News

Unrealistic expectations exacerbate the cybersecurity talent shortage

certification, cybersecurity, cybersecurity talent, education, News, report, ThreatX, training /

Unrealistic expectations exacerbate the cybersecurity talent shortage 25/08/2023 at 06:05 By Help Net Security Consumers believe today’s cybersecurity talent shortage is in large part due to limited exposure to the profession and a lack of cybersecurity education and training at a younger age within school systems, according to ThreatX. 90% of consumers polled say they […]

React to this headline:

Loading spinner

Unrealistic expectations exacerbate the cybersecurity talent shortage Read More »

Cloud hosting firms hit by devastating ransomware attack

cyberattack, Don't miss, Europe, Hot stuff, ISP, News, Ransomware, web hosting /

Cloud hosting firms hit by devastating ransomware attack 24/08/2023 at 16:18 By Helga Labus Danish cloud hosting firms CloudNordic and Azero – both owned by Certiqa Holding – have suffered a ransomware attack that resulted in most customer data being stolen and systems and servers rendered inaccessible. The CloudNordic and Azero ransomware attack In the

React to this headline:

Loading spinner

Cloud hosting firms hit by devastating ransomware attack Read More »

Bitwarden launches E2EE Secrets Manager

Bitwarden, credentials, DevOps, Don't miss, Hot stuff, key management, News, open source, software development /

Bitwarden launches E2EE Secrets Manager 24/08/2023 at 13:24 By Helga Labus Bitwarden, a popular open-source password management service, has released Bitwarden Secrets Manager, an open-source, end-to-end encrypted solution that helps development, IT and DevOps teams store, manage, automate, and share secrets. About Bitwarden Secrets Manager Bitwarden Secrets Manager stores unlimited secrets – database passwords, API

React to this headline:

Loading spinner

Bitwarden launches E2EE Secrets Manager Read More »

Kali Linux 2023.3 released: Kali NetHunter app redesign, 9 new tools, and more!

Don't miss, Hot stuff, Kali Linux, Linux, News, OffSec, open source, penetration testing /

Kali Linux 2023.3 released: Kali NetHunter app redesign, 9 new tools, and more! 24/08/2023 at 09:32 By Help Net Security Offensive Security has released Kali Linux 2023.3, the latest version of its penetration testing and digital forensics platform. New tools in Kali Linux 2023.3 Besides updates to current tools, new versions of Kali typically introduce

React to this headline:

Loading spinner

Kali Linux 2023.3 released: Kali NetHunter app redesign, 9 new tools, and more! Read More »

AI and the evolution of surveillance systems

Artificial Intelligence, cybersecurity, Don't miss, Features, machine learning, News, Oddity, opinion, Privacy, surveillance /

AI and the evolution of surveillance systems 24/08/2023 at 07:01 By Mirko Zorz In this Help Net Security interview, Gerwin van der Lugt, CTO at Oddity, discusses the future of surveillance and AI’s influence. He also delves into how organizations can prevent their systems from perpetuating biases or violating individual rights. What precautions are in

React to this headline:

Loading spinner

AI and the evolution of surveillance systems Read More »

Lack of visibility into cloud access policies leaves enterprises flying blind

access management, authentication, cloud computing, cloud security, Compliance, cybersecurity, identity, News, passwordless, Privacy, report, Strata Identity /

Lack of visibility into cloud access policies leaves enterprises flying blind 24/08/2023 at 06:00 By Help Net Security Fragmented access policies are top security concern in multi-cloud environments, with more than 75% of enterprises reporting they do not know where applications are deployed and who has access to them, according to Strata Identity. Cloud security

React to this headline:

Loading spinner

Lack of visibility into cloud access policies leaves enterprises flying blind Read More »

Webinar: The external attack surface & AI’s role in proactive security

Ionix, News, Whitepapers and webinars /

Webinar: The external attack surface & AI’s role in proactive security 24/08/2023 at 05:32 By Help Net Security The enterprise perimeter is now a massively decentralized IT landscape characterized by large-scale adoption of cloud platforms, digital services, and an increasingly tangled digital supply chain. Regulators are on the march as new threat actors emerge, exploiting

React to this headline:

