News

Trustwave Embarks on an Extended Partnership with Microsoft Security Copilot

News /

Trustwave Embarks on an Extended Partnership with Microsoft Security Copilot 2024-04-02 at 00:16 By Trustwave today announced it will offer clients expert guidance on implementing and fully leveraging the just-released Microsoft Security Copilot, a generative AI-powered security solution that helps increase the efficiency and capabilities of defenders to improve security outcomes. This article is an […]

React to this headline:

Loading spinner

Trustwave Embarks on an Extended Partnership with Microsoft Security Copilot Read More »

How to design and deliver an effective cybersecurity exercise

cyberattacks, cybersecurity, digital transformation, Don't miss, Expert analysis, Expert corner, Hot stuff, Incident Response, Information Security Forum, News, opinion, penetration testing, red team /

How to design and deliver an effective cybersecurity exercise 2024-04-01 at 07:04 By Help Net Security Armed forces have always utilized war-gaming exercises for battlefield training to prepare for times of conflict. With today’s digital transformation, the same concept is being applied in the form of cybersecurity exercises – tests and simulations based on plausible

React to this headline:

Loading spinner

How to design and deliver an effective cybersecurity exercise Read More »

Escalating malware tactics drive global cybercrime epidemic

cybercrime, cybersecurity, Malware, News, report, survey, WatchGuard /

Escalating malware tactics drive global cybercrime epidemic 2024-04-01 at 06:31 By Help Net Security Evasive, basic, and encrypted malware all increased in Q4 2023, fueling a rise in total malware, according to WatchGuard. Threat actors employ diverse tactics The average malware detections rose 80% from the previous quarter, illustrating a substantial volume of malware threats

React to this headline:

Loading spinner

Escalating malware tactics drive global cybercrime epidemic Read More »

Infosec products of the month: March 2024

Appdome, AuditBoard, Bedrock Security, Cado Security, Check Point, CyberArk, Cynerio, DataDome, Delinea, Drata, Exabeam, GitGuardian, GitHub, GlobalSign, Legato Security, Legit Security, Malwarebytes, News, Ordr, Pentera, Portnox, Regula, Sentra, Sonatype, Spin.AI, Tenable, Tufin, Viavi Solutions, Zoom /

Infosec products of the month: March 2024 2024-04-01 at 05:46 By Help Net Security Here’s a look at the most interesting products from the past month, featuring releases from: Appdome, AuditBoard, Bedrock Security, Cado Security, Check Point, CyberArk, Cynerio, DataDome, Delinea, Drata, Exabeam, GitGuardian, GitHub, GlobalSign, Legato Security, Legit Security, Malwarebytes, Ordr, Pentera, Portnox, Regula,

React to this headline:

Loading spinner

Infosec products of the month: March 2024 Read More »

XZ Utils backdoor update: Which Linux distros are affected and what can you do?

Alpine, backdoor, Debian, Don't miss, Fedora, Hot stuff, Kali Linux, Linux, Linux Mint, News, open source, Orca Security, Red Hat, supply chain attacks, Ubuntu, vulnerability /

XZ Utils backdoor update: Which Linux distros are affected and what can you do? 2024-03-31 at 21:01 By Zeljka Zorz The news that XZ Utils, a compression utility present in most Linux distributions, has been backdoored by a supposedly trusted maintainer has rattled the open-source software community on Friday, mere hours until the beginning of

React to this headline:

Loading spinner

XZ Utils backdoor update: Which Linux distros are affected and what can you do? Read More »

Week in review: Backdoor found in XZ utilities, weaponized iMessages, Exchange servers at risk

News, Week in review /

Week in review: Backdoor found in XZ utilities, weaponized iMessages, Exchange servers at risk 2024-03-31 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094) A vulnerability (CVE-2024-3094) in XZ Utils, the

React to this headline:

Loading spinner

Week in review: Backdoor found in XZ utilities, weaponized iMessages, Exchange servers at risk Read More »

Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094)

backdoor, CISA, CVE, Debian, Don't miss, Fedora, Hot stuff, Linux, News, open source, Red Hat, SUSE, vulnerability /

Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094) 2024-03-29 at 20:31 By Zeljka Zorz A vulnerability (CVE-2024-3094) in XZ Utils, the XZ format compression utilities included in most Linux distributions, may “enable a malicious actor to break sshd authentication and gain unauthorized access to the entire system remotely,” Red Hat warns.

