News

Baseline standards for BYOD access requirements

Application Security, BYOD, Compliance, cyber hygiene, cybersecurity, data, Europe, Jamf, mobile devices, News, operating system, patching, policy, Privacy, remote access, shadow IT, standards, survey /

Baseline standards for BYOD access requirements 07/09/2023 at 06:02 By Help Net Security 49% of enterprises across Europe currently have no formal Bring-Your-Own-Device (BYOD) policy in place, meaning they have no visibility into or control over if and how employees are connecting personal devices to corporate resources, according to a Jamf survey. With the summer […]

React to this headline:

Loading spinner

Baseline standards for BYOD access requirements Read More »

Old vulnerabilities are still a big problem

cybercrime, Don't miss, exploit, Fortinet, Hot stuff, Malware, News, patching, Qualys, Ransomware, vulnerability /

Old vulnerabilities are still a big problem 06/09/2023 at 17:01 By Zeljka Zorz A recently flagged phishing campaign aimed at delivering the Agent Tesla RAT to unsuspecting users takes advantage of old vulnerabilities in Microsoft Office that allow remote code execution. “Despite fixes for CVE-2017-11882/CVE-2018-0802 being released by Microsoft in November, 2017 and January, 2018,

React to this headline:

Loading spinner

Old vulnerabilities are still a big problem Read More »

Cybercriminals target MS SQL servers to deliver ransomware

brute-force, Don't miss, Hot stuff, Microsoft, MS SQL Server, News, Ransomware /

Cybercriminals target MS SQL servers to deliver ransomware 06/09/2023 at 16:02 By Helga Labus A cyberattack campaign is targeting exposed Microsoft SQL (MS SQL) databases, aiming to deliver ransomware and Cobalt Strike payloads. The attack campaign The attackers target exposed MS SQL servers by brute-forcing access credentials. After having successfully authenticated, they start enumerating the

React to this headline:

Loading spinner

Cybercriminals target MS SQL servers to deliver ransomware Read More »

MITRE Caldera for OT now available as extension to open-source platform

CISA, critical infrastructure, DHS, GitHub, HSSEDI, MITRE, News, open source, USA /

MITRE Caldera for OT now available as extension to open-source platform 06/09/2023 at 09:32 By Help Net Security MITRE Caldera for OT is now publicly available as an extension to the open-source Caldera platform, allowing security teams to run automated adversary emulation exercises that are specifically focused on threats to operational technology (OT). The first

React to this headline:

Loading spinner

MITRE Caldera for OT now available as extension to open-source platform Read More »

Emerging threat: AI-powered social engineering

Artificial Intelligence, cybercrime, cybersecurity, deepfakes, Don't miss, Email, Europe, Expert analysis, Expert corner, extortion, Hot stuff, law, News, phishing, social engineering, WithSecure /

Emerging threat: AI-powered social engineering 06/09/2023 at 07:32 By Help Net Security Social engineering is a sophisticated form of manipulation but, thanks to AI advancements, malicious groups have gained access to highly sophisticated tools, suggesting that we might be facing more elaborate social engineering attacks in the future. It is becoming increasingly evident that the

React to this headline:

Loading spinner

Emerging threat: AI-powered social engineering Read More »

Compliance budgets under strain as inflation and workload grow

automation, Compliance, cybersecurity, Gartner, investment, News, report /

Compliance budgets under strain as inflation and workload grow 06/09/2023 at 06:33 By Help Net Security Compliance leaders are facing pressure to make the most of existing resources despite economic challenges and increased workload volume and complexity, according to Gartner. To face these challenges, leaders must address three crucial compliance function trends this year: tighter

React to this headline:

Loading spinner

Compliance budgets under strain as inflation and workload grow Read More »

Avoidable digital certificate issues fuel data breaches

access management, AppViewX, authentication, certificates, cybersecurity, data breach, Forrester Consulting, identity management, News, report, survey, zero trust /

Avoidable digital certificate issues fuel data breaches 06/09/2023 at 06:02 By Help Net Security Among organizations that have suffered data breaches 58% were caused by issues related to digital certificates, according to a report by AppViewX and Forrester Consulting. As a result of service outages, 57% said their organizations have incurred costs upwards of $100,000

