News

Refined methodologies of ransomware attacks

attacks, credentials, data, Encryption, News, Ransomware, report, Sophos /

Refined methodologies of ransomware attacks 11/05/2023 at 06:34 By Help Net Security Adversaries were able to encrypt data in 76% of the ransomware attacks that were conducted against surveyed organizations, according to Sophos. The survey also shows that when organizations paid a ransom to get their data decrypted, they ended up additionally doubling their recovery […]

React to this headline:

Loading spinner

Refined methodologies of ransomware attacks Read More »

Automotive industry employees unaware of data security risks

automotive security, cybersecurity, data security, News, Salesforce, survey, Upstream /

Automotive industry employees unaware of data security risks 11/05/2023 at 06:30 By Help Net Security 30% of automotive employees don’t check security protocols before trying a new tool, according to Salesforce. This could put their company and customer data at risk. Alarming rise in automotive API attacks Cybersecurity is a growing concern in the automotive

React to this headline:

Loading spinner

Automotive industry employees unaware of data security risks Read More »

Never leak secrets to your GitHub repositories again

code, Data leak, Don't miss, GitHub, Hot stuff, News, open source, scanning, software development /

Never leak secrets to your GitHub repositories again 10/05/2023 at 14:47 By Helga Labus GitHub is making push protection – a security feature designed to automatically prevent the leaking of secrets to repositories – free for owners of all public repositories. Previously, the feature was available only for private repositories with a GitHub Advanced Security

React to this headline:

Loading spinner

Never leak secrets to your GitHub repositories again Read More »

Turla’s Snake malware network disrupted by Five Eyes’ agencies

APT, CISA, cyber espionage, cybercrime, Don't miss, FBI, government-backed attacks, Hot stuff, Malware, malware analysis, malware detection, News, NSA /

Turla’s Snake malware network disrupted by Five Eyes’ agencies 10/05/2023 at 14:47 By Help Net Security The US Justice Department announced the completion of court-authorized operation MEDUSA, to disrupt a global peer-to-peer network of computers compromised by sophisticated malware, called “Snake” (aka “Uroburous”), that the US Government attributes to a unit within Center 16 of

React to this headline:

Loading spinner

Turla’s Snake malware network disrupted by Five Eyes’ agencies Read More »

Kubernetes Bill of Materials (KBOM) open-source tool enhances cloud security response to CVEs

cybersecurity, GitHub, Kubernetes, News /

Kubernetes Bill of Materials (KBOM) open-source tool enhances cloud security response to CVEs 10/05/2023 at 09:26 By Help Net Security Kubernetes Security Operations Center (KSOC) released the first-ever Kubernetes Bill of Materials (KBOM) standard. Available in an open-source CLI tool, this KBOM enables cloud security teams to understand the scope of third-party tooling in their

React to this headline:

Loading spinner

Kubernetes Bill of Materials (KBOM) open-source tool enhances cloud security response to CVEs Read More »

56,000+ cloud-based apps at risk of malware exfiltration

cybercrime, cybercriminals, dark web, Malware, News, passwords, SpyCloud /

56,000+ cloud-based apps at risk of malware exfiltration 10/05/2023 at 06:30 By Help Net Security The technology sector had the highest number of malware-infected employees, most exposed corporate credentials and the majority of all stolen cookies, according to SpyCloud. Drawing on SpyCloud’s database of 400+ billion recaptured assets from the criminal underground, researchers analyzed 2.27

React to this headline:

Loading spinner

56,000+ cloud-based apps at risk of malware exfiltration Read More »

Company executives can’t afford to ignore cybersecurity anymore

CISO, cybersecurity, Delinea, News, report, security metrics /

Company executives can’t afford to ignore cybersecurity anymore 10/05/2023 at 06:00 By Help Net Security Asked about the Board and C-Suite‘s understanding of cybersecurity across the organisation, only 39% of respondents think their company’s leadership has a sound understanding of cybersecurity’s role as a business enabler, according to Delinea. The high cost of ignoring security

React to this headline:

Loading spinner

Company executives can’t afford to ignore cybersecurity anymore Read More »

Microsoft fixes two actively exploited bugs, one used by BlackLotus bootkit (CVE-2023-29336, CVE-2023-24932)

Automox, Don't miss, Hot stuff, Microsoft, News, Patch Tuesday, security update, SharePoint, Tenable, Trend Micro, Windows /

Microsoft fixes two actively exploited bugs, one used by BlackLotus bootkit (CVE-2023-29336, CVE-2023-24932) 09/05/2023 at 22:15 By Zeljka Zorz For May 2023 Patch Tuesday, Microsoft has delivered fixes for 38 CVE-numbered vulnerabilities, including a patch for a Windows bug (CVE-2023-29336) and a Secure Boot bypass flaw (CVE-2023-24932) exploited by attackers in the wild. The two

React to this headline:

Loading spinner

Microsoft fixes two actively exploited bugs, one used by BlackLotus bootkit (CVE-2023-29336, CVE-2023-24932) Read More »