Loading spinner

Webinar: The external attack surface & AI’s role in proactive security Read More »

Attackers exploited WinRAR zero-day for months to steal money from brokers (CVE-2023-38831)

0-day, cybercrime, Don't miss, Group-IB, Hot stuff, News, security update, Windows, WinRAR /

Attackers exploited WinRAR zero-day for months to steal money from brokers (CVE-2023-38831) 23/08/2023 at 18:46 By Zeljka Zorz Financially-motivated attackers have exploited a zero-day vulnerability in WinRAR (CVE-2023-38831) to trick traders into installing malware that would allow them to steal money from broker accounts. “This vulnerability has been exploited since April 2023,” says Group-IB malware

React to this headline:

Loading spinner

Attackers exploited WinRAR zero-day for months to steal money from brokers (CVE-2023-38831) Read More »

Surge in identity crime victims reporting suicidal thoughts

consumer, Don't miss, Experian, Hot stuff, identity theft, Identity Theft Resource Center, News, scams /

Surge in identity crime victims reporting suicidal thoughts 23/08/2023 at 15:02 By Helga Labus Identity theft can have great financial impact on the victims, but the experienced emotional, physical and psychological impact can be even more devastating, according to the 2023 Consumer Impact Report from the Identity Theft Resource Center (ITRC) and Experian. The report

React to this headline:

Loading spinner

Surge in identity crime victims reporting suicidal thoughts Read More »

Bogus OfficeNote app delivers XLoader macOS malware

botnet, consumer, Don't miss, enterprise, Hot stuff, macOS, Malware, News, SentinelOne /

Bogus OfficeNote app delivers XLoader macOS malware 23/08/2023 at 14:33 By Helga Labus A new macOS-specific variant of the well known XLoader malware is being delivered disguised as the “OfficeNote” app. “Multiple submissions of this sample have appeared on VirusTotal throughout July, indicating that the malware has been widely distributed in the wild,” SentinelOne researchers

React to this headline:

Loading spinner

Bogus OfficeNote app delivers XLoader macOS malware Read More »

Security Onion 2.4: Free, open platform for defenders gets huge update

cybersecurity, Elastic, Elasticsearch, News, software /

Security Onion 2.4: Free, open platform for defenders gets huge update 23/08/2023 at 13:03 By Help Net Security Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It has been downloaded over 2 million times and is being used by security teams worldwide. Security Onion 2.4 comes

React to this headline:

Loading spinner

Security Onion 2.4: Free, open platform for defenders gets huge update Read More »

Open redirect flaws increasingly exploited by phishers

Don't miss, Hot stuff, Kroll, News, phishing, security awareness, social engineering, training /

Open redirect flaws increasingly exploited by phishers 23/08/2023 at 12:49 By Helga Labus Phishing attacks using open redirect flaws are on the rise again, according to Kroll’s Cyber Threat Intelligence (CTI) team, which means organizations should consider refreshing employees’ awareness and knowledge on how to spot them. Malicious URL redirection Open redirect vulnerabilities in web

React to this headline:

Loading spinner

Open redirect flaws increasingly exploited by phishers Read More »

Anticipating the next wave of IoT cybersecurity challenges

Artificial Intelligence, cybersecurity, Don't miss, Features, FIDO Alliance, framework, Hot stuff, Internet of Things, interoperability, machine learning, News, opinion, policy, Red Alert Labs, standards, strategy, vulnerability /

Anticipating the next wave of IoT cybersecurity challenges 23/08/2023 at 07:01 By Mirko Zorz In this Help Net Security interview, Roland Atoui, Managing Director at Red Alert Labs, discusses the intricacies of transitioning from isolated IoT setups to interconnected environments, examining the broadening attack surface and the nuanced complexities this evolution imposes. Atoui also delves

React to this headline:

Loading spinner

Anticipating the next wave of IoT cybersecurity challenges Read More »

Cybercriminals turn to AI to bypass modern email security measures

Artificial Intelligence, attacks, BEC scams, cybercriminals, cybersecurity, Email, email security, News, Osterman Research, Perception Point, phishing, report, scams, threats /

