News

Verizon 2023 Data Breach Investigations Report: 74% of breaches involve human element

BEC scams, CISO, cybercrime, cybersecurity, Don't miss, Hot stuff, human error, News, Ransomware, report, social engineering, threat, Verizon /

Verizon 2023 Data Breach Investigations Report: 74% of breaches involve human element 06/06/2023 at 16:01 By Help Net Security Verizon Business today released the results of its 16th annual Data Breach Investigations Report (2023 DBIR), which analyzed 16,312 security incidents and 5,199 breaches. Chief among its findings is the soaring cost of ransomware – malicious […]

React to this headline:

Loading spinner

Verizon 2023 Data Breach Investigations Report: 74% of breaches involve human element Read More »

Zoom announces privacy enhancements and tools

CCPA, Compliance, Don't miss, GDPR, Hot stuff, News, Privacy, regulation, Zoom /

Zoom announces privacy enhancements and tools 06/06/2023 at 15:17 By Helga Labus Zoom has introduced a new range of privacy enhancements and tools to make sure users have control over their data and their privacy preferences. These enhancements not only cater to global customers but also include features specifically designed for users in the European

React to this headline:

Loading spinner

Zoom announces privacy enhancements and tools Read More »

MOVEit Transfer hack fallout: BBC, Aer Lingus, Boots among the victims

0-day, British Airways, cybercrime, data theft, Don't miss, enterprise, extortion, Hot stuff, News, Orange Cyberdefense, Progress, Rapid7, SMBs, supply chain attacks /

MOVEit Transfer hack fallout: BBC, Aer Lingus, Boots among the victims 06/06/2023 at 13:50 By Zeljka Zorz The fallout of the MOVEit Transfer hack via CVE-2023-34362 by the Cl0p gang is expanding, as several UK-based companies have now confirmed that some of their data has been stolen. Victimized organizations The confirmed victims so far are

React to this headline:

Loading spinner

MOVEit Transfer hack fallout: BBC, Aer Lingus, Boots among the victims Read More »

Consumers overestimate their deepfake detection skills

AI, Artificial Intelligence, deepfakes, identity theft, Industry news, Jumio, News /

Consumers overestimate their deepfake detection skills 06/06/2023 at 06:01 By Help Net Security 67% of consumers are aware of generative AI technologies but they overestimate their ability to detect a deepfake video, according to Jumio. Generative AI awareness among consumers Awareness of generative AI and deepfakes among consumers is high — 52% of respondents believe

React to this headline:

Loading spinner

Consumers overestimate their deepfake detection skills Read More »

MOVEit Transfer zero-day was exploited by Cl0p gang (CVE-2023-34362)

0-day, data theft, Don't miss, enterprise, extortion, file-sharing, Hot stuff, Mandiant, News, Rapid7, vulnerability /

MOVEit Transfer zero-day was exploited by Cl0p gang (CVE-2023-34362) 05/06/2023 at 15:10 By Zeljka Zorz The zero-day vulnerability attackers have exploited to compromise vulnerable Progress Software’s MOVEit Transfer installations finally has an identification number: CVE-2023-34362. Based on information shared by Mandiant, Rapid7 and other security researchers, the attackers seem to have opportunistically targeted as many

React to this headline:

Loading spinner

MOVEit Transfer zero-day was exploited by Cl0p gang (CVE-2023-34362) Read More »

9 free cybersecurity whitepapers you should read

APT, Bitdefender, Center for Internet Security, Cloudflare, Code42, cybersecurity, Cyberstash, Don't miss, Hot stuff, N-able, News, NIST, OffSec, SANS, Team8, whitepaper /

9 free cybersecurity whitepapers you should read 05/06/2023 at 07:30 By Helga Labus In today’s rapidly evolving digital landscape, organizations face constant cyber threats that can compromise their sensitive data, disrupt operations, and damage their reputation. Staying informed about the latest cyberattacks and understanding effective protection methods is crucial. This list of free cybersecurity whitepapers

