News

Top 12 vulnerabilities routinely exploited in 2022

ACSC, CISA, Don't miss, exploit, FBI, Hot stuff, NCSC, News, trends, vulnerability /

Top 12 vulnerabilities routinely exploited in 2022 04/08/2023 at 16:31 By Helga Labus Cybersecurity agencies from member countries of the Five Eyes intelligence alliance have released a list of the top 12 vulnerabilities routinely exploited in 2022, plus 30 additional ones also “popular” with attackers. The top 12 “In 2022, malicious cyber actors exploited older […]

React to this headline:

Loading spinner

Top 12 vulnerabilities routinely exploited in 2022 Read More »

Google makes removal of personal user info from Search easier

Don't miss, Google, Hot stuff, News, Privacy, search engine, user, user data /

Google makes removal of personal user info from Search easier 04/08/2023 at 13:17 By Helga Labus Google is making it easier for users to remove personal contact information and personal, non-consensual explicit imagery from Google search results. “Of course, removing content from Google Search does not remove it from the web or other search engines,

React to this headline:

Loading spinner

Google makes removal of personal user info from Search easier Read More »

August 2023 Patch Tuesday forecast: Software security improvements

Adobe, apple, CISA, Don't miss, Expert analysis, FIRST, Hot stuff, Ivanti, Microsoft, Mozilla, News, Patch Tuesday /

August 2023 Patch Tuesday forecast: Software security improvements 04/08/2023 at 12:17 By Help Net Security The continued onslaught of phishing attacks, ransomware deployment, and other exploitation is forcing the community to pay closer attention to early identification, as well as fast response, to vulnerabilities in their software. In July alone Microsoft addressed 84 CVEs in

React to this headline:

Loading spinner

August 2023 Patch Tuesday forecast: Software security improvements Read More »

New infosec products of the week: August 4, 2023

Forescout, Lineaje, Menlo Security, News, Qualys, SonarSource, SpecterOps, Synopsys, Traceable AI /

New infosec products of the week: August 4, 2023 04/08/2023 at 07:32 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Forescout, Menlo Security, Qualys, Sonar, SpecterOps, Synopsys, Traceable AI, and Lineaje. Open-source penetration testing tool BloodHound CE released SpecterOps released version 5.0 of BloodHound

React to this headline:

Loading spinner

New infosec products of the week: August 4, 2023 Read More »

The direct impact of cyberattacks on patient safety and care delivery

cyberattack, cybersecurity, data, Don't miss, Features, Health3PT, healthcare, Hot stuff, Memorial Sloan Kettering Cancer Center, News, opinion, Ransomware /

The direct impact of cyberattacks on patient safety and care delivery 04/08/2023 at 07:02 By Help Net Security As the healthcare industry continues its rapid transformation through the adoption of digital technologies, it is also confronted with an ever-expanding range of cybersecurity threats. In this Help Net Security interview, Dr. Omar Sangurima, Principal Technical Program

React to this headline:

Loading spinner

The direct impact of cyberattacks on patient safety and care delivery Read More »

VPNs remain a risky gamble for remote access

cybersecurity, News, Ransomware, report, survey, VPN, vulnerability, zero trust, Zscaler /

VPNs remain a risky gamble for remote access 04/08/2023 at 06:33 By Help Net Security Organizations are expressing deep concerns about their network security due to the risks from VPNs, according to a new Zscaler report. The report stresses the need for organizations to reevaluate their security posture and migrate to a zero-trust architecture due

React to this headline:

Loading spinner

VPNs remain a risky gamble for remote access Read More »

IaaS networking services revenue to hit $19.4 billion in 2023

Cloud, digital transformation, IaaS, IDC, News, report, survey /

IaaS networking services revenue to hit $19.4 billion in 2023 04/08/2023 at 06:02 By Help Net Security The importance of networking to and within cloud environments has grown significantly for enterprise customers as more and more applications, workloads, and data are moved to the cloud, according to IDC. IDC estimates that worldwide revenue for public

React to this headline:

Loading spinner

IaaS networking services revenue to hit $19.4 billion in 2023 Read More »

