News

Current ransomware defenses efforts are not working

cookies, cybercrime, cybersecurity, data, Malware, MFA, News, passwords, phishing, Ransomware, report, social engineering, SpyCloud, survey /

Current ransomware defenses efforts are not working 25/09/2023 at 06:31 By Help Net Security Despite some positive developments, the impact of ransomware attacks remains high, according to SpyCloud. Infostealer infections preceded 22% of ransomware events for North American and European ransomware victim companies in 2023 – with common infostealers such as Raccoon, Vidar, and Redline […]

React to this headline:

Loading spinner

Current ransomware defenses efforts are not working Read More »

Despite rising insider risk costs, budgets are being wasted in the wrong places

attacks, cybersecurity, data breach, Dtex Systems, Gartner, News, Ponemon Institute, remediation, report, risk, Risk Management, social engineering, survey /

Despite rising insider risk costs, budgets are being wasted in the wrong places 25/09/2023 at 06:02 By Help Net Security The cost of an insider risk is the highest it’s ever been, as organizations spend more time than ever trying to contain insider incidents, according to DTEX Systems. The average annual cost of an insider

React to this headline:

Loading spinner

Despite rising insider risk costs, budgets are being wasted in the wrong places Read More »

Week in review: 18 free Microsoft Azure cybersecurity resources, K8 vulnerability allows RCE

News, Week in review /

Week in review: 18 free Microsoft Azure cybersecurity resources, K8 vulnerability allows RCE 24/09/2023 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: LLM Guard: Open-source toolkit for securing Large Language Models LLM Guard is a toolkit designed to fortify the security of

React to this headline:

Loading spinner

Week in review: 18 free Microsoft Azure cybersecurity resources, K8 vulnerability allows RCE Read More »

GitLab fixes critical vulnerability, patch now! (CVE-2023-5009)

DevOps, Don't miss, GitLab, Hot stuff, News, open source, security update, vulnerability /

GitLab fixes critical vulnerability, patch now! (CVE-2023-5009) 22/09/2023 at 13:31 By Helga Labus GitLab has fixed a critical vulnerability (CVE-2023-5009) in the Enterprise Edition (EE) and Community Edition (CE) of its widely used DevOps platform. They flaw may allow a threat actor to abuse scan execution policies to run pipelines as another user. About the

React to this headline:

Loading spinner

GitLab fixes critical vulnerability, patch now! (CVE-2023-5009) Read More »

Apple fixes 3 zero-day vulnerabilities exploited to compromise iPhones

0-day, apple, Don't miss, Hot stuff, iOS, iPad, Isosceles, macOS, News, security update, spyware /

Apple fixes 3 zero-day vulnerabilities exploited to compromise iPhones 22/09/2023 at 13:19 By Zeljka Zorz Apple has released updates for iOS and iPadOS, macOS, watchOS, and Safari to fix three zero-day vulnerabilities (CVE-2023-41992, CVE-2023-41991, CVE-2023-41993) exploited “against versions of iOS before iOS 16.7.” Bill Marczak of The Citizen Lab at The University of Toronto’s Munk

React to this headline:

Loading spinner

Apple fixes 3 zero-day vulnerabilities exploited to compromise iPhones Read More »

Why more security doesn’t mean more effective compliance

automation, Compliance, Don't miss, Email, Expert analysis, Expert corner, Hot stuff, MFA, monitoring, News, opinion, Panaseer, regulation, strategy, tips /

Why more security doesn’t mean more effective compliance 22/09/2023 at 08:31 By Help Net Security Financial institutions have always been a valuable target for cyberattacks. That’s partly why banking and financial institutions are heavily regulated and have more compliance requirements than those in most other industries. A slew of new rules have been put in

React to this headline:

Loading spinner

Why more security doesn’t mean more effective compliance Read More »

New infosec products of the week: September 22, 2023

1Password, Dig, Laiyer.ai, News, Viavi Solutions, Wing Security /

New infosec products of the week: September 22, 2023 22/09/2023 at 08:01 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from 1Password, Dig Security, Laiyer.ai, Viavi Solutions, and Wing Security. 1Password introduces mobile support for passkeys 1Password customers can now create, manage, and sign in

