News

Delivering privacy in a world of pervasive digital surveillance: Tor Project’s Executive Director speaks out

anonymity, censorship, consumer, Don't miss, Features, Hot stuff, News, Privacy, surveillance, Tor Project /

Delivering privacy in a world of pervasive digital surveillance: Tor Project’s Executive Director speaks out 02/08/2023 at 08:02 By Zeljka Zorz The overarching mission of the US-based non-profit organization the Tor Project is to advance human rights and make open-source, privacy preserving software available to people globally, so that they can browse the internet privately, […]

React to this headline:

Loading spinner

Delivering privacy in a world of pervasive digital surveillance: Tor Project’s Executive Director speaks out Read More »

From tech expertise to leadership: Unpacking the role of a CISO

CISO, cybersecurity, data, Data Protection, Don't miss, Features, GoTo, Hot stuff, how-to, News, opinion, strategy, tips /

From tech expertise to leadership: Unpacking the role of a CISO 02/08/2023 at 07:34 By Mirko Zorz In this Help Net Security interview, Attila Török, CISO at GoTo, discusses how to balance technical expertise and leadership and how he navigates the rapidly evolving technological landscape. We also delve into the key challenges faced in communicating

React to this headline:

Loading spinner

From tech expertise to leadership: Unpacking the role of a CISO Read More »

67% of data breaches start with a single click

Comcast Business, cybercrime, cybercriminals, cybersecurity, News, report, survey /

67% of data breaches start with a single click 02/08/2023 at 07:02 By Help Net Security Technology is accelerating faster than it ever has before, giving IT and security teams more tools to fend off cybersecurity attacks from an increasingly diverse slate of bad actors, according to Comcast Business. Cybercriminals employ sophisticated tactics However, the

React to this headline:

Loading spinner

67% of data breaches start with a single click Read More »

Open-source penetration testing tool BloodHound CE released

Active Directory, Azure, cybersecurity, Don't miss, GitHub, Microsoft Azure, Microsoft Entra ID, News, open source, penetration testing, software, SpecterOps /

Open-source penetration testing tool BloodHound CE released 02/08/2023 at 06:32 By Mirko Zorz SpecterOps released version 5.0 of BloodHound Community Edition (CE), a free and open-source penetration testing solution that maps attack paths in Microsoft Active Directory (AD) and Azure (including Azure AD/Entra ID) environments. It is available for free on GitHub. Identifying simple Attack

React to this headline:

Loading spinner

Open-source penetration testing tool BloodHound CE released Read More »

1 in 100 emails is malicious

BEC scams, cybercrime, cybersecurity, News, Perception Point, phishing, report, survey /

1 in 100 emails is malicious 02/08/2023 at 06:04 By Help Net Security BEC and phishing attacks soar by 20% and 41% respectively in H1 2023, according to Perception Point. Cyber attackers have continued to refine their methods, adopting more sophisticated techniques to exploit vulnerabilities across various sectors. With the ever-increasing reliance on workplace technologies,

React to this headline:

Loading spinner

1 in 100 emails is malicious Read More »

Android n-day bugs pose zero-day threat

0-day, Android, Don't miss, Google, Hot stuff, News, patching, vulnerability /

Android n-day bugs pose zero-day threat 01/08/2023 at 14:17 By Helga Labus In the Android ecosystem, n-day vulnerabilities are almost as dangerous as zero-days, according to Google’s review of zero-days exploited in the wild in 2022. N-days functioning as zero-days Zero-days are software bugs that are unknown to the vendor but known to – and

React to this headline:

Loading spinner

Android n-day bugs pose zero-day threat Read More »

US government outlines National Cyber Workforce and Education Strategy

Cloud Range, cyber resilience, cybersecurity talent, Cyversity, Don't miss, education, Government, Hot stuff, ISSA, News, skill development, strategy, training, USA /

US government outlines National Cyber Workforce and Education Strategy 01/08/2023 at 14:03 By Zeljka Zorz After the release of a National Cybersecurity Strategy and its implementation plan, the Biden-Harris Administration has unveiled the National Cyber Workforce and Education Strategy (NCWES), “aimed at addressing both immediate and long-term cyber workforce needs.” The National Cyber Workforce and