React to this headline:

Loading spinner

9 free cybersecurity whitepapers you should read Read More »

A new wave of sophisticated digital fraud hits Europe

deepfake, fraud, identity verification, News, report, Sumsub /

A new wave of sophisticated digital fraud hits Europe 05/06/2023 at 06:32 By Help Net Security Forced verification and deepfake cases multiply at alarming rates in the UK and continental Europe, according to Sumsub. In Germany alone, forced verification grew by 1500% as a proportion of all fraud cases, from 0.3% in the full year

React to this headline:

Loading spinner

A new wave of sophisticated digital fraud hits Europe Read More »

Virtual claims raise alarms among insurance carriers and customers

fraud, identity, identity protection, LexisNexis Risk Solutions, News /

Virtual claims raise alarms among insurance carriers and customers 05/06/2023 at 06:08 By Help Net Security As the digital revolution changes the claims process, both carriers and customers are increasingly concerned about data privacy, according to LexisNexis Risk Solutions. More than 60% of consumers have concerns over the security of their personally identifiable information when

React to this headline:

Loading spinner

Virtual claims raise alarms among insurance carriers and customers Read More »

Katie Boswell on AI security and women’s rise in cybersecurity

Artificial Intelligence, CISO, Cybellum, cybersecurity, KPMG, News, NIST, podcast, strategy, tips /

Katie Boswell on AI security and women’s rise in cybersecurity 05/06/2023 at 05:45 By Help Net Security Katie Boswell spent years on the front lines securing the most critical national infrastructure in energy and life sciences. Yet, earlier in her career, she was told that senior leadership was not for her if she planned on

React to this headline:

Loading spinner

Katie Boswell on AI security and women’s rise in cybersecurity Read More »

Week in review: MOVEit Transfer critical zero-day vulnerability, Kali Linux 2023.2 released

News, Week in review /

Week in review: MOVEit Transfer critical zero-day vulnerability, Kali Linux 2023.2 released 04/06/2023 at 11:03 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: MOVEit Transfer zero-day attacks: The latest info Progress Software has updated the security advisory and confirmed that the vulnerability (still without

React to this headline:

Loading spinner

Week in review: MOVEit Transfer critical zero-day vulnerability, Kali Linux 2023.2 released Read More »

Google triples reward for Chrome full chain exploits

bug bounty, Chrome, Don't miss, exploit, Google, Hot stuff, News, sandbox /

Google triples reward for Chrome full chain exploits 02/06/2023 at 15:57 By Helga Labus Google has tripled the full reward amount for the first security bug report that includes a functional full chain exploit of its popular Chrome browser. Six months of higher rewards for a Chrome full chain exploit The Chrome Vulnerability Rewards Program,

React to this headline:

Loading spinner

Google triples reward for Chrome full chain exploits Read More »

MOVEit Transfer zero-day attacks: The latest info

0-day, attack, data theft, Don't miss, enterprise, file-sharing, Hot stuff, Huntress, News, Progress, Rapid7, TrustedSec, vulnerability /

MOVEit Transfer zero-day attacks: The latest info 02/06/2023 at 12:41 By Zeljka Zorz There’s new information about the zero-day vulnerability in Progress Software’s MOVEit Transfer solution exploited by attackers and – more importantly – patches and helpful instructions for customers. The MOVEit Transfer zero-day and updated mitigation and remediation advice Progress Software has updated the

React to this headline:

Loading spinner

MOVEit Transfer zero-day attacks: The latest info Read More »

Qakbot: The trojan that just won’t go away

Don't miss, Hot stuff, Lumen, Malware, Microsoft, News, phishing, Ransomware, trojan, Windows /

Qakbot: The trojan that just won’t go away 02/06/2023 at 11:33 By Helga Labus Qakbot (aka Qbot) – banking malware-turned-malware/ransomware distribution network – has been first observed in 2007 and is active to this day. The neverending adaptability of this threat is key to its long-term survival and success. “Qakbot operators tend to reduce or