Onyxia’s CPM platform enables CISOs to optimize their security programs

Industry news, News, Onyxia /

Onyxia’s CPM platform enables CISOs to optimize their security programs 03/08/2023 at 15:32 By Industry News Onyxia unveiled a AI-powered Cybersecurity Performance Management (CPM) platform, a vital management platform for security leaders to better measure the performance of their cybersecurity programs and reduce risk. By having real-time Cybersecurity Performance Indicator (CPI) metrics and actionable security

React to this headline:

Loading spinner

Onyxia’s CPM platform enables CISOs to optimize their security programs Read More »

Russian APT phished government employees via Microsoft Teams

APT, Don't miss, Government, government-backed attacks, Hot stuff, Microsoft, Microsoft Teams, News, phishing, social engineering /

Russian APT phished government employees via Microsoft Teams 03/08/2023 at 15:17 By Zeljka Zorz An APT group linked to Russia’s Foreign Intelligence Service has hit employees of several dozen global organizations with phishing attacks via Microsoft Teams, says Microsoft. A social engineering attack to bypass MFA protection “To facilitate their attack, the actor uses Microsoft

React to this headline:

Loading spinner

Russian APT phished government employees via Microsoft Teams Read More »

Ivanti discloses another vulnerability in MobileIron Core (CVE-2023-35082)

0-day, Don't miss, endpoint management, Hot stuff, Ivanti, MobileIron, News, Rapid7, security update, vulnerability /

Ivanti discloses another vulnerability in MobileIron Core (CVE-2023-35082) 03/08/2023 at 13:46 By Helga Labus Ivanti has disclosed a critical vulnerability (CVE-2023-35082) affecting old, out-of-support versions of MobileIron Core, an enterprise device solution that has since been rebranded to Ivanti Endpoint Manager Mobile (EPMM). “The vulnerability was incidentally resolved in MobileIron Core 11.3 as part of

React to this headline:

Loading spinner

Ivanti discloses another vulnerability in MobileIron Core (CVE-2023-35082) Read More »

7 fake cryptocurrency investment apps discovered in Google Play, Apple App Store

Cryptocurrency, cybercrime, fake, FBI, fraud, Google Play, News, scams, Sophos /

7 fake cryptocurrency investment apps discovered in Google Play, Apple App Store 03/08/2023 at 09:47 By Help Net Security Sophos released new findings on CryptoRom scams—a subset of pig butchering schemes designed to trick users of dating apps into making fake cryptocurrency investments. Since May, Sophos X-Ops has observed CryptoRom fraudsters refining their techniques, including

React to this headline:

Loading spinner

7 fake cryptocurrency investment apps discovered in Google Play, Apple App Store Read More »

Google’s AI Red Team: Advancing cybersecurity on the AI frontier

Artificial Intelligence, cybersecurity, Don't miss, Features, Google, Hot stuff, machine learning, News, opinion, red team /

Google’s AI Red Team: Advancing cybersecurity on the AI frontier 03/08/2023 at 08:02 By Help Net Security With the rise of ML, traditional red teams tasked with probing and exposing security vulnerabilities found themselves facing a new set of challenges that required a deep and comprehensive understanding of machine learning. Google’s recent announcement about the

React to this headline:

Loading spinner

Google’s AI Red Team: Advancing cybersecurity on the AI frontier Read More »

Assess multi-cloud security with the open-source CNAPPgoat project

AWS, Ermetic, GitHub, Microsoft Azure, Microsoft Entra ID, News, open source, penetration testing, software /

Assess multi-cloud security with the open-source CNAPPgoat project 03/08/2023 at 07:31 By Help Net Security Ermetic released CNAPPgoat, an open-source project that allows organizations to test their cloud security skills, processes, tools, and posture in interactive sandbox environments that are easy to deploy and destroy. It is available on GitHub. CNAPPgoat supports AWS, Azure (Microsoft

React to this headline:

Loading spinner

Assess multi-cloud security with the open-source CNAPPgoat project Read More »

