News

Week in review: VirusTotal data leak, Citrix NetScaler zero-day exploitation

News, Week in review /

Week in review: VirusTotal data leak, Citrix NetScaler zero-day exploitation 23/07/2023 at 11:03 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Citrix ADC zero-day exploitatation: CISA releases details about attack on CI organization (CVE-2023-3519) The exploitation of the Citrix NetScaler ADC zero-day vulnerability (CVE-2023-3519) […]

React to this headline:

Loading spinner

Week in review: VirusTotal data leak, Citrix NetScaler zero-day exploitation Read More »

North Korean hackers targeted tech companies through JumpCloud and GitHub

APT, CrowdStrike, Don't miss, GitHub, government-backed attacks, Hot stuff, JumpCloud, Mandiant, News, North Korea, social engineering, spear-phishing /

North Korean hackers targeted tech companies through JumpCloud and GitHub 21/07/2023 at 16:03 By Helga Labus North Korean state-sponsored hackers have been linked to two recent cyberattack campaigns: one involving a spear-phishing attack on JumpCloud and the other targeting tech employees on GitHub through a social engineering campaign. The JumpCloud intrusion On June 27, JumpCloud

React to this headline:

Loading spinner

North Korean hackers targeted tech companies through JumpCloud and GitHub Read More »

Citrix ADC zero-day exploitatation: CISA releases details about attack on CI organization (CVE-2023-3519)

0-day, CISA, Citrix, critical infrastructure, Don't miss, GreyNoise, Hot stuff, Incident Response, News /

Citrix ADC zero-day exploitatation: CISA releases details about attack on CI organization (CVE-2023-3519) 21/07/2023 at 14:19 By Zeljka Zorz The exploitation of the Citrix NetScaler ADC zero-day vulnerability (CVE-2023-3519) was first spotted by a critical infrastructure organization, who reported it to the Cybersecurity and Infrastructure Security Agency (CISA). “In June 2023, threat actors exploited this

React to this headline:

Loading spinner

Citrix ADC zero-day exploitatation: CISA releases details about attack on CI organization (CVE-2023-3519) Read More »

New infosec products of the week: July 21, 2023

Code42, ComplyAdvantage, Diligent, News, Privacera, Tenable /

New infosec products of the week: July 21, 2023 21/07/2023 at 08:03 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Code42, ComplyAdvantage, Diligent, Privacera, and Tenable. Tenable unveils agentless container scanning to prevent vulnerable containers from reaching runtime Tenable Cloud Security agentless container scanning

React to this headline:

Loading spinner

New infosec products of the week: July 21, 2023 Read More »

Attackers intensify DDoS attacks with new tactics

attacks, cybercrime, cybersecurity, DDoS, Gcore, News, report /

Attackers intensify DDoS attacks with new tactics 21/07/2023 at 07:31 By Help Net Security As we entered 2023, the cybersecurity landscape witnessed an increase in sophisticated, high-volume attacks, according to Gcore. The maximum attack power rose from 600 to 800 Gbps. UDP flood attacks were most common and amounted to 52% of total attacks, while

React to this headline:

Loading spinner

Attackers intensify DDoS attacks with new tactics Read More »

Life sciences leaders act to counter insider-driven data loss

Code42, data, data loss prevention, News, report /

Life sciences leaders act to counter insider-driven data loss 21/07/2023 at 06:31 By Help Net Security Life sciences companies, including medical device manufacturers, biotech and pharmaceutical companies, are experiencing increasing rates of insider-driven data loss events, according to Code42. Faced with this growing threat, life sciences leaders are prioritizing modern data loss prevention strategies, which

React to this headline:

Loading spinner

Life sciences leaders act to counter insider-driven data loss Read More »

CISOs are making cybersecurity a business problem

cyber resilience, cybersecurity, data breach, Don't miss, investment, ISG, News, report, risk assessment, threats, zero trust /

CISOs are making cybersecurity a business problem 21/07/2023 at 06:02 By Help Net Security U.S. enterprises are responding to growing cybersecurity threats by working to make the best use of tools and services to ensure business resilience, according to ISG. Enterprises face growing cybersecurity threats The report for the U.S. finds that the U.S. security

