News

Downfall attacks can gather passwords, encryption keys from Intel processors

Amd, AWS, Citrix, CPU, Debian, Don't miss, Google, Hot stuff, Intel, News, security update, VMWare, vulnerability /

Downfall attacks can gather passwords, encryption keys from Intel processors 09/08/2023 at 13:02 By Zeljka Zorz A variety of Intel Core processors and the devices using them are vulnerable to “Downfall”, a new class of attacks made possible by CVE-2022-40982, which enables attackers to access and steal sensitive data such as passwords, encryption keys, and […]

React to this headline:

Loading spinner

Downfall attacks can gather passwords, encryption keys from Intel processors Read More »

Recent ransomware attacks share curiously similar tactics

Black Hat USA 2023, cybercrime, cybercriminals, News, Ransomware, report, Sophos, survey /

Recent ransomware attacks share curiously similar tactics 09/08/2023 at 12:33 By Industry News A series of ransomware attacks made by different groups share curiously similar characteristics, according to Sophos. Sophos released new findings into the connections between the most prominent ransomware groups this past year, including Royal, in its Clustering Attacker Behavior Reveals Hidden Patterns

React to this headline:

Loading spinner

Recent ransomware attacks share curiously similar tactics Read More »

Using creative recruitment strategies to tackle the cybersecurity skills shortage

CISO, cybersecurity, cybersecurity talent, Don't miss, Features, Hot stuff, how-to, News, opinion, Raytheon, security awareness, skill development, strategy /

Using creative recruitment strategies to tackle the cybersecurity skills shortage 09/08/2023 at 07:03 By Mirko Zorz With the increasing complexity of cyber threats and the global shortage of cybersecurity experts, organizations are looking for creative approaches to recruiting and retaining top talent. In this Help Net Security interview, Jon Check, Executive Director of Cybersecurity Protection

React to this headline:

Loading spinner

Using creative recruitment strategies to tackle the cybersecurity skills shortage Read More »

Data exfiltration is now the go-to cyber extortion strategy

Akamai, Black Hat USA 2023, cybercrime, News, Ransomware, report, survey, vulnerability /

Data exfiltration is now the go-to cyber extortion strategy 09/08/2023 at 06:32 By Help Net Security The abuse of zero-day and one-day vulnerabilities in the past six months led to a 143% increase in victims when comparing Q1 2022 with Q1 2023, according to Akamai. Ransomware groups target the exfiltration of files The report also

React to this headline:

Loading spinner

Data exfiltration is now the go-to cyber extortion strategy Read More »

The ransomware rollercoaster continues as criminals advance their business models

Black Hat USA 2023, CVE, cybercrime, cybersecurity, Endpoint Security, Fortinet, Malware, MITRE, News, Ransomware, report, survey /

The ransomware rollercoaster continues as criminals advance their business models 09/08/2023 at 06:02 By Help Net Security Ransomware shows no signs of slowing, with ransomware activity ending 13 times higher than at the start of 2023 as a proportion of all malware detections, according to Fortinet. Ransomware detections 1H 2023 FortiGuard Labs has documented substantial

React to this headline:

Loading spinner

The ransomware rollercoaster continues as criminals advance their business models Read More »

SandboxAQ launches open-source meta-library of cryptographic algorithms

Encryption, News, open source, SandboxAQ /

SandboxAQ launches open-source meta-library of cryptographic algorithms 09/08/2023 at 05:32 By Help Net Security SandboxAQ launched Sandwich, an open-source framework that simplifies modern cryptography management and enables developers to steer their organizations towards cryptographic agility. With a unified API, Sandwich empowers developers to embed the cryptographic algorithms of their choice directly into their applications and

React to this headline:

Loading spinner

SandboxAQ launches open-source meta-library of cryptographic algorithms Read More »

August 2023 Patch Tuesday: Microsoft fixes critical bugs in Teams, MSMQ

Automox, Don't miss, Hot stuff, Microsoft, Microsoft Exchange, Microsoft Teams, MS Office, News, Patch Tuesday, security update, Trend Micro /