React to this headline:

Loading spinner

New infosec products of the week: September 22, 2023 Read More »

Ransomware cyber insurance claims up by 27%

Coalition, cybercrime, cybersecurity, Insurance, News, Ransomware, report, survey /

Ransomware cyber insurance claims up by 27% 22/09/2023 at 07:31 By Help Net Security Overall cyber insurance claims frequency increased by 12% in the first half of 2023, according to Coalition. Increase in ransomware claims frequency Coalition found that both claims frequency and severity rose for businesses in early 2023 across all revenue bands. Companies

React to this headline:

Loading spinner

Ransomware cyber insurance claims up by 27% Read More »

Code alterations more prevalent in Android apps than iOS

Android, app, Application Security, Cryptocurrency, cybercrime, cybersecurity, Digital.ai, Don't miss, iOS, News, online gaming, Ransomware, report, survey /

Code alterations more prevalent in Android apps than iOS 22/09/2023 at 07:01 By Help Net Security 57% of all monitored apps are under attack, with gaming (63%) and FinServ (62%) apps facing the highest risk, according to Digital.ai. The study found no correlation between an app’s popularity and likelihood of being attacked but found Android

React to this headline:

Loading spinner

Code alterations more prevalent in Android apps than iOS Read More »

IT pros told to accept burnout as normal part of their job

burnout, cybersecurity, data breach, Devo Technology, IT pr, News, report, survey /

IT pros told to accept burnout as normal part of their job 22/09/2023 at 06:31 By Help Net Security The vast majority of IT security professionals admit stress has led them and peers to make errors that have caused data breaches, according to Devo Technology. Recent estimates put the shortage of cybersecurity professionals at 3.5

React to this headline:

Loading spinner

IT pros told to accept burnout as normal part of their job Read More »

SMEs overestimate their cybersecurity preparedness

attacks, cyber insurance, cybersecurity, data breach, Guardz, MSP, News, report, survey, training /

SMEs overestimate their cybersecurity preparedness 22/09/2023 at 06:02 By Help Net Security 57% of SMEs have fallen victim to at least one cybersecurity breach, among whom 31% reported that their business experienced a breach within the past 12 months alone, according to Guardz. The increasing number of evolving cyber threats poses a significant risk to

React to this headline:

Loading spinner

SMEs overestimate their cybersecurity preparedness Read More »

Signal takes a quantum leap with E2EE protocol upgrade

Don't miss, Encryption, Hot stuff, News, quantum computing, secure communications, Signal /

Signal takes a quantum leap with E2EE protocol upgrade 21/09/2023 at 16:01 By Helga Labus Signal has announced an upgrade to its end-to-end encryption (E2EE) protocol to protect users of its popular messaging app from encryption-breaking attacks through quantum computers. Getting ready for quantum computing “Quantum computing represents a new type of computational system which

React to this headline:

Loading spinner

Signal takes a quantum leap with E2EE protocol upgrade Read More »

Telecom firms hit with novel backdoors disguised as security software

Cisco, Don't miss, Hot stuff, Malware, News, telecommunications /

Telecom firms hit with novel backdoors disguised as security software 21/09/2023 at 15:31 By Zeljka Zorz Researchers have unearthed new backdoors leveraged to maintain long-term access in the networks of telecom firms in the Middle East. HTTPSnoop and PipeSnoop – as the two implants have been dubbed by Cisco Talos researchers – have been disguised

React to this headline:

Loading spinner

Telecom firms hit with novel backdoors disguised as security software Read More »

Fake WinRAR PoC spread VenomRAT malware

Don't miss, Hot stuff, Malware, News, Palo Alto Networks, PoC, vulnerability, WinRAR /