React to this headline:

Loading spinner

Avoidable digital certificate issues fuel data breaches Read More »

CIS Benchmarks Communities: Where configurations meet consensus

Center for Internet Security, News /

CIS Benchmarks Communities: Where configurations meet consensus 06/09/2023 at 05:47 By Help Net Security Have you ever wondered how technology hardening guidelines are developed? Some are determined by a particular vendor or driven by a bottom-line perspective. That’s not the case with the CIS Benchmarks. They’re the only consensus-developed security configuration recommendations both created and

React to this headline:

Loading spinner

CIS Benchmarks Communities: Where configurations meet consensus Read More »

Atlas VPN zero-day allows sites to discover users’ IP address

0-day, Don't miss, exploit, Hot stuff, Linux, News, VPN, vulnerability /

Atlas VPN zero-day allows sites to discover users’ IP address 05/09/2023 at 20:47 By Zeljka Zorz Atlas VPN has confirmed the existence of a zero-day vulnerability that may allow website owners to discover Linux users’ real IP address. Details about this zero-day vulnerability as well as exploit code have been publicly released on Reddit several

React to this headline:

Loading spinner

Atlas VPN zero-day allows sites to discover users’ IP address Read More »

LockBit leaks sensitive data from maximum security fence manufacturer

critical infrastructure, data breach, Data leak, Don't miss, Hot stuff, legacy technology, News, UK, Windows /

LockBit leaks sensitive data from maximum security fence manufacturer 05/09/2023 at 17:32 By Helga Labus The LockBit ransomware group has breached Zaun, a UK-based manufacturer of fencing systems for military sites and critical utilities, by compromising a legacy computer running Windows 7 and using it as an initial point of access to the wider company

React to this headline:

Loading spinner

LockBit leaks sensitive data from maximum security fence manufacturer Read More »

Connected cars and cybercrime: A primer

attacks, connected cars, cybercrime, cybercriminals, cybersecurity, Don't miss, Expert analysis, Expert corner, exploit, Hot stuff, identity theft, Keylogger, Malware, News, opinion, phishing, VicOne /

Connected cars and cybercrime: A primer 05/09/2023 at 08:02 By Help Net Security Original equipment suppliers (OEMs) and their suppliers who are weighing how to invest their budgets might be inclined to slow pedal investment in addressing cyberthreats. To date, the attacks that they have encountered have remained relatively unsophisticated and not especially harmful. Analysis

React to this headline:

Loading spinner

Connected cars and cybercrime: A primer Read More »

The misconceptions preventing wider adoption of digital signatures

certification, Compliance, cybersecurity, digital signature, Don't miss, Features, fidentity, Government, healthcare, Hot stuff, identity, identity verification, News, PDF, regulation, security ROI /

The misconceptions preventing wider adoption of digital signatures 05/09/2023 at 07:33 By Mirko Zorz In this Help Net Security interview, Thorsten Hau, CEO at fidentity, discusses the legal validity of qualified digital signatures, demonstrating their equivalence to handwritten signatures when backed by robust identity verification. Opting for certified providers that adhere to standards like eIDAS

React to this headline:

Loading spinner

The misconceptions preventing wider adoption of digital signatures Read More »

6 free resources for getting started in cybersecurity

cybersecurity, Don't miss, Hot stuff, how-to, News, skill development, strategy, tips /

6 free resources for getting started in cybersecurity 05/09/2023 at 06:32 By Help Net Security Cybersecurity is not just a career field on the rise – it’s a calling that’s increasingly vital to the infrastructure of our world. But stepping into the universe of threat vectors and intrusion detection systems might sound like a journey

React to this headline:

Loading spinner

6 free resources for getting started in cybersecurity Read More »

Reaper: Open-source reconnaissance and attack proxy workflow automation

Don't miss, Ghost Security, GitHub, News, open source, software /

Reaper: Open-source reconnaissance and attack proxy workflow automation 05/09/2023 at 06:01 By Mirko Zorz Reaper is an open-source reconnaissance and attack proxy, built to be a modern, lightweight, and efficient equivalent to Burp Suite/ZAP. It focuses on automation, collaboration, and building universally distributable workflows. Reaper is a work in progress, but it’s already capable of