August 2023 Patch Tuesday: Microsoft fixes critical bugs in Teams, MSMQ 08/08/2023 at 22:46 By Zeljka Zorz August 2023 Patch Tuesday is here; among the 76 CVE-numbered issues fixed by Microsoft this time around is a DoS vulnerability in .NET and Visual Studio (CVE-2023-38180) for which proof-of-exploit code exists. Other than the fact that a

React to this headline:

Loading spinner

August 2023 Patch Tuesday: Microsoft fixes critical bugs in Teams, MSMQ Read More »

North Korean hackers breached Russian missile development firm

backdoor, cyber espionage, Don't miss, Hot stuff, News, North Korea, research, Russian Federation, SentinelOne /

North Korean hackers breached Russian missile development firm 08/08/2023 at 16:46 By Helga Labus North Korean state-sponsored hackers have breached Russian missile maker NPO Mashinostroyeniya, according to SentinelLabs researchers. North Korean hackers discovered The researchers came across leaked email communication between NPO Mashinostroyeniya’s IT staff that contained information about a possible cyber intrusion first detected

React to this headline:

Loading spinner

North Korean hackers breached Russian missile development firm Read More »

Solvo SecurityGenie helps organizations improve their cloud security posture

Black Hat USA 2023, News, Solvo /

Solvo SecurityGenie helps organizations improve their cloud security posture 08/08/2023 at 14:02 By Industry News Cloud security breaches are a major threat to organizations with an average detection time of 277 days and human error contributing to 85% of Incidents. To address this challenge, Solvo launched SecurityGenie, a prompt-based cloud security solution with instant and

React to this headline:

Loading spinner

Solvo SecurityGenie helps organizations improve their cloud security posture Read More »

Getting the best possible outcome in ransomware negotiation

cybercrime, cybercriminals, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Ransomware, Sygnia /

Getting the best possible outcome in ransomware negotiation 08/08/2023 at 07:32 By Mirko Zorz Though typically seen as a final measure, 90% of participants from a BigID survey revealed that their company would contemplate paying a ransom if it meant they could recover data and business processes, or recover them faster. In this Help Net

React to this headline:

Loading spinner

Getting the best possible outcome in ransomware negotiation Read More »

Seasoned cyber pros are more complacent in their skills than junior staff

cybercrime, cybersecurity, Immersive Labs, News, report, survey, threat response /

Seasoned cyber pros are more complacent in their skills than junior staff 08/08/2023 at 06:46 By Help Net Security Average response time accelerated from 29 to 19 days, from 2021 to 2022, with lessons from Log4j and other high-profile vulnerabilities having a significant impact on urgency levels, according to Immersive Labs. Faster response time to

React to this headline:

Loading spinner

Seasoned cyber pros are more complacent in their skills than junior staff Read More »

Managing human cyber risks matters now more than ever

Artificial Intelligence, cybercrime, cybersecurity, News, report, SANS, security awareness, survey /

Managing human cyber risks matters now more than ever 08/08/2023 at 06:01 By Help Net Security As artificial intelligence amplifies the sophistication and reach of phishing, vishing, and smishing attacks, understanding and managing human cyber risks has become increasingly vital, according to the SANS Institute. The report underscores the escalating stakes in human cyber risks,

React to this headline:

Loading spinner

Managing human cyber risks matters now more than ever Read More »

How to get started with ongoing configuration assessments

Center for Internet Security, News, Whitepapers and webinars /

How to get started with ongoing configuration assessments 08/08/2023 at 05:46 By Help Net Security There’s an old adage in business: if you’re not measuring something, you can’t manage it. These days, information technology (IT) and information security professionals know this all too well, especially when it comes to configuration assessments. Network performance requires constant

React to this headline:

Loading spinner

How to get started with ongoing configuration assessments Read More »

Exclusive: DHS Used Clearview AI Facial Recognition In Thousands Of Child Exploitation Cold Cases

Breaking, breaking-news, cybersecurity, Editors' Pick, Innovation, News, premium, Technology /