React to this headline:

Loading spinner

US government outlines National Cyber Workforce and Education Strategy Read More »

The gap in users’ identity security knowledge gives cybercriminals an opening

Artificial Intelligence, cybersecurity, data breach, identity, News, phishing, report, risk, RSA, survey, Verizon, Zimperium /

The gap in users’ identity security knowledge gives cybercriminals an opening 01/08/2023 at 06:34 By Help Net Security With exponential growth in the number of human and machine actors on the network and more sophisticated technology in more places, identity in this new era is rapidly becoming a super-human problem, according to RSA. Paradoxically, even

React to this headline:

Loading spinner

The gap in users’ identity security knowledge gives cybercriminals an opening Read More »

EU’s financial institutions face cyber resilience crisis

cybercriminals, cybersecurity, EU, News, regulation, report, SecurityScorecard, survey /

EU’s financial institutions face cyber resilience crisis 01/08/2023 at 06:03 By Help Net Security 78% of Europe’s largest financial institutions experienced a third-party breach in the past year, according to SecurityScorecard. In the wake of attacks such as MOVEit and SolarWinds, cybersecurity regulations are increasing the need for comprehensive approaches to manage vendor risk and

React to this headline:

Loading spinner

EU’s financial institutions face cyber resilience crisis Read More »

Infosec products of the month: July 2023

BreachRx, Code42, ComplyAdvantage, Darktrace, Dig, Diligent, Fidelis Cybersecurity, Hubble, Netscout, News, Panorays, Privacera, Regula, SeeMetrics, Tenable, WatchGuard /

Infosec products of the month: July 2023 01/08/2023 at 05:47 By Help Net Security Here’s a look at the most interesting products from the past month, featuring releases from: BreachRx, Code42, ComplyAdvantage, Darktrace, Dig Security, Diligent, Fidelis Cybersecurity, Hubble, Netscout, Panorays, Privacera, Regula, SeeMetrics, Tenable, and WatchGuard. WatchGuard expands identity protection capabilities with AuthPoint Total

React to this headline:

Loading spinner

Infosec products of the month: July 2023 Read More »

Ivanti fixes second zero-day exploited by attackers (CVE-2023-35081)

0-day, Don't miss, endpoint management, enterprise, Hot stuff, Ivanti, Mnemonic, MobileIron, News, security update, vulnerability /

Ivanti fixes second zero-day exploited by attackers (CVE-2023-35081) 31/07/2023 at 16:32 By Helga Labus Another actively exploited zero-day vulnerability (CVE-2023-35081) affecting Ivanti Endpoint Manager Mobile (EPMM) has been identified and fixed. The first zero-day spotted Last week, we reported on a remote unauthenticated API access vulnerability (CVE-2023-35078) affecting Ivanti EPMM having been exploited to target

React to this headline:

Loading spinner

Ivanti fixes second zero-day exploited by attackers (CVE-2023-35081) Read More »

Web browsing is the primary entry vector for ransomware infections

Don't miss, News, Palo Alto Networks, Ransomware, trends /

Web browsing is the primary entry vector for ransomware infections 31/07/2023 at 13:47 By Zeljka Zorz The most widely used method for ransomware delivery in 2022 was via URL or web browsing (75.5%), Palo Alto Networks researchers have found. In 2021, it was email attachments (i.e., delivery via SMTP, POP3, and IMAP protocols), but in

React to this headline:

Loading spinner

Web browsing is the primary entry vector for ransomware infections Read More »

New persistent backdoor used in attacks on Barracuda ESG appliances

backdoor, Barracuda Networks, CISA, Don't miss, exploit, Hot stuff, News, vulnerability /

New persistent backdoor used in attacks on Barracuda ESG appliances 31/07/2023 at 13:32 By Helga Labus The Cybersecurity and Infrastructure Agency (CISA) has published an analysis report on the backdoors dropped by attackers exploiting CVE-2023-2868, a remote command injection vulnerability in Barracuda Email Security Gateway (ESG) appliances. Barracuda ESG zero-day exploit and backdoors In late

React to this headline:

