News

Zoom CISO Michael Adams discusses cybersecurity threats, solutions, and the future

cybersecurity, Don't miss, Features, Hot stuff, News, opinion, remote working, strategy, Zoom /

Zoom CISO Michael Adams discusses cybersecurity threats, solutions, and the future 07/08/2023 at 07:32 By Mirko Zorz In this exclusive Help Net Security interview, we delve into the world of cybersecurity with Michael Adams, the CISO at Zoom. Adams analyzes how organizations grapple with the effects of workforce shortages and remote work complications, offering insights […]

React to this headline:

Loading spinner

Zoom CISO Michael Adams discusses cybersecurity threats, solutions, and the future Read More »

Budget constraints threaten cybersecurity in government bodies

Black Hat USA 2023, BlackBerry, cyberattack, cybercrime, cybersecurity, News, report, survey /

Budget constraints threaten cybersecurity in government bodies 07/08/2023 at 07:02 By Help Net Security Government organizations are attractive targets for threat actors whose motivations may be geopolitical, financial, or disruption, according to BlackBerry. Because threat actors may include private individuals, small groups, or state-sponsored APT groups (which use APT tactics), government organizations must defend against

React to this headline:

Loading spinner

Budget constraints threaten cybersecurity in government bodies Read More »

Week in review: AWS SSM agents as RATs, Patch Tuesday forecast

News, Week in review /

Week in review: AWS SSM agents as RATs, Patch Tuesday forecast 06/08/2023 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Open-source penetration testing tool BloodHound CE released SpecterOps released version 5.0 of BloodHound Community Edition (CE), a free and open-source penetration testing

React to this headline:

Loading spinner

Week in review: AWS SSM agents as RATs, Patch Tuesday forecast Read More »

Top 12 vulnerabilities routinely exploited in 2022

ACSC, CISA, Don't miss, exploit, FBI, Hot stuff, NCSC, News, trends, vulnerability /

Top 12 vulnerabilities routinely exploited in 2022 04/08/2023 at 16:31 By Helga Labus Cybersecurity agencies from member countries of the Five Eyes intelligence alliance have released a list of the top 12 vulnerabilities routinely exploited in 2022, plus 30 additional ones also “popular” with attackers. The top 12 “In 2022, malicious cyber actors exploited older

React to this headline:

Loading spinner

Top 12 vulnerabilities routinely exploited in 2022 Read More »

Google makes removal of personal user info from Search easier

Don't miss, Google, Hot stuff, News, Privacy, search engine, user, user data /

Google makes removal of personal user info from Search easier 04/08/2023 at 13:17 By Helga Labus Google is making it easier for users to remove personal contact information and personal, non-consensual explicit imagery from Google search results. “Of course, removing content from Google Search does not remove it from the web or other search engines,

React to this headline:

Loading spinner

Google makes removal of personal user info from Search easier Read More »

August 2023 Patch Tuesday forecast: Software security improvements

Adobe, apple, CISA, Don't miss, Expert analysis, FIRST, Hot stuff, Ivanti, Microsoft, Mozilla, News, Patch Tuesday /

August 2023 Patch Tuesday forecast: Software security improvements 04/08/2023 at 12:17 By Help Net Security The continued onslaught of phishing attacks, ransomware deployment, and other exploitation is forcing the community to pay closer attention to early identification, as well as fast response, to vulnerabilities in their software. In July alone Microsoft addressed 84 CVEs in

React to this headline:

Loading spinner

August 2023 Patch Tuesday forecast: Software security improvements Read More »

New infosec products of the week: August 4, 2023

Forescout, Lineaje, Menlo Security, News, Qualys, SonarSource, SpecterOps, Synopsys, Traceable AI /

New infosec products of the week: August 4, 2023 04/08/2023 at 07:32 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Forescout, Menlo Security, Qualys, Sonar, SpecterOps, Synopsys, Traceable AI, and Lineaje. Open-source penetration testing tool BloodHound CE released SpecterOps released version 5.0 of BloodHound

React to this headline:

Loading spinner

New infosec products of the week: August 4, 2023 Read More »