React to this headline:

Loading spinner

Reaper: Open-source reconnaissance and attack proxy workflow automation Read More »

5 ways in which FHE can solve blockchain’s privacy problems

blockchain, cybersecurity, data security, Don't miss, Encryption, Expert analysis, Expert corner, framework, Hot stuff, News, opinion, Privacy, supply chain, Zama /

5 ways in which FHE can solve blockchain’s privacy problems 04/09/2023 at 08:02 By Help Net Security Blockchain technology has gained significant traction due to its decentralized nature and immutability, providing transparency and security for various applications, especially in finance. Having gained notoriety during the 2010s with the boom of cryptocurrencies such as Bitcoin, skilled

React to this headline:

Loading spinner

5 ways in which FHE can solve blockchain’s privacy problems Read More »

Spam is up, QR codes emerge as a significant threat vector

BEC scams, cybercrime, cybercriminals, cybersecurity, Email, email security, News, phishing, report, survey, VIPRE Security /

Spam is up, QR codes emerge as a significant threat vector 04/09/2023 at 07:31 By Help Net Security 85% of phishing emails utilized malicious links in the content of the email, and spam emails increased by 30% from Q1 to Q2 2023, according to a VIPRE report. Information technology organizations also overtook financial institutions (9%)

React to this headline:

Loading spinner

Spam is up, QR codes emerge as a significant threat vector Read More »

Ransomware attacks go beyond just data

attacks, backup, Cloud, data, ESG, Keepit, News, Ransomware, report, strategy, survey, threat /

Ransomware attacks go beyond just data 04/09/2023 at 07:01 By Help Net Security 65% of organizations confirmed that ransomware is one of the top three threats to their viability, and for 13%, it is the biggest threat, according to a report by Enterprise Strategy Group (ESG) and Keepit. Organizations’ strategies against ransomware According to the

React to this headline:

Loading spinner

Ransomware attacks go beyond just data Read More »

Global roaming fraud losses to surpass $8 billion by 2028

5G, cybersecurity, fraud, Juniper Research, News, report, survey /

Global roaming fraud losses to surpass $8 billion by 2028 04/09/2023 at 06:31 By Help Net Security Losses from global roaming fraud are anticipated to exceed $8 billion by 2028; driven by the increase in bilateral roaming agreements for data-intensive use cases over 5G networks, according to Juniper Research. In turn, it predicts fraudulent data

React to this headline:

Loading spinner

Global roaming fraud losses to surpass $8 billion by 2028 Read More »

Infosec products of the month: August 2023

Action1, Adaptive Shield, Bitdefender, Bitwarden, Forescout, ImmuniWeb, Kingston Digital, LastPass, Lineaje, LOKKER, Menlo Security, MongoDB, Netskope, NetSPI, News, OffSec, Qualys, SentinelOne, Solvo, SonarSource, SpecterOps, Synopsys, ThreatConnect, Traceable AI, Vicarius /

Infosec products of the month: August 2023 04/09/2023 at 06:02 By Help Net Security Here’s a look at the most interesting products from the past month, featuring releases from: Action1, Adaptive Shield, Bitdefender, Bitwarden, Forescout, ImmuniWeb, Kingston Digital, LastPass, Lineaje, LOKKER, Menlo Security, MongoDB, Netskope, NetSPI, OffSec, Qualys, SentinelOne, Solvo, SonarSource, SpecterOps, Synopsys, ThreatConnect, Traceable

React to this headline:

Loading spinner

Infosec products of the month: August 2023 Read More »

Championing cybersecurity regulatory affairs with Nidhi Gani

Cybellum, News, podcast /

Championing cybersecurity regulatory affairs with Nidhi Gani 03/09/2023 at 13:02 By Help Net Security Nidhi Gani is a seasoned regulatory affairs professional with over a decade of experience in cybersecurity, medical devices, and digital health. She’s worked with devices ranging from heart and lung machines to rehabilitation devices. Nidhi works at Embecta as a Regulatory

React to this headline:

Loading spinner

Championing cybersecurity regulatory affairs with Nidhi Gani Read More »

Scroll to Top