News

AI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022)

Anyscale, authentication, Bishop Fox, Don't miss, enterprise, Hot stuff, machine learning, News, Oligo Security, vulnerability /

AI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022) 2024-03-27 at 13:16 By Zeljka Zorz Attackers are leveraging a vulnerability (CVE-2023-48022) in Anyscale’s Ray AI software to compromise enterprise servers and saddle them with cryptominers and reverse shells. “To our knowledge, the attack started 7 months ago,” Avi Lumelsky, a researcher at Oligo […]

React to this headline:

Loading spinner

AI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022) Read More »

Attackers leverage weaponized iMessages, new phishing-as-a-service platform

Android, Don't miss, Hot stuff, iOS, macOS, Netcraft, News, phishing /

Attackers leverage weaponized iMessages, new phishing-as-a-service platform 2024-03-27 at 12:31 By Zeljka Zorz Scammers are leveraging the Darcula phishing-as-a-service platform, iMessages and Google Messages to great effect. The platform allows them to impersonate a variety of brands based in over 100 different countries: postal services, public and private utilities, packet delivery services, financial institutions, government

React to this headline:

Loading spinner

Attackers leverage weaponized iMessages, new phishing-as-a-service platform Read More »

How security leaders can ease healthcare workers’ EHR-related burnout

access management, authentication, burnout, CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, healthcare, Hot stuff, Hypori, News, opinion /

How security leaders can ease healthcare workers’ EHR-related burnout 2024-03-27 at 08:05 By Help Net Security Staff experiencing burnout in healthcare settings is not something that security leaders typically worry about – unless, maybe, it is the security team itself that is suffering from it. Healthcare CISOs and privacy officers worry more about the confidentiality

React to this headline:

Loading spinner

How security leaders can ease healthcare workers’ EHR-related burnout Read More »

Cybersecurity jobs available right now: March 27, 2024

cybersecurity jobs, Don't miss, Hot stuff, News /

Cybersecurity jobs available right now: March 27, 2024 2024-03-27 at 07:31 By Mirko Zorz Cyber Product Owner UBS | Israel | On-site – View job details Your primary responsibilities will include owning and managing application security testing products, collaborating with the cyber hygiene operational team, and understanding their needs. You will also engage with the

React to this headline:

Loading spinner

Cybersecurity jobs available right now: March 27, 2024 Read More »

Essential elements of a strong data protection strategy

backup, Cloud, cyber resilience, cybersecurity, Data Protection, Don't miss, Features, Hot stuff, News, opinion, strategy, Veritas Technologies /

Essential elements of a strong data protection strategy 2024-03-27 at 07:01 By Mirko Zorz In this Help Net Security interview, Matt Waxman, SVP and GM for data protection at Veritas Technologies, discusses the components of a robust data protection strategy, emphasizing the escalating threat of ransomware. He highlights the importance of backup and recovery protocols

React to this headline:

Loading spinner

Essential elements of a strong data protection strategy Read More »

Drozer: Open-source Android security assessment framework

Android, Application Security, Don't miss, GitHub, Hot stuff, mobile security, News, open source, penetration testing, software, WithSecure /

Drozer: Open-source Android security assessment framework 2024-03-27 at 06:32 By Mirko Zorz Drozer is an open-source security testing framework for Android, whose primary purpose is to make the life of mobile application security testers easier. Drozer features The solution enables the identification of security vulnerabilities in applications and devices by taking on the role of

React to this headline:

Loading spinner

Drozer: Open-source Android security assessment framework Read More »

17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns

BSI, Don't miss, enterprise, Germany, Hot stuff, Microsoft Exchange, News, Shadowserver, vulnerability /

17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns 2024-03-26 at 15:31 By Zeljka Zorz Around 12% of the 45,000 or so Microsoft Exchange servers in Germany that can be accessed from the Internet without restrictions “are so outdated that security updates are no longer offered for them,” the German Federal Office

