News

Organizations are placing OT cybersecurity responsibility on CISOs

Organizations are placing OT cybersecurity responsibility on CISOs 31/05/2023 at 06:35 By Help Net Security Protecting operational technology (OT) systems is now more critical than ever as more organizations connect their OT environments to the internet, according to Fortinet. Although IT/OT convergence has many benefits, it is being hampered and handicapped by advanced and destructive […]

React to this headline:

Loading spinner

Organizations are placing OT cybersecurity responsibility on CISOs Read More »

Attackers leave organizations with no recovery option

Attackers leave organizations with no recovery option 31/05/2023 at 06:13 By Help Net Security Organizations of all sizes are increasingly falling victim to ransomware attacks and inadequately protecting against this rising cyberthreat, according to Veeam. One in seven organizations will see almost all (>80%) data affected as a result of a ransomware attack – pointing

React to this headline:

Loading spinner

Attackers leave organizations with no recovery option Read More »

Attackers hacked Barracuda ESG appliances via zero-day since October 2022

Attackers hacked Barracuda ESG appliances via zero-day since October 2022 30/05/2023 at 20:10 By Zeljka Zorz Barracuda says that the recently discovered compromise of some of it clients’ ESG appliances via a zero-day vulnerability (CVE-2023-2868) resulted in the deployment of three types of malware and data exfiltration. The company did not say how many organizations

React to this headline:

Loading spinner

Attackers hacked Barracuda ESG appliances via zero-day since October 2022 Read More »

Penetration tester develops AWS-based automated cracking rig

Penetration tester develops AWS-based automated cracking rig 30/05/2023 at 07:40 By Mirko Zorz Building a custom cracking rig for research can be expensive, so penetration tester Max Ahartz built one on AWS. In this Help Net Security interview, he takes us through the process and unveils the details of his creation. What motivated you to

React to this headline:

Loading spinner

Penetration tester develops AWS-based automated cracking rig Read More »

Generative AI: The new attack vector for trust and safety

Generative AI: The new attack vector for trust and safety 30/05/2023 at 06:46 By Help Net Security Threat actors are abusing generative AI to carry out child sex abuse material (CSAM), disinformation, fraud and extremism, according to ActiveFence. “The explosion of generative AI has far-reaching implications for all corners of the internet,” said Noam Schwartz,

React to this headline:

Loading spinner

Generative AI: The new attack vector for trust and safety Read More »

Organizations spend 100 hours battling post-delivery email threats

Organizations spend 100 hours battling post-delivery email threats 30/05/2023 at 06:11 By Help Net Security Nearly every victim of a spear-phishing attack in the last 12 months saw impacts on their organization, including malware infections, stolen data, and reputational damage, according to Barracuda Networks. Barracuda Networks research finds 24% of organizations studied had at least

React to this headline:

Loading spinner

Organizations spend 100 hours battling post-delivery email threats Read More »

Top public cloud security concerns for the media and entertainment industry

Top public cloud security concerns for the media and entertainment industry 29/05/2023 at 08:48 By Help Net Security Media and entertainment (M&E) companies are rapidly turning to cloud storage in efforts to upgrade their security measures, according Wasabi. Survey findings highlighted that, while M&E organizations are still relatively new to cloud storage (69% of respondents

React to this headline:

Loading spinner

Top public cloud security concerns for the media and entertainment industry Read More »

Company size doesn’t matter when it comes to cyberattacks

Company size doesn’t matter when it comes to cyberattacks 29/05/2023 at 06:34 By Help Net Security 65% of organizations in the enterprise sector suffered a cyberattack within the last 12 months, which is similar to the results among companies of all sizes (68%), according to Netwrix. Larger organizations are a more frequent target for cyberattacks

React to this headline:

Loading spinner

Company size doesn’t matter when it comes to cyberattacks Read More »

Digital nomads drive changes in identity verification

Digital nomads drive changes in identity verification 29/05/2023 at 06:34 By Help Net Security Over the past year, 4 in 5 financial companies had experienced an increase in the number of verification cases involving foreign documents, according to Regula. The post Digital nomads drive changes in identity verification appeared first on Help Net Security. This

React to this headline:

Loading spinner

Digital nomads drive changes in identity verification Read More »

Week in review: Zyxel firewalls vulnerability, phishing campaign targets ChatGPT users

Week in review: Zyxel firewalls vulnerability, phishing campaign targets ChatGPT users 28/05/2023 at 12:23 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Wireless Broadband Alliance CEO on key drivers for Wi-Fi adoption in enterprise networks This Help Net Security interview with Tiago Rodrigues, CEO

React to this headline:

Loading spinner

Week in review: Zyxel firewalls vulnerability, phishing campaign targets ChatGPT users Read More »