Fake WinRAR PoC spread VenomRAT malware 21/09/2023 at 13:01 By Helga Labus An unknown threat actor has released a fake proof of concept (PoC) exploit for CVE-2023-4047, a recently fixed remote code execution (RCE) vulnerability in WinRAR, to spread the VenomRAT malware. The fake WinRAR PoC On August 17, 2023, Trend Micro’s Zero Day Initiative

React to this headline:

Loading spinner

Fake WinRAR PoC spread VenomRAT malware Read More »

Critical Trend Micro vulnerability exploited in the wild (CVE-2023-41179)

Don't miss, Endpoint Security, enterprise, Hot stuff, News, patch, security update, Trend Micro, vulnerability /

Critical Trend Micro vulnerability exploited in the wild (CVE-2023-41179) 21/09/2023 at 11:46 By Zeljka Zorz Trend Micro has fixed a critical zero-day vulnerability (CVE-2023-41179) in several of its endpoint security products for enterprises that has been spotted being exploited in the wild. About CVE-2023-41179 The nature of the flaw hasn’t been revealed, but we know

React to this headline:

Loading spinner

Critical Trend Micro vulnerability exploited in the wild (CVE-2023-41179) Read More »

How companies can take control of their cybersecurity

Compliance, cybersecurity, Don't miss, Features, GDPR, Hot stuff, News, opinion, Reciproc-IT, regulation, skill development, standards, strategy /

How companies can take control of their cybersecurity 21/09/2023 at 07:17 By Mirko Zorz In this Help Net Security interview, Baya Lonqueux, CEO at Reciproc-IT, discusses the evolving cybersecurity landscape and the essential skillsets needed for teams working in this field. The interview highlights the shift from technical expertise to a focus on organizational and

React to this headline:

Loading spinner

How companies can take control of their cybersecurity Read More »

Regulatory pressure complicates cybersecurity for industrial equipment manufacturers

Compliance, critical infrastructure, Cybellum, cybersecurity, News, regulation, report, supply chain, survey, threats /

Regulatory pressure complicates cybersecurity for industrial equipment manufacturers 21/09/2023 at 07:02 By Help Net Security 50% of companies lack a dedicated security function for control systems and devices within their organizational structure, according to Cybellum. Security incidents involving industrial organizations have seen a sharp rise in recent years, with notable cases highlighting the vulnerabilities in

React to this headline:

Loading spinner

Regulatory pressure complicates cybersecurity for industrial equipment manufacturers Read More »

Hidden dangers loom for subsea cables, the invisible infrastructure of the internet

attacks, critical infrastructure, cyber espionage, cyber resilience, cybersecurity, ENISA, EU, law, News, regulation, report /

Hidden dangers loom for subsea cables, the invisible infrastructure of the internet 21/09/2023 at 06:32 By Help Net Security More than 97% of the world’s internet traffic passes through subsea cables at some point, according to ENISA. Subsea cables are a vital component of the global internet infrastructure, and it is critical to protect them

React to this headline:

Loading spinner

Hidden dangers loom for subsea cables, the invisible infrastructure of the internet Read More »

Building GenAI competence for business growth

Compliance, cybersecurity, framework, generative AI, IDC, News, policy, regulation, report, skill development, strategy, training /

Building GenAI competence for business growth 21/09/2023 at 06:02 By Help Net Security To embark on the GenAI technology adoption journey for business success, organizations require foundational activities related to GenAI investment, guidance in prioritizing use cases, and identification of key stakeholders essential for building and implementing successful initiatives, according to IDC. Essential key activities

React to this headline:

Loading spinner

Building GenAI competence for business growth Read More »

Shadow IT: Security policies may be a problem

Don't miss, enterprise, Hot stuff, Kolide, News, policy, shadow IT, survey, training /

Shadow IT: Security policies may be a problem 20/09/2023 at 08:23 By Zeljka Zorz 3 out of 4 workers use personal (and often unmanaged) phones and laptops for work and nearly half of companies let unmanaged devices access protected resources, a recent report by Kolide and Dimensional Research has revealed. When asked why they use

React to this headline:

Loading spinner

Shadow IT: Security policies may be a problem Read More »

Scroll to Top