React to this headline:

Loading spinner

17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns Read More »

Apps secretly turning devices into proxy network nodes removed from Google Play

consumer, Don't miss, enterprise, Hot stuff, HUMAN Security, mobile apps, News, Orange Cyberdefense, Proxy, research, Sekoia.io /

Apps secretly turning devices into proxy network nodes removed from Google Play 2024-03-26 at 12:16 By Zeljka Zorz Your smartphone might be part of a proxy network, and you might not even know it: all it takes is for you to download apps whose developers have included the functionality and didn’t mention it. If that

React to this headline:

Loading spinner

Apps secretly turning devices into proxy network nodes removed from Google Play Read More »

Reinforcement learning is the path forward for AI integration into cybersecurity

Artificial Intelligence, CISO, cybersecurity, data, Don't miss, Expert analysis, Expert corner, Groupe SEB, Hot stuff, machine learning, News, opinion, predictions, SOC /

Reinforcement learning is the path forward for AI integration into cybersecurity 2024-03-26 at 08:01 By Help Net Security AI’s algorithms and machine learning can cull through immense volumes of data efficiently and in a relatively short amount of time. This is instrumental to helping network defenders sift through a never-ending supply of alerts and identify

React to this headline:

Loading spinner

Reinforcement learning is the path forward for AI integration into cybersecurity Read More »

Strengthening critical infrastructure cybersecurity is a balancing act

access control, attacks, critical infrastructure, cybersecurity, Don't miss, Features, Hot stuff, information sharing, News, opinion, regulation, resilience, strategy, zero trust /

Strengthening critical infrastructure cybersecurity is a balancing act 2024-03-26 at 07:31 By Mirko Zorz In this Help Net Security interview, Aaron Crow, Senior Director at MorganFranklin Consulting, discusses critical infrastructure cybersecurity strategies, barriers to threat information sharing, and innovative technologies enhancing resilience against cyberattacks. How do current cybersecurity strategies address the critical infrastructure sectors’ unique

React to this headline:

Loading spinner

Strengthening critical infrastructure cybersecurity is a balancing act Read More »

Scammers exploit tax season anxiety with AI tools

cybercrime, cybersecurity, McAfee, News, report, scams, survey /

Scammers exploit tax season anxiety with AI tools 2024-03-26 at 06:31 By Help Net Security 25% of Americans has lost money to online tax scams, according to McAfee. Of the people who clicked on fraudulent links from supposed tax services, 68% lost money. Among those, 29% lost more than $2,500, and 17% lost more than

React to this headline:

Loading spinner

Scammers exploit tax season anxiety with AI tools Read More »

Tech industry’s focus on innovation leaves security behind

cybercrime, cybersecurity, digital transformation, News, report, survey, Trustwave /

Tech industry’s focus on innovation leaves security behind 2024-03-26 at 06:04 By Help Net Security The rapid digital transformation and technological progress within the technology sector have enlarged the attack surface for companies operating in this space, according to Trustwave. As the sector evolves, the proliferation of Software-as-a-Service (SaaS) providers, cloud infrastructure, and internet-connected systems

React to this headline:

Loading spinner

Tech industry’s focus on innovation leaves security behind Read More »

Scammers steal millions from FTX, BlockFi claimants

Cryptocurrency, Cryptocurrency Exchange, Don't miss, Hot stuff, News, phishing, scams /

Scammers steal millions from FTX, BlockFi claimants 2024-03-25 at 14:56 By Zeljka Zorz Customers of bankrupt crypto platform BlockFi have been targeted with a very convincing phishing email impersonating the platform, asking them to connect their wallet to complete the withdrawal of remaining funds. Judging by this Reddit thread, many have fallen for the scam

React to this headline:

Loading spinner

Scammers steal millions from FTX, BlockFi claimants Read More »

APT29 hit German political parties with bogus invites and malware

Don't miss, Germany, Hot stuff, Malware, Mandiant, News, phishing, Russian Federation, Zscaler /