SCARF cipher sets new standards in protecting sensitive data

cybersecurity, data, Data Protection, News, vulnerability assessment /

SCARF cipher sets new standards in protecting sensitive data 03/08/2023 at 06:31 By Help Net Security A group of international researchers has achieved a breakthrough in computer security by developing a new and highly efficient cipher for cache randomization. The innovative cipher, designed by Assistant Professor Rei Ueno from the Research Institute of Electrical Communication

React to this headline:

Loading spinner

SCARF cipher sets new standards in protecting sensitive data Read More »

Organizations want stronger AI regulation amid growing concerns

Artificial Intelligence, Databricks, Dataiku, generative AI, News, report, survey /

Organizations want stronger AI regulation amid growing concerns 03/08/2023 at 06:01 By Help Net Security AI professionals are still facing some very real challenges in democratizing data, much less AI (much less Generative AI), across their organizations, according to Dataiku. While the global survey of 400 respondents revealed broad enthusiasm and action around Generative AI,

React to this headline:

Loading spinner

Organizations want stronger AI regulation amid growing concerns Read More »

Salesforce and Meta suffer phishing campaign that evades typical detection methods

0-day, cybercrime, cybersecurity, email security, Facebook, Guardio, News, phishing, Salesforce, vulnerability /

Salesforce and Meta suffer phishing campaign that evades typical detection methods 02/08/2023 at 17:18 By Help Net Security The Guardio research team discovered an email phishing campaign exploiting a zero-day vulnerability in Salesforce’s legitimate email services and SMTP servers. Phishing email sample as was sent from the “@salesforce.com” email address The vulnerability allowed threat actors

React to this headline:

Loading spinner

Salesforce and Meta suffer phishing campaign that evades typical detection methods Read More »

Attackers can turn AWS SSM agents into remote access trojans

AWS, cloud computing, cloud security, Don't miss, enterprise, Hot stuff, Mitiga, News, Remote Access Trojan, research /

Attackers can turn AWS SSM agents into remote access trojans 02/08/2023 at 16:02 By Zeljka Zorz Mitiga researchers have documented a new post-exploitation technique attackers can use to gain persistent remote access to AWS Elastic Compute Cloud (EC2) instances (virtual servers), as well as to non-EC2 machines (e.g., on-premises enterprise servers and virtual machines, and

React to this headline:

Loading spinner

Attackers can turn AWS SSM agents into remote access trojans Read More »

Delivering privacy in a world of pervasive digital surveillance: Tor Project’s Executive Director speaks out

anonymity, censorship, consumer, Don't miss, Features, Hot stuff, News, Privacy, surveillance, Tor Project /

Delivering privacy in a world of pervasive digital surveillance: Tor Project’s Executive Director speaks out 02/08/2023 at 08:02 By Zeljka Zorz The overarching mission of the US-based non-profit organization the Tor Project is to advance human rights and make open-source, privacy preserving software available to people globally, so that they can browse the internet privately,

React to this headline:

Loading spinner

Delivering privacy in a world of pervasive digital surveillance: Tor Project’s Executive Director speaks out Read More »

From tech expertise to leadership: Unpacking the role of a CISO

CISO, cybersecurity, data, Data Protection, Don't miss, Features, GoTo, Hot stuff, how-to, News, opinion, strategy, tips /

From tech expertise to leadership: Unpacking the role of a CISO 02/08/2023 at 07:34 By Mirko Zorz In this Help Net Security interview, Attila Török, CISO at GoTo, discusses how to balance technical expertise and leadership and how he navigates the rapidly evolving technological landscape. We also delve into the key challenges faced in communicating

React to this headline:

Loading spinner

From tech expertise to leadership: Unpacking the role of a CISO Read More »

67% of data breaches start with a single click

Comcast Business, cybercrime, cybercriminals, cybersecurity, News, report, survey /

67% of data breaches start with a single click 02/08/2023 at 07:02 By Help Net Security Technology is accelerating faster than it ever has before, giving IT and security teams more tools to fend off cybersecurity attacks from an increasingly diverse slate of bad actors, according to Comcast Business. Cybercriminals employ sophisticated tactics However, the

React to this headline:

Loading spinner

67% of data breaches start with a single click Read More »

Scroll to Top