The direct impact of cyberattacks on patient safety and care delivery

cyberattack, cybersecurity, data, Don't miss, Features, Health3PT, healthcare, Hot stuff, Memorial Sloan Kettering Cancer Center, News, opinion, Ransomware /

The direct impact of cyberattacks on patient safety and care delivery 04/08/2023 at 07:02 By Help Net Security As the healthcare industry continues its rapid transformation through the adoption of digital technologies, it is also confronted with an ever-expanding range of cybersecurity threats. In this Help Net Security interview, Dr. Omar Sangurima, Principal Technical Program

React to this headline:

Loading spinner

The direct impact of cyberattacks on patient safety and care delivery Read More »

VPNs remain a risky gamble for remote access

cybersecurity, News, Ransomware, report, survey, VPN, vulnerability, zero trust, Zscaler /

VPNs remain a risky gamble for remote access 04/08/2023 at 06:33 By Help Net Security Organizations are expressing deep concerns about their network security due to the risks from VPNs, according to a new Zscaler report. The report stresses the need for organizations to reevaluate their security posture and migrate to a zero-trust architecture due

React to this headline:

Loading spinner

VPNs remain a risky gamble for remote access Read More »

IaaS networking services revenue to hit $19.4 billion in 2023

Cloud, digital transformation, IaaS, IDC, News, report, survey /

IaaS networking services revenue to hit $19.4 billion in 2023 04/08/2023 at 06:02 By Help Net Security The importance of networking to and within cloud environments has grown significantly for enterprise customers as more and more applications, workloads, and data are moved to the cloud, according to IDC. IDC estimates that worldwide revenue for public

React to this headline:

Loading spinner

IaaS networking services revenue to hit $19.4 billion in 2023 Read More »

Onyxia’s CPM platform enables CISOs to optimize their security programs

Industry news, News, Onyxia /

Onyxia’s CPM platform enables CISOs to optimize their security programs 03/08/2023 at 15:32 By Industry News Onyxia unveiled a AI-powered Cybersecurity Performance Management (CPM) platform, a vital management platform for security leaders to better measure the performance of their cybersecurity programs and reduce risk. By having real-time Cybersecurity Performance Indicator (CPI) metrics and actionable security

React to this headline:

Loading spinner

Onyxia’s CPM platform enables CISOs to optimize their security programs Read More »

Russian APT phished government employees via Microsoft Teams

APT, Don't miss, Government, government-backed attacks, Hot stuff, Microsoft, Microsoft Teams, News, phishing, social engineering /

Russian APT phished government employees via Microsoft Teams 03/08/2023 at 15:17 By Zeljka Zorz An APT group linked to Russia’s Foreign Intelligence Service has hit employees of several dozen global organizations with phishing attacks via Microsoft Teams, says Microsoft. A social engineering attack to bypass MFA protection “To facilitate their attack, the actor uses Microsoft

React to this headline:

Loading spinner

Russian APT phished government employees via Microsoft Teams Read More »

Ivanti discloses another vulnerability in MobileIron Core (CVE-2023-35082)

0-day, Don't miss, endpoint management, Hot stuff, Ivanti, MobileIron, News, Rapid7, security update, vulnerability /

Ivanti discloses another vulnerability in MobileIron Core (CVE-2023-35082) 03/08/2023 at 13:46 By Helga Labus Ivanti has disclosed a critical vulnerability (CVE-2023-35082) affecting old, out-of-support versions of MobileIron Core, an enterprise device solution that has since been rebranded to Ivanti Endpoint Manager Mobile (EPMM). “The vulnerability was incidentally resolved in MobileIron Core 11.3 as part of

React to this headline:

Loading spinner

Ivanti discloses another vulnerability in MobileIron Core (CVE-2023-35082) Read More »

7 fake cryptocurrency investment apps discovered in Google Play, Apple App Store

Cryptocurrency, cybercrime, fake, FBI, fraud, Google Play, News, scams, Sophos /

7 fake cryptocurrency investment apps discovered in Google Play, Apple App Store 03/08/2023 at 09:47 By Help Net Security Sophos released new findings on CryptoRom scams—a subset of pig butchering schemes designed to trick users of dating apps into making fake cryptocurrency investments. Since May, Sophos X-Ops has observed CryptoRom fraudsters refining their techniques, including

