The US-based semiconductor company has been notified by Google Threat Analysis Group and Google Project Zero that

React to this headline:

Loading spinner

Qualcomm patches 3 actively exploited zero-days Read More »

Google unveils stricter anti-spam rules for bulk email senders

Don't miss, Gmail, Google, Hot stuff, News, phishing, spam /

Google unveils stricter anti-spam rules for bulk email senders 04/10/2023 at 13:17 By Helga Labus To keep Gmail users’ inboxes “safer and more spam-free”, Google is introducing new requirements for bulk senders (of commercial email). “Last year we started requiring that emails sent to a Gmail address must have some form of authentication. And we’ve

React to this headline:

Loading spinner

Google unveils stricter anti-spam rules for bulk email senders Read More »

Making privacy sustainable: Incorporating privacy into the ESG agenda

BH Consulting, Compliance, data breach, Don't miss, EU, Expert analysis, Expert corner, framework, GDPR, Hot stuff, IoT, legislation, News, opinion, Privacy, regulation, Risk Management, USA /

Making privacy sustainable: Incorporating privacy into the ESG agenda 04/10/2023 at 08:02 By Help Net Security Data breaches have been rising in frequency and magnitude over the last two decades. In fact, the Identity Theft Resource Centre (ITRC) found that between 2005 and 2020, data breach events in the US alone increased from 57 to

React to this headline:

Loading spinner

Making privacy sustainable: Incorporating privacy into the ESG agenda Read More »

Tackling cyber risks head-on using security questionnaires

Artificial Intelligence, cyber risk, cybersecurity, Data Protection, Don't miss, Features, framework, Hot stuff, News, opinion, remediation, risk assessment, Risk Management, Skypher, standards, supply chain /

Tackling cyber risks head-on using security questionnaires 04/10/2023 at 07:33 By Mirko Zorz In this Help Net Security interview, Gaspard de Lacroix-Vaubois, CEO at Skypher, talks about the implementation of security questionnaires and how they facilitate assessments and accountability across all participants in the technology supply chain, fostering trust and safeguarding sensitive data. Many organizations

React to this headline:

Loading spinner

Tackling cyber risks head-on using security questionnaires Read More »

Cybersecurity preparedness pays big dividends for businesses

cybercrime, cybercriminals, cybersecurity, data breach, GetApp, News, phishing, Ransomware, report, survey /

Cybersecurity preparedness pays big dividends for businesses 04/10/2023 at 06:32 By Help Net Security Businesses are taking cybersecurity more seriously by boosting resources and preparedness, according to GetApp. US businesses on the whole are gaining ground against cybercriminals after several years of increasingly severe threats, but the Las Vegas cyberattacks are a stark reminder of

React to this headline:

Loading spinner

Cybersecurity preparedness pays big dividends for businesses Read More »

Factors leading to organizations losing control over IT and security environments

Cloud, Cloudflare, Compliance, cybersecurity, data, digital transformation, hybrid workforce, News, report, SaaS /

Factors leading to organizations losing control over IT and security environments 04/10/2023 at 06:02 By Help Net Security Companies are challenged with the growing need to connect everything in their business while maintaining control over their security, productivity, and competitive growth, according to Cloudflare. “Today, the big clouds have built business models on capturing your

React to this headline:

Loading spinner

Factors leading to organizations losing control over IT and security environments Read More »

People Use Find My iPhone For Long Distance Stalking—And There’s Not Much Apple Can Do

cybersecurity, Editors' Pick, Innovation, News, premium, Technology /

People Use Find My iPhone For Long Distance Stalking—And There’s Not Much Apple Can Do 03/10/2023 at 21:47 By Thomas Brewster, Forbes Staff Find My iPhone and other device-tracking apps have long been used as a tool for domestic abuse, stalking and control of trafficking victims. But so far, there doesn’t appear to be any

React to this headline:

Loading spinner

People Use Find My iPhone For Long Distance Stalking—And There’s Not Much Apple Can Do Read More »

Photos: Cybertech Europe 2023

Armis, Atlantica, CrowdStrike, CyberGuru, Cybertech Europe 2023, Cybertech Global, DGS, F5 Networks, Forcepoint, Fortinet, gamindo, IBM Security, KnowBe4, Leonardo, Lutech, NetWitness, News, Palo Alto Networks, Qualys, Recorded Future, ScourNomad, SentinelOne, Sysdig, Telsy, Thales, Trend Micro, XM Cyber, Zscaler /

Photos: Cybertech Europe 2023 03/10/2023 at 16:47 By Help Net Security The Cybertech Europe conference and exhibition takes place at La Nuvola Convention Center in Rome, and features the latest innovative solutions from dozens of companies and speakers, including senior government officials, C-level executives, and industry trailblazers from Europe and around the world. Conference sessions

React to this headline:

Loading spinner

Photos: Cybertech Europe 2023 Read More »

Zero-day in Arm GPU drivers exploited in targeted attacks (CVE-2023-4211)

0-day, Android, Arm, Don't miss, firmware, Google, Hot stuff, Huawei, News, Samsung, security update, smartphones /

Zero-day in Arm GPU drivers exploited in targeted attacks (CVE-2023-4211) 03/10/2023 at 14:16 By Zeljka Zorz A vulnerability (CVE-2023-4211) in the kernel drivers for several Mali GPUs “may be under limited, targeted exploitation,” British semiconductor manufacturer Arm has confirmed on Monday, when it released drivers updated with patches. Arm’s Mali GPUs are used on a

React to this headline:

Loading spinner

Zero-day in Arm GPU drivers exploited in targeted attacks (CVE-2023-4211) Read More »

Evolving conversations: Cybersecurity as a business risk

attacks, BEC scams, boardroom, CISO, Cloud, collaboration, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Insider Threat, investment, News, opinion, Ransomware, strategy, Trustwave /

Evolving conversations: Cybersecurity as a business risk 03/10/2023 at 08:03 By Help Net Security Board members often lack technical expertise and may not fully grasp cyber risks. On the other hand, CISOs are more accustomed to interfacing with IT staff. This is understandable; the board is responsible for guiding high-level decision-making. They rarely become involved

React to this headline:

Loading spinner

Evolving conversations: Cybersecurity as a business risk Read More »

CISO’s compass: Mastering tech, inspiring teams, and confronting risk

CISO, Compliance, cyber insurance, cybersecurity, data, Don't miss, Features, Hot stuff, law, News, opinion, Privacy, regulation, Risk Management, skill development, Skillsoft, strategy /

CISO’s compass: Mastering tech, inspiring teams, and confronting risk 03/10/2023 at 07:32 By Mirko Zorz In this Help Net Security interview, Okey Obudulu, CISO at Skillsoft, talks about the increasing complexity of the CISO role and challenges they face. He discusses the business environment, tech innovation, the evolving regulatory landscape, limited resources, and budgets. Obudulu

React to this headline:

Loading spinner

CISO’s compass: Mastering tech, inspiring teams, and confronting risk Read More »

Chalk: Open-source software security and infrastructure visibility tool

Crash Override, cybersecurity, Don't miss, GitHub, News, software, software development /

Chalk: Open-source software security and infrastructure visibility tool 03/10/2023 at 06:32 By Mirko Zorz Chalk is a free, open-source tool that helps improve software security. You add a single line to your build script, and it will automatically collect and inject metadata into every build artifact: source code, binaries, and containers. Gaining visibility Chalk enables

React to this headline:

Loading spinner

Chalk: Open-source software security and infrastructure visibility tool Read More »

Scroll to Top