React to this headline:

Loading spinner

CISOs are making cybersecurity a business problem Read More »

Microsoft Exchange servers compromised by Turla APT

APT, backdoor, cyber espionage, data theft, Don't miss, Hot stuff, Microsoft, News, Ukraine /

Microsoft Exchange servers compromised by Turla APT 20/07/2023 at 15:17 By Helga Labus Turla has been targeting defense sector organizations in Ukraine and Eastern Europe with DeliveryCheck and Kazuar backdoors / infostealers and has been using compromised Microsoft Exchange servers to control them. Turla APT Turla (aka Secret Blizzard, Snake, UAC-0003) is a sophisticated and

React to this headline:

Loading spinner

Microsoft Exchange servers compromised by Turla APT Read More »

Thanks Storm-0558! Microsoft to expand default access to cloud logs

APT, CISA, cloud security, Don't miss, enterprise, Government, government-backed attacks, Hot stuff, logging, Microsoft, Microsoft 365, News /

Thanks Storm-0558! Microsoft to expand default access to cloud logs 20/07/2023 at 13:31 By Zeljka Zorz Starting in September 2023, more federal government and commercial Microsoft customers will have access to expanded cloud logging capabilities at no additional charge, Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA) have announced on Wednesday. The announcements come

React to this headline:

Loading spinner

Thanks Storm-0558! Microsoft to expand default access to cloud logs Read More »

LLMs and AI positioned to dominate the AppSec world

Application Security, cybersecurity, Endor Labs, Malware, News, open source, report, vulnerability /

LLMs and AI positioned to dominate the AppSec world 20/07/2023 at 07:33 By Help Net Security As modern software trends toward distributed architectures, microservices, and extensive use of third-party and open source components, dependency management only gets harder, according to Endor Labs. Application development risks A new research report explores emerging trends that software organizations

React to this headline:

Loading spinner

LLMs and AI positioned to dominate the AppSec world Read More »

67% of daily security alerts overwhelm SOC analysts

attacks, cybersecurity, News, report, SOC, Vectra /

67% of daily security alerts overwhelm SOC analysts 20/07/2023 at 06:36 By Help Net Security Today’s security operations (SecOps) teams are tasked with protecting progressively sophisticated, fast-paced cyberattacks, according to Vectra AI. Yet, the complexity of people, processes, and technology at their disposal is making cyber defense increasingly unsustainable. The ever-expanding attack surface combined with

React to this headline:

Loading spinner

67% of daily security alerts overwhelm SOC analysts Read More »

Exploring the macro shifts in enterprise security

attacks, Cloud, cloud security, cybersecurity, data breach, identity management, News, Ransomware, Scale, supply chain compromise, survey /

Exploring the macro shifts in enterprise security 20/07/2023 at 06:04 By Help Net Security The number of successful ransomware attacks and data breach attempts fell by 30% over the last year, the number of reported security incident types at organizations increased, according to the 2023 Cybersecurity Perspectives Survey by Scale. Security incident types In fact,

React to this headline:

Loading spinner

Exploring the macro shifts in enterprise security Read More »

U.S. Cyber Trust Mark labeling program raises the bar for smart devices’ cybersecurity

certification, CISA, Closed Door Security, cybersecurity, Government, hardware, News, NIST, Privacy, regulation, USA /

U.S. Cyber Trust Mark labeling program raises the bar for smart devices’ cybersecurity 19/07/2023 at 13:33 By Help Net Security The Biden-Harris Administration has announced a cybersecurity certification and labeling program to help Americans more easily choose smart devices that are safer and less vulnerable to cyberattacks. The new “U.S. Cyber Trust Mark” program proposed

React to this headline:

Loading spinner

U.S. Cyber Trust Mark labeling program raises the bar for smart devices’ cybersecurity Read More »

Cybersecurity measures SMBs should implement

cyberattack, Don't miss, Hot stuff, News, security awareness, security controls, SMBs /