APT29 hit German political parties with bogus invites and malware 2024-03-25 at 11:46 By Zeljka Zorz APT29 (aka Cozy Bear, aka Midnight Blizzard) has been spotted targeting German political parties for the first time, Mandiant researchers have shared. Phishing leading to malware The attack started in late February 2024, with phishing emails containing bogus invitations

React to this headline:

Loading spinner

APT29 hit German political parties with bogus invites and malware Read More »

20 essential open-source cybersecurity tools that save you time

cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, penetration testing, software /

20 essential open-source cybersecurity tools that save you time 2024-03-25 at 08:01 By Mirko Zorz Open-source software’s adaptive nature ensures its durability, relevance, and compatibility with new technologies. When I started digging deeper into the open-source cybersecurity ecosystem, I discovered an engaged community of developers working to find practical solutions to many problems, one of

React to this headline:

Loading spinner

20 essential open-source cybersecurity tools that save you time Read More »

8 cybersecurity predictions shaping the future of cyber defense

access management, CISO, cybersecurity, data loss prevention, Gartner, generative AI, identity management, News, regulation, report, Risk Management, strategy, zero trust /

8 cybersecurity predictions shaping the future of cyber defense 2024-03-25 at 07:32 By Help Net Security Among Gartner’s top predictions are the collapse of the cybersecurity skills gap and the reduction of employee-driven cybersecurity incidents through the adoption of generative AI (GenAI). Two-thirds of global 100 organizations are expected to extend directors’ and officers’ insurance

React to this headline:

Loading spinner

8 cybersecurity predictions shaping the future of cyber defense Read More »

Scams are becoming more convincing and costly

cybercrime, fraud, News, report, scams, survey, Visa /

Scams are becoming more convincing and costly 2024-03-25 at 06:33 By Help Net Security Scams directly targeting consumers continue to increase in both complexity and volume, according to Visa. Consumers are increasingly targeted by scammers, who rely on heightened emotions to create fraud opportunities. While the number of individual scam reports from June to December

React to this headline:

Loading spinner

Scams are becoming more convincing and costly Read More »

Week in review: Ivanti fixes RCE vulnerability, Nissan breach affects 100,000 individuals

News, Week in review /

Week in review: Ivanti fixes RCE vulnerability, Nissan breach affects 100,000 individuals 2024-03-24 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Outsmarting cybercriminal innovation with strategies for enterprise resilience In this Help Net Security interview, Pedro Cameirão, Head of Cyber Defense Center

React to this headline:

Loading spinner

Week in review: Ivanti fixes RCE vulnerability, Nissan breach affects 100,000 individuals Read More »

US organizations targeted with emails delivering NetSupport RAT

Don't miss, Hot stuff, Malware, News, Perception Point, phishing, Remote Access Trojan, social engineering /

US organizations targeted with emails delivering NetSupport RAT 2024-03-22 at 15:08 By Helga Labus Employees at US-based organizations are being targeted with emails delivering NetSupport RAT malware via “nuanced” exploitation and by using an advanced detection evasion method. The malware campaign The campaign, dubbed PhantomBlu, takes the form of email messages purportedly coming from a

React to this headline:

Loading spinner

US organizations targeted with emails delivering NetSupport RAT Read More »

CISA: Here’s how you can foil DDoS attacks

CISA, DDoS, Don't miss, guide, News /

CISA: Here’s how you can foil DDoS attacks 2024-03-22 at 13:46 By Zeljka Zorz In light of the rise of “DDoS hacktivism” and the recent DDoS attacks aimed at disrupting French and Alabama government websites, the Cybersecurity and Infrastructure Security Agency (CISA) has updated its guidance of how governmental entities (but also other organizations) should

React to this headline:

Loading spinner

CISA: Here’s how you can foil DDoS attacks Read More »

Scroll to Top