Cybercriminals turn to AI to bypass modern email security measures 23/08/2023 at 06:31 By Help Net Security Cybercriminals employ artificial intelligence (AI) to create complex email threats like phishing and business email compromise (BEC) attacks, while modern email security systems use AI to counter these attacks, according to Perception Point and Osterman Research. AI’s role

React to this headline:

Loading spinner

Cybercriminals turn to AI to bypass modern email security measures Read More »

Large-scale breaches overshadow decline in number of healthcare data incidents

Critical Insight, cybersecurity, data breach, hacker, healthcare, News, NIST, report, risk assessment, strategy, USA /

Large-scale breaches overshadow decline in number of healthcare data incidents 23/08/2023 at 06:04 By Help Net Security While H1 2023 saw an encouraging decrease in the overall number of data breaches impacting healthcare organizations, it was overshadowed by large-scale breaches resulting in a significant increase in the number of individuals affected, which reached record levels,

React to this headline:

Loading spinner

Large-scale breaches overshadow decline in number of healthcare data incidents Read More »

Ivanti Sentry zero-day vulnerability fixed, patch ASAP! (CVE-2023-38035)

0-day, enterprise, gateway, Ivanti, Mnemonic, News, security update /

Ivanti Sentry zero-day vulnerability fixed, patch ASAP! (CVE-2023-38035) 22/08/2023 at 13:48 By Zeljka Zorz Ivanti is urging administrators of Ivanti Sentry (formerly MobileIron Sentry) gateways to patch a newly discovered vulnerability (CVE-2023-38035) that could be exploited to change configuration, run system commands, or write files onto the vulnerable system. “As of now, we are only

React to this headline:

Loading spinner

Ivanti Sentry zero-day vulnerability fixed, patch ASAP! (CVE-2023-38035) Read More »

Seiko joins growing list of ALPHV/BlackCat ransomware victims

data breach, Don't miss, Hot stuff, News, Ransomware /

Seiko joins growing list of ALPHV/BlackCat ransomware victims 22/08/2023 at 12:03 By Helga Labus Japanese watchmaker Seiko has been added to ALPHV (BlackCat) ransomware group’s victim list, following a data breach occurring in early August. The Seiko data breach The company published a data breach and response notice on August 10, 2023, stating that an

React to this headline:

Loading spinner

Seiko joins growing list of ALPHV/BlackCat ransomware victims Read More »

Juniper Networks fixes flaws leading to RCE in firewalls and switches

Don't miss, firewall, Hot stuff, Juniper Networks, News, security update, vulnerability /

Juniper Networks fixes flaws leading to RCE in firewalls and switches 22/08/2023 at 11:46 By Helga Labus Juniper Networks has fixed four vulnerabilities (CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847) in Junos OS that, if chained together, could allow attackers to achieve remote code execution (RCE) on the company’s SRX firewalls and EX switches. The fixed Junos OS

React to this headline:

Loading spinner

Juniper Networks fixes flaws leading to RCE in firewalls and switches Read More »

Maintaining consistent security in diverse cloud infrastructures

CISO, Cloud, cloud computing, cloud security, cyber resilience, cybersecurity, DevOps, Don't miss, Features, Hot stuff, misconfiguration, Mitigant, monitoring, News, opinion, training /

Maintaining consistent security in diverse cloud infrastructures 22/08/2023 at 07:01 By Mirko Zorz As cloud infrastructures become increasingly API-driven and dynamically spread across expansive attack surfaces, achieving clarity proves difficult. Compounding this challenge is the integration of DevOps practices, microservices, and container technologies, which, while fostering agility and scalability, introduce additional layers of complexity and

React to this headline:

Loading spinner

Maintaining consistent security in diverse cloud infrastructures Read More »

8 open-source OSINT tools you should try

Don't miss, Features, GitHub, Hot stuff, News, open source, OSINT, OWASP, penetration testing, reconnaissance, Shodan, software /

8 open-source OSINT tools you should try 22/08/2023 at 06:01 By Help Net Security Open-Source Intelligence (OSINT) refers to gathering, assessing, and interpreting public information to address specific intelligence queries. All the tools listed here are available for free. Amass The OWASP Amass project performs network mapping of attack surfaces and external asset discovery using

React to this headline:

Loading spinner

8 open-source OSINT tools you should try Read More »

Scroll to Top