Loading spinner

New persistent backdoor used in attacks on Barracuda ESG appliances Read More »

Stremio vulnerability exposes millions to RCE and data theft

CyFox, data theft, Don't miss, exploit, hijacking, News, vulnerability, Windows /

Stremio vulnerability exposes millions to RCE and data theft 31/07/2023 at 11:02 By Help Net Security CyFox has recently identified a critical hijacking vulnerability in Stremio 4.4, a popular software platform for streaming movies and TV shows. With over 5 million users relying on Stremio for their entertainment needs, this vulnerability poses a significant risk

React to this headline:

Loading spinner

Stremio vulnerability exposes millions to RCE and data theft Read More »

Data privacy vault: Securing sensitive data while navigating regulatory demands

access control, Compliance, cybersecurity, data, data security, Don't miss, Features, Hot stuff, Legapass, News, opinion, Privacy, regulation /

Data privacy vault: Securing sensitive data while navigating regulatory demands 31/07/2023 at 07:32 By Help Net Security In this Help Net Security interview, Jean-Charles Chemin, CEO of Legapass, provides insight into the correlation between maintaining customer trust and protecting sensitive customer data. He emphasizes how a data privacy vault can reinforce customer trust by offering

React to this headline:

Loading spinner

Data privacy vault: Securing sensitive data while navigating regulatory demands Read More »

Relying on CVSS alone is risky for vulnerability management

CVSS, News, report, Rezilion, survey, vulnerability management /

Relying on CVSS alone is risky for vulnerability management 31/07/2023 at 07:05 By Help Net Security A vulnerability management strategy that relies solely on CVSS for vulnerability prioritization is proving to be insufficient at best, according to Rezilion. In fact, relying solely on a CVSS severity score to assess the risk of individual vulnerabilities was

React to this headline:

Loading spinner

Relying on CVSS alone is risky for vulnerability management Read More »

The race against time in ransomware attacks

BigID, Cohesity, cybersecurity, data, data security, News, Ransomware, report, survey, threats /

The race against time in ransomware attacks 31/07/2023 at 06:02 By Help Net Security Most organizations lack strong cyber resilience strategies or data security capabilities to address threats and maintain business continuity, according to BigID. Despite both the rise in threats and the high percentage of respondents whose organizations suffered recent attacks, there hasn’t been

React to this headline:

Loading spinner

The race against time in ransomware attacks Read More »

Week in review: Ivanti zero-day exploited, MikroTik vulnerability could compromise 900,000 routers

News, Week in review /

Week in review: Ivanti zero-day exploited, MikroTik vulnerability could compromise 900,000 routers 30/07/2023 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Key factors for effective security automation In this Help Net Security interview, Oliver Rochford, Chief Futurist at Tenzir, discusses how automation

React to this headline:

Loading spinner

Week in review: Ivanti zero-day exploited, MikroTik vulnerability could compromise 900,000 routers Read More »

Exclusive: Pentagon Investigates ‘Critical Compromise’ Of Air Force Communications Systems

Breaking, breaking-news, cybersecurity, Editors' Pick, Innovation, News, premium, Technology /

Exclusive: Pentagon Investigates ‘Critical Compromise’ Of Air Force Communications Systems 29/07/2023 at 14:32 By Thomas Brewster, Forbes Staff FBI communications may also have been compromised by an engineer working on Tennessee Air Force base, search warrant reveals. This article is an excerpt from Forbes – Cybersecurity View Original Source React to this headline:

React to this headline:

Loading spinner

Exclusive: Pentagon Investigates ‘Critical Compromise’ Of Air Force Communications Systems Read More »

New infosec products of the week: July 28, 2023

BreachRx, Darktrace, Dig, News, Panorays, SeeMetrics /

New infosec products of the week: July 28, 2023 28/07/2023 at 07:31 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from BreachRx, Darktrace, Dig Security, Panorays, and SeeMetrics. Panorays unveils cybersecurity enhancements for supply chains Panorays announced two capabilities – Supply Chain Discovery and Risk

React to this headline:

Loading spinner

New infosec products of the week: July 28, 2023 Read More »

Scroll to Top