Cybersecurity measures SMBs should implement 19/07/2023 at 13:33 By Helga Labus Small and medium-sized businesses (SMBs) are targeted by cyberattackers as much as large companies, the 2023 Verizon Data Breach Investigations Report (DBIR) has revealed; here are some cybersecurity controls they should prioritize. Company size does not matter to cyber attackers SMBs often underestimate their

React to this headline:

Loading spinner

Cybersecurity measures SMBs should implement Read More »

Citrix NetScaler zero-day exploited in the wild, patch is available (CVE-2023-3519)

0-day, Citrix, Don't miss, Hot stuff, News, security update, vulnerability /

Citrix NetScaler zero-day exploited in the wild, patch is available (CVE-2023-3519) 19/07/2023 at 12:34 By Helga Labus Citrix has patched three vulnerabilities (CVE-2023-3519, CVE-2023-3466, CVE-2023-3467) in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway), one of which is a zero-day being exploited by attackers. A zero-day patched (CVE-2023-3519) CVE-2023-3519 is a remote

React to this headline:

Loading spinner

Citrix NetScaler zero-day exploited in the wild, patch is available (CVE-2023-3519) Read More »

Using AI/ML to optimize your tech stack and enhance business efficiency

Artificial Intelligence, CIO, digital transformation, Don't miss, Features, Hot stuff, how-to, Lenovo, machine learning, News, opinion, regulation, strategy, tips /

Using AI/ML to optimize your tech stack and enhance business efficiency 19/07/2023 at 07:32 By Mirko Zorz In this Help Net Security interview, Arthur Hu, SVP, Global CIO and Services & Solutions Group CTO at Lenovo, discusses how AI/ML is optimizing tech stacks, the hurdles anticipated in its integration, the role of AI in enterprise

React to this headline:

Loading spinner

Using AI/ML to optimize your tech stack and enhance business efficiency Read More »

Supply chain executives unaware of growing customer trust issues

cybersecurity, Deloitte, News, report, supply chain /

Supply chain executives unaware of growing customer trust issues 19/07/2023 at 06:03 By Help Net Security Supply chain executives significantly overestimate stakeholder trust in their supply chain capabilities and intentions, according to Deloitte. Of more than 1,000 executives from large global organizations surveyed, 89% on average who self-identified as leading suppliers said customers trust their

React to this headline:

Loading spinner

Supply chain executives unaware of growing customer trust issues Read More »

eBook: 9 Ways to Secure Your Cloud App Dev Pipeline

News, Uptycs, Whitepapers and webinars /

eBook: 9 Ways to Secure Your Cloud App Dev Pipeline 19/07/2023 at 05:47 By Help Net Security Improve your cloud security with these 9 proven strategies. Uptycs, alongside renowned expert Lee Atchison, share their list of comprehensive tactics to mitigate risks facing modern development teams. To address these emerging risks, Uptycs has created an eBook,

React to this headline:

Loading spinner

eBook: 9 Ways to Secure Your Cloud App Dev Pipeline Read More »

Kyndryl and Veritas launch two services for data protection and recovery

Kyndryl, News, Veritas Technologies /

Kyndryl and Veritas launch two services for data protection and recovery 18/07/2023 at 17:38 By Industry News Kyndryl and Veritas Technologies unveiled two new services — Data Protection Risk Assessment with Veritas and Incident Recovery with Veritas. As a key milestone in Kyndryl and Veritas’ strategic alliance, these services help enterprises protect and recover their

React to this headline:

Loading spinner

Kyndryl and Veritas launch two services for data protection and recovery Read More »

Google Lacked ‘Manpower’ To Help Feds On Emergency Domestic Terror Threat, FBI Reports

cybersecurity, Editors' Pick, Innovation, News, premium, Technology /

Google Lacked ‘Manpower’ To Help Feds On Emergency Domestic Terror Threat, FBI Reports 18/07/2023 at 17:17 By Thomas Brewster, Forbes Staff Google claimed that it was so overwhelmed with emergency requests from law enforcement last year that it couldn’t help the FBI review livestreams which had allegedly been used to threaten racist murders in St.

React to this headline:

Loading spinner

Google Lacked ‘Manpower’ To Help Feds On Emergency Domestic Terror Threat, FBI Reports Read More »

Scroll to Top