React to this headline:

Loading spinner

Qakbot: The trojan that just won’t go away Read More »

New infosec products of the week: June 2, 2023

Bitdefender, ConnectSecure, Cytracom, News, Permit.io, PingSafe /

New infosec products of the week: June 2, 2023 02/06/2023 at 08:05 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Bitdefender, ConnectSecure, CYTRACOM, Permit.io, and PingSafe. Permit.io launches FoAz to give frontend developers the keys to security Short for frontend-only authorization, FoAz is a

React to this headline:

Loading spinner

New infosec products of the week: June 2, 2023 Read More »

How defense contractors can move from cybersecurity to cyber resilience

attacks, Compliance, Conquest Cyber, cybercrime, cybersecurity, Don't miss, Expert analysis, Expert corner, Government, News, opinion, strategy /

How defense contractors can move from cybersecurity to cyber resilience 02/06/2023 at 07:42 By Help Net Security As the world’s most powerful military and economic power, the United States also holds another, less impressive distinction: Cyber threat actors target the US more than any other country in the world. In 2022 alone, the FBI received

React to this headline:

Loading spinner

How defense contractors can move from cybersecurity to cyber resilience Read More »

Cybercriminals use legitimate websites to obfuscate malicious payloads

cybercrime, Egress, email security, Malware, News, phishing, report, scams, social engineering, threat, threats /

Cybercriminals use legitimate websites to obfuscate malicious payloads 02/06/2023 at 06:33 By Help Net Security According to Egress, the evolving attack methodologies currently used by cybercriminals are designed to get through traditional perimeter security. “The evolution of phishing emails continues to pose a major threat to organizations, emphasizing the need to enhance defenses to prevent

React to this headline:

Loading spinner

Cybercriminals use legitimate websites to obfuscate malicious payloads Read More »

Despite cutbacks, IT salaries expected to rise

Artificial Intelligence, ChatGPT, digital transformation, InformationWeek, money, News /

Despite cutbacks, IT salaries expected to rise 02/06/2023 at 06:01 By Help Net Security Despite rising labor costs, economic inflation, and companies making an effort to cut back, the salary outlook for IT professionals is positive, according to InformationWeek. Work-life balance and base pay top the list as what matters most to IT professionals regarding

React to this headline:

Loading spinner

Despite cutbacks, IT salaries expected to rise Read More »

Critical zero-day vulnerability in MOVEit Transfer exploited by attackers!

0-day, attack, Don't miss, enterprise, file-sharing, Hot stuff, News, Progress, threat, vulnerability /

Critical zero-day vulnerability in MOVEit Transfer exploited by attackers! 01/06/2023 at 18:18 By Zeljka Zorz A critical zero-day vulnerability in Progress Software’s enterprise managed file transfer solution MOVEit Transfer is being exploited by attackers to grab corporate data. “[The vulnerability] could lead to escalated privileges and potential unauthorized access to the environment,” the company warned

React to this headline:

Loading spinner

Critical zero-day vulnerability in MOVEit Transfer exploited by attackers! Read More »

Threat actors can exfiltrate data from Google Drive without leaving a trace

digital forensics, Don't miss, enterprise, Google, Google Drive, Google Workspace, Hot stuff, Incident Response, Mitiga, News, SMBs, threat hunting /

Threat actors can exfiltrate data from Google Drive without leaving a trace 01/06/2023 at 15:43 By Zeljka Zorz Google Workspace (formerly G Suite) has a weak spot that can prevent the discovery of data exfiltration from Google Drive by a malicious outsider or insider, Mitiga researchers say. A problem for digital forensic analysts and incident

React to this headline:

Loading spinner

Threat actors can exfiltrate data from Google Drive without leaving a trace Read More »

Scroll to Top