React to this headline:

Loading spinner

7 fake cryptocurrency investment apps discovered in Google Play, Apple App Store Read More »

Google’s AI Red Team: Advancing cybersecurity on the AI frontier

Artificial Intelligence, cybersecurity, Don't miss, Features, Google, Hot stuff, machine learning, News, opinion, red team /

Google’s AI Red Team: Advancing cybersecurity on the AI frontier 03/08/2023 at 08:02 By Help Net Security With the rise of ML, traditional red teams tasked with probing and exposing security vulnerabilities found themselves facing a new set of challenges that required a deep and comprehensive understanding of machine learning. Google’s recent announcement about the

React to this headline:

Loading spinner

Google’s AI Red Team: Advancing cybersecurity on the AI frontier Read More »

Assess multi-cloud security with the open-source CNAPPgoat project

AWS, Ermetic, GitHub, Microsoft Azure, Microsoft Entra ID, News, open source, penetration testing, software /

Assess multi-cloud security with the open-source CNAPPgoat project 03/08/2023 at 07:31 By Help Net Security Ermetic released CNAPPgoat, an open-source project that allows organizations to test their cloud security skills, processes, tools, and posture in interactive sandbox environments that are easy to deploy and destroy. It is available on GitHub. CNAPPgoat supports AWS, Azure (Microsoft

React to this headline:

Loading spinner

Assess multi-cloud security with the open-source CNAPPgoat project Read More »

SCARF cipher sets new standards in protecting sensitive data

cybersecurity, data, Data Protection, News, vulnerability assessment /

SCARF cipher sets new standards in protecting sensitive data 03/08/2023 at 06:31 By Help Net Security A group of international researchers has achieved a breakthrough in computer security by developing a new and highly efficient cipher for cache randomization. The innovative cipher, designed by Assistant Professor Rei Ueno from the Research Institute of Electrical Communication

React to this headline:

Loading spinner

SCARF cipher sets new standards in protecting sensitive data Read More »

Organizations want stronger AI regulation amid growing concerns

Artificial Intelligence, Databricks, Dataiku, generative AI, News, report, survey /

Organizations want stronger AI regulation amid growing concerns 03/08/2023 at 06:01 By Help Net Security AI professionals are still facing some very real challenges in democratizing data, much less AI (much less Generative AI), across their organizations, according to Dataiku. While the global survey of 400 respondents revealed broad enthusiasm and action around Generative AI,

React to this headline:

Loading spinner

Organizations want stronger AI regulation amid growing concerns Read More »

Salesforce and Meta suffer phishing campaign that evades typical detection methods

0-day, cybercrime, cybersecurity, email security, Facebook, Guardio, News, phishing, Salesforce, vulnerability /

Salesforce and Meta suffer phishing campaign that evades typical detection methods 02/08/2023 at 17:18 By Help Net Security The Guardio research team discovered an email phishing campaign exploiting a zero-day vulnerability in Salesforce’s legitimate email services and SMTP servers. Phishing email sample as was sent from the “@salesforce.com” email address The vulnerability allowed threat actors

React to this headline:

Loading spinner

Salesforce and Meta suffer phishing campaign that evades typical detection methods Read More »

Attackers can turn AWS SSM agents into remote access trojans

AWS, cloud computing, cloud security, Don't miss, enterprise, Hot stuff, Mitiga, News, Remote Access Trojan, research /

Attackers can turn AWS SSM agents into remote access trojans 02/08/2023 at 16:02 By Zeljka Zorz Mitiga researchers have documented a new post-exploitation technique attackers can use to gain persistent remote access to AWS Elastic Compute Cloud (EC2) instances (virtual servers), as well as to non-EC2 machines (e.g., on-premises enterprise servers and virtual machines, and

React to this headline:

Loading spinner

Attackers can turn AWS SSM agents into remote access trojans Read More »

Scroll to Top