New Buhti ransomware uses leaked payloads and public exploits

New Buhti ransomware uses leaked payloads and public exploits 26/05/2023 at 08:09 By Helga Labus A newly identified ransomware operation has refashioned leaked LockBit and Babuk payloads into Buhti ransomware, to launch attacks on both Windows and Linux systems. Use of public exploits One notable aspect of the attackers leveraging the Buhti ransomware is their

React to this headline:

Loading spinner

New Buhti ransomware uses leaked payloads and public exploits Read More »

Phishers use encrypted file attachments steal Microsoft 365 account credentials

Phishers use encrypted file attachments steal Microsoft 365 account credentials 26/05/2023 at 08:09 By Helga Labus Phishers are using encrypted restricted-permission messages (.rpmsg) attached in phishing emails to steal Microsoft 365 account credentials. “[The campaigns] are low volume, targeted, and use trusted cloud services to send emails and host content (Microsoft and Adobe),” say Trustwave

React to this headline:

Loading spinner

Phishers use encrypted file attachments steal Microsoft 365 account credentials Read More »

New infosec products of the week: May 26, 2023

New infosec products of the week: May 26, 2023 26/05/2023 at 07:36 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Axiado, Delinea, Netscout, Radware, and Veriff. Delinea Cloud Suite updates reduce the risk of lateral movement in cybersecurity breaches Delinea Cloud Suite updates include

React to this headline:

Loading spinner

New infosec products of the week: May 26, 2023 Read More »

Threat actors exploit new channels for advanced phishing attacks

Threat actors exploit new channels for advanced phishing attacks 26/05/2023 at 07:36 By Help Net Security Perception Point’s team has identified a 356% increase in the number of advanced phishing attacks attempted by threat actors in 2022. Overall, the total number of attacks increased by 87%, highlighting the growing threat that cyber attacks now pose

React to this headline:

Loading spinner

Threat actors exploit new channels for advanced phishing attacks Read More »

Cybercriminals masquerading as MFA vendors

Cybercriminals masquerading as MFA vendors 26/05/2023 at 07:20 By Help Net Security Cybercriminals are increasingly posing as multi-factor authentication vendors and small businesses are becoming more popular targets, according to VIPRE. Attachment-based malspam is on the rise Financial institutions (48%) are still the most targeted sector by a wide margin. Insider attacks now take on

React to this headline:

Loading spinner

Cybercriminals masquerading as MFA vendors Read More »

Fresh perspectives needed to manage growing vulnerabilities

Fresh perspectives needed to manage growing vulnerabilities 26/05/2023 at 06:03 By Help Net Security In its inaugural 2023 Offensive Security Vision Report, NetSPI unveils findings that highlight vulnerability trends across applications, cloud, and networks. Vulnerability patterns The report offers a look back — and forward — at some of the most significant vulnerability patterns of

React to this headline:

Loading spinner

Fresh perspectives needed to manage growing vulnerabilities Read More »

Five Eyes agencies detail how Chinese hackers breached US infrastructure

Five Eyes agencies detail how Chinese hackers breached US infrastructure 25/05/2023 at 14:16 By Help Net Security The National Security Agency (NSA) and Five Eyes partner agencies have identified indicators of compromise associated with a People’s Republic of China (PRC) state-sponsored cyber actor dubbed Volt Typhoon, which is using living off the land techniques to

React to this headline:

Loading spinner

Five Eyes agencies detail how Chinese hackers breached US infrastructure Read More »

Phishing campaign targets ChatGPT users

Phishing campaign targets ChatGPT users 25/05/2023 at 14:05 By Helga Labus A clever phishing campaign aimed at stealing users’ business email account credentials by impersonating OpenAI, the company behind the ChatGPT chatbot, has been spotted by Inky researchers. The attack ChatGPT has quickly gained popularity and is used widely by individuals and organizations. That’s enough

React to this headline:

Loading spinner

Phishing campaign targets ChatGPT users Read More »

Barracuda email security appliances hacked via zero-day vulnerability (CVE-2023-2868)

Barracuda email security appliances hacked via zero-day vulnerability (CVE-2023-2868) 25/05/2023 at 13:07 By Zeljka Zorz A vulnerability (CVE-2023-2868) in Barracuda Networks’ Email Security Gateway (ESG) appliances has been exploited by attackers, the company has warned. About CVE-2023-2868 CVE-2023-2868 is a critical remote command injection vulnerability affecting only physical Barracuda Email Security Gateway appliances, versions 5.1.3.001

React to this headline:

Loading spinner

Barracuda email security appliances hacked via zero-day vulnerability (CVE-2023-2868) Read More »

12 vulnerabilities newly associated with ransomware

12 vulnerabilities newly associated with ransomware 25/05/2023 at 06:04 By Help Net Security In March 2023, the total number of breaches reported was higher than those reported in the previous three years combined, according to Ivanti. Ransomware groups are continuously weaponizing vulnerabilities and adding them to their arsenal to mount crippling and disruptive attacks on

React to this headline:

Loading spinner

12 vulnerabilities newly associated with ransomware Read More »

Scroll to Top