React to this headline:

Loading spinner

Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094) Read More »

How much does cloud-based identity expand your attack surface?

access management, credentials, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, identity, identity management, IS Decisions, News, opinion, Risk Management /

How much does cloud-based identity expand your attack surface? 2024-03-29 at 08:01 By Help Net Security We all know using a cloud-based identity provider (IdP) expands your attack surface, but just how big does that attack surface get? And can we even know for sure? As Michael Jordan once said, “Get the fundamentals down, and

React to this headline:

Loading spinner

How much does cloud-based identity expand your attack surface? Read More »

AI abuse and misinformation campaigns threaten financial institutions

cybercrime, cybersecurity, financial industry, generative AI, News, report, survey, threats /

AI abuse and misinformation campaigns threaten financial institutions 2024-03-29 at 07:31 By Help Net Security Though generative AI offers financial firms remarkable business and cybersecurity utility, cyberthreats relating to GenAI in financial services are a consistent concern, according to FS-ISAC. Cybercriminals exploit AI for data exfiltration The cybersecurity community’s current consensus is that adversarial usage

React to this headline:

Loading spinner

AI abuse and misinformation campaigns threaten financial institutions Read More »

Advanced cybersecurity strategies boost shareholder returns

BitSight, boardroom, cyber risk, cybersecurity, data breach, Diligent, News, regulation, report, strategy /

Advanced cybersecurity strategies boost shareholder returns 2024-03-29 at 07:01 By Help Net Security Companies demonstrating advanced cybersecurity performance generate a shareholder return that is 372% higher than their peers with basic cybersecurity performance, according to a new report from Diligent and Bitsight. Boards under pressure to fortify cyber oversight The escalation in the frequency and

React to this headline:

Loading spinner

Advanced cybersecurity strategies boost shareholder returns Read More »

Finding software flaws early in the development process provides ROI

cybersecurity, Don't miss, Hot stuff, News, Probely, security assessment, security testing, software, software development /

Finding software flaws early in the development process provides ROI 2024-03-29 at 06:31 By Help Net Security Enterprises spend enormous effort fixing software vulnerabilities that make their way into their publicly-facing applications. The Consortium for Information and Software Quality estimates that the cost of poor software quality in the United States reached $2.41 trillion in

React to this headline:

Loading spinner

Finding software flaws early in the development process provides ROI Read More »

New infosec products of the week: March 29, 2024

Bedrock Security, CyberArk, GitGuardian, Legit Security, Malwarebytes, News /

New infosec products of the week: March 29, 2024 2024-03-29 at 06:01 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Bedrock Security, CyberArk, GitGuardian, Legit Security, and Malwarebytes. GitGuardian SCA automates vulnerability detection and prioritization for enhanced code health GitGuardian SCA is specifically designed

React to this headline:

Loading spinner

New infosec products of the week: March 29, 2024 Read More »

Zero-day exploitation surged in 2023, Google finds

0-day, APT, cybercrime, Don't miss, exploit, Google, Hot stuff, Mandiant, News, spyware /

Zero-day exploitation surged in 2023, Google finds 2024-03-28 at 17:17 By Zeljka Zorz 2023 saw attackers increasingly focusing on the discovery and exploitation of zero-day vulnerabilities in third-party libraries (libvpx, ImagelO) and drivers (Mali GPU, Qualcomm Adreno GPU), as they can affect multiple products and effectively offer more possibilities for attack. Another interesting conclusion from

React to this headline:

Loading spinner

Zero-day exploitation surged in 2023, Google finds Read More »

Trustwave MailMarshal Unveils Major Upgrades to Combat New Email Security Threats