Microsoft Authenticator push notifications get number matching

authentication, Don't miss, Hot stuff, MFA, Microsoft, News /

Microsoft Authenticator push notifications get number matching 09/05/2023 at 15:31 By Helga Labus Microsoft has enabled number matching for Microsoft Authenticator push notifications to improve user sign-in security. Authenticator MFA number matching in action (Source: Microsoft) “If the user has a different default authentication method, there’s no change to their default sign-in. If the default

React to this headline:

Loading spinner

Microsoft Authenticator push notifications get number matching Read More »

Digital trust can make or break an organization

digital transformation, ISACA, News, report /

Digital trust can make or break an organization 09/05/2023 at 12:12 By Help Net Security With increased data breaches, errors, ransomware and hacks, digital trust can be the difference between retaining reputations and customer loyalty after a major incident and suffering serious, time-consuming, and expensive losses, according to ISACA. From digital trust to business success

React to this headline:

Loading spinner

Digital trust can make or break an organization Read More »

Finding bugs in AI models at DEF CON 31

Artificial Intelligence, DEF CON, Don't miss, Hot stuff, News, red team /

Finding bugs in AI models at DEF CON 31 09/05/2023 at 12:12 By Helga Labus DEF CON’s AI Village will host the first public assessment of large language models (LLMs) at the 31st edition of the hacker convention this August, aimed at finding bugs in and uncovering the potential for misuse of AI models. The

React to this headline:

Loading spinner

Finding bugs in AI models at DEF CON 31 Read More »

Unattended API challenge: How we’re losing track and can we get full visibility

API security, BLST Security, CISO, Cloud, data breach, Don't miss, News, opinion, vulnerability /

Unattended API challenge: How we’re losing track and can we get full visibility 09/05/2023 at 08:13 By Help Net Security API sprawl is a prevalent issue in modern enterprises, as APIs are being developed and deployed at an unprecedented rate. As highlighted by Postman’s 2022 State of the API Report, “89% of respondents said organizations’

React to this headline:

Loading spinner

Unattended API challenge: How we’re losing track and can we get full visibility Read More »

MSI’s firmware, Intel Boot Guard private keys leaked

Binarly, code signing, data breach, Data leak, Don't miss, firmware, Hot stuff, Intel, MSI, News, public-key cryptography, Ransomware /

MSI’s firmware, Intel Boot Guard private keys leaked 08/05/2023 at 15:07 By Zeljka Zorz The cybercriminals who breached Taiwanese multinational MSI last month have apparently leaked the company’s private code signing keys on their dark web site. The breach MSI (Micro-Star International) is a corporation that develops and sells computers (laptops, desktops, all-in-one PCs, servers,

React to this headline:

Loading spinner

MSI’s firmware, Intel Boot Guard private keys leaked Read More »

Western Digital store offline due to March breach

data breach, data theft, Don't miss, Hot stuff, News, Western Digital /

Western Digital store offline due to March breach 08/05/2023 at 13:02 By Helga Labus The Western Digital online store is offline as a result of the “network security incident” it suffered in March 2023. Users have been notified On May 5, 2023, the company emailed its customers to say that an unauthorized party obtained a

React to this headline:

Loading spinner

Western Digital store offline due to March breach Read More »

Your voice could be your biggest vulnerability

Artificial Intelligence, cybercriminals, cybersecurity, Don't miss, McAfee, News, scams /

Your voice could be your biggest vulnerability 08/05/2023 at 08:09 By Help Net Security AI technology is fueling a rise in online voice scams, with just three seconds of audio required to clone a person’s voice, according to McAfee. McAfee surveyed 7,054 people from seven countries and found that a quarter of adults had previously

React to this headline:

Loading spinner

Your voice could be your biggest vulnerability Read More »

Lessons from a 40-year-long automotive OEM leader

Cybellum, News, podcast /

Lessons from a 40-year-long automotive OEM leader 08/05/2023 at 08:09 By Help Net Security Paul Cha is a cyber and product security leader, serving as the VP of Cybersecurity at LG Electronics Vehicle component Solutions. Paul held critical positions at Synopsis, Ford Motor Company, and Samsung before joining LG. He found his way to cybersecurity

React to this headline:

Loading spinner

Lessons from a 40-year-long automotive OEM leader Read More »

Consumer skepticism is the biggest barrier to AI-driven personalization

Artificial Intelligence, data, News, report, Twilio /

Consumer skepticism is the biggest barrier to AI-driven personalization 08/05/2023 at 08:09 By Help Net Security Businesses worldwide are eagerly embracing the potential for AI to provide personalized customer experiences, but customers remain cynical, according to Twilio. This year’s report underscores the value of an AI-driven personalization strategy for brands looking to both retain existing

React to this headline:

Loading spinner

Consumer skepticism is the biggest barrier to AI-driven personalization Read More »

Week in review: Fake ChatGPT desktop client steals data, Patch Tuesday forecast

News, Week in review /

Week in review: Fake ChatGPT desktop client steals data, Patch Tuesday forecast 07/05/2023 at 11:16 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Former Uber CSO avoids prison for concealing data breach Joe Sullivan, the former Uber CSO who has been convicted last year

React to this headline:

Loading spinner

Week in review: Fake ChatGPT desktop client steals data, Patch Tuesday forecast Read More »

Scroll to Top