News

Barriers preventing organizations from DevOps automation

automation, cybersecurity, data, DevOps, Dynatrace, investment, News, report, software, survey /

Barriers preventing organizations from DevOps automation 03/10/2023 at 06:02 By Help Net Security Organizations’ investments in DevOps automation are delivering significant benefits, including a 61% improvement in software quality, a 57% reduction in deployment failures, and a 55% decrease in IT costs, according to Dynatrace. In most organizations, however, DevOps automation practices remain in the […]

React to this headline:

Loading spinner

Barriers preventing organizations from DevOps automation Read More »

Critical zero-days in Exim revealed, only 3 have been fixed

0-day, Don't miss, email security, Exim, Hot stuff, Linux, News, security update, Trend Micro, vulnerability disclosure, WatchTowr /

Critical zero-days in Exim revealed, only 3 have been fixed 02/10/2023 at 17:03 By Zeljka Zorz Six zero-days in Exim, the most widely used mail transfer agent (MTA), have been revealed by Trend Micro’s Zero Day Initiative (ZDI) last Wednesday. Due to what seems to be insufficient information and poor communication, fixes for only three

React to this headline:

Loading spinner

Critical zero-days in Exim revealed, only 3 have been fixed Read More »

Critical vulnerability in WS_FTP Server exploited by attackers (CVE-2023-40044)

Assetnote, Don't miss, file-sharing, Hot stuff, News, Progress, Rapid7, security update, vulnerability /

Critical vulnerability in WS_FTP Server exploited by attackers (CVE-2023-40044) 02/10/2023 at 14:17 By Helga Labus Progress Software, the company behind the recently hacked MOVEit file-sharing tool, has recently fixed two critical vulnerabilities (CVE-2023-40044, CVE-2023-42657) in WS_FTP Server, another popular secure file transfer solution. Proof-of-concept code for CVE-2023-40044 has been available since Friday, and Rapid7 researchers

React to this headline:

Loading spinner

Critical vulnerability in WS_FTP Server exploited by attackers (CVE-2023-40044) Read More »

Most dual ransomware attacks occur within 48 hours

Don't miss, Emsisoft, FBI, Hot stuff, News, Ransomware, Sophos, Symantec, trends /

Most dual ransomware attacks occur within 48 hours 02/10/2023 at 12:16 By Helga Labus Since July 2023, the Federal Bureau of Investigation (FBI) has noticed a new trend: dual ransomware attacks on the same victim, occurring in close proximity of one another. Dual ransomware attacks Dual ransomware attacks are when against the same victim occurr

React to this headline:

Loading spinner

Most dual ransomware attacks occur within 48 hours Read More »

Lazarus impersonated Meta recruiter to breach Spanish aerospace firm

APT, backdoor, cyber espionage, ESET, News, spear-phishing /

Lazarus impersonated Meta recruiter to breach Spanish aerospace firm 02/10/2023 at 11:48 By Help Net Security Operators of the North Korea-linked Lazarus APT obtained initial access to the network of an aerospace company in Spain last year after a successful spearphishing campaign, by masquerading as a recruiter for Meta — the company behind Facebook, Instagram,

React to