News /

Trustwave MailMarshal Unveils Major Upgrades to Combat New Email Security Threats 2024-03-28 at 15:02 By Trustwave MailMarshal will receive a massive upgrade on March 28 that will add four new levels of functionality, including an improved dashboard interface, the ability to detect and halt malicious QR codes, the ability to scan and divert potentially damaging images, and DNS-based Authentication

React to this headline:

Loading spinner

Trustwave MailMarshal Unveils Major Upgrades to Combat New Email Security Threats Read More »

NHS Scotland confirms ransomware attackers leaked patients’ data

Data leak, Don't miss, extortion, healthcare, Hot stuff, News, Ransomware, UK /

NHS Scotland confirms ransomware attackers leaked patients’ data 2024-03-28 at 14:31 By Zeljka Zorz NHS Dumfries and Galloway (part of NHS Scotland) has confirmed that a “recognised ransomware group” was able to “access a significant amount of data including patient and staff-identifiable information,” and has published “clinical data relating to a small number of patients.”

React to this headline:

Loading spinner

NHS Scotland confirms ransomware attackers leaked patients’ data Read More »

Patch actively exploited Microsoft SharePoint bug, CISA orders federal agencies (CVE-2023-24955)

CISA, Don't miss, enterprise, Government, Hot stuff, News, Synopsys, vulnerability /

Patch actively exploited Microsoft SharePoint bug, CISA orders federal agencies (CVE-2023-24955) 2024-03-28 at 12:32 By Zeljka Zorz The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2023-24955 – a code injection vulnerability that allows authenticated attackers to execute code remotely on a vulnerable Microsoft SharePoint Server – to its KEV catalog and is demanding that

React to this headline:

Loading spinner

Patch actively exploited Microsoft SharePoint bug, CISA orders federal agencies (CVE-2023-24955) Read More »

Debunking compliance myths in the digital era

auditing, Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, framework, Hot stuff, MJD Advisors, News, opinion, security testing /

Debunking compliance myths in the digital era 2024-03-28 at 08:02 By Help Net Security Despite recent economic fluctuations, the software-as-a-service (SaaS) market isn’t letting up. The industry is set to grow annually by over 18% and be valued at $908.21 billion by 2030. It’s evident the industry is fueled by an increasing reliance on software

React to this headline:

Loading spinner

Debunking compliance myths in the digital era Read More »

Enterprises increasingly block AI transactions over security concerns

Artificial Intelligence, attacks, ChatGPT, cybersecurity, Data Protection, generative AI, News, report, Zscaler /

Enterprises increasingly block AI transactions over security concerns 2024-03-28 at 07:31 By Help Net Security Enterprises must secure a transformation driven by generative AI (GenAI) bidirectionally: by securely adopting GenAI tools in the enterprise with zero trust while leveraging it to defend against the new AI-driven threat landscape, according to Zscaler. AI has already become

React to this headline:

Loading spinner

Enterprises increasingly block AI transactions over security concerns Read More »

AI weaponization becomes a hot topic on underground forums

Artificial Intelligence, automation, cybercrime, cybersecurity, News, ReliaQuest, report, survey /

AI weaponization becomes a hot topic on underground forums 2024-03-28 at 06:31 By Help Net Security The majority of cyberattacks against organizations are perpetrated via social engineering of employees, and criminals are using new methods including AI to supercharge their techniques, according to ReliaQuest. Some 71% of all attacks trick employees via the use of

React to this headline:

Loading spinner

AI weaponization becomes a hot topic on underground forums Read More »

Cybercriminals use cheap and simple infostealers to exfiltrate data

cybercrime, data breach, identity, Malware, News, passwords, report, SpyCloud, survey /

Cybercriminals use cheap and simple infostealers to exfiltrate data 2024-03-28 at 06:01 By Help Net Security The rise in identity-based attacks can be attributed to a rapid increase in malware, according to SpyCloud. Researchers found that 61% of data breaches in 2023, involving over 343 million stolen credentials, were infostealer malware-related. Of these compromised identity

React to this headline:

Loading spinner

Cybercriminals use cheap and simple infostealers to exfiltrate data Read More »

Buy Me A Coffee
Thank you for visiting!