Exclusive: DHS Used Clearview AI Facial Recognition In Thousands Of Child Exploitation Cold Cases 07/08/2023 at 23:19 By Thomas Brewster, Forbes Staff DHS is using facial recognition and AI to find child abusers and rescue victims in a major new operation underway to solve thousands of cold cases. This article is an excerpt from Forbes

React to this headline:

Loading spinner

Exclusive: DHS Used Clearview AI Facial Recognition In Thousands Of Child Exploitation Cold Cases Read More »

Keystroke sounds can betray passwords

cyberattack, Don't miss, Hot stuff, keyboard, machine learning, News, research /

Keystroke sounds can betray passwords 07/08/2023 at 15:48 By Helga Labus Researchers from several UK universities have proven that the recorded sounds of laptop keystrokes can be used to obtain sensitive user data such as passwords with a high accuracy. Sounds of keystrokes can reveal passwords, other sensitive data Side-channel attacks (SCAs) are carried out

React to this headline:

Loading spinner

Keystroke sounds can betray passwords Read More »

PaperCut fixes bug that can lead to RCE, patch quickly! (CVE-2023-39143)

Don't miss, Horizon3.ai, News, security update, Tenable, Trend Micro, vulnerability /

PaperCut fixes bug that can lead to RCE, patch quickly! (CVE-2023-39143) 07/08/2023 at 13:48 By Zeljka Zorz Horizon3.ai researchers have published some details (but no PoC for now, thankfully!) about CVE-2023-39143, two vulnerabilities in PaperCut application servers that could be exploited by unauthenticated attackers to execute code remotely. But, they noted, unlike the PaperCut vulnerability

React to this headline:

Loading spinner

PaperCut fixes bug that can lead to RCE, patch quickly! (CVE-2023-39143) Read More »

8 free cybersecurity documentaries you can watch right now

cybersecurity, Don't miss, Hot stuff, News, tips, Video /

8 free cybersecurity documentaries you can watch right now 07/08/2023 at 08:05 By Help Net Security The line between physical and digital safety continues to blur, making cybersecurity a universal concern. The intricacies of cybersecurity can often feel esoteric, leaving many outside the industry feeling daunted. However, with increasing resources becoming available, getting a handle

React to this headline:

Loading spinner

8 free cybersecurity documentaries you can watch right now Read More »

Zoom CISO Michael Adams discusses cybersecurity threats, solutions, and the future

cybersecurity, Don't miss, Features, Hot stuff, News, opinion, remote working, strategy, Zoom /

Zoom CISO Michael Adams discusses cybersecurity threats, solutions, and the future 07/08/2023 at 07:32 By Mirko Zorz In this exclusive Help Net Security interview, we delve into the world of cybersecurity with Michael Adams, the CISO at Zoom. Adams analyzes how organizations grapple with the effects of workforce shortages and remote work complications, offering insights

React to this headline:

Loading spinner

Zoom CISO Michael Adams discusses cybersecurity threats, solutions, and the future Read More »

Budget constraints threaten cybersecurity in government bodies

Black Hat USA 2023, BlackBerry, cyberattack, cybercrime, cybersecurity, News, report, survey /

Budget constraints threaten cybersecurity in government bodies 07/08/2023 at 07:02 By Help Net Security Government organizations are attractive targets for threat actors whose motivations may be geopolitical, financial, or disruption, according to BlackBerry. Because threat actors may include private individuals, small groups, or state-sponsored APT groups (which use APT tactics), government organizations must defend against

React to this headline:

Loading spinner

Budget constraints threaten cybersecurity in government bodies Read More »

Week in review: AWS SSM agents as RATs, Patch Tuesday forecast

News, Week in review /

Week in review: AWS SSM agents as RATs, Patch Tuesday forecast 06/08/2023 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Open-source penetration testing tool BloodHound CE released SpecterOps released version 5.0 of BloodHound Community Edition (CE), a free and open-source penetration testing

React to this headline:

Loading spinner

Week in review: AWS SSM agents as RATs, Patch Tuesday forecast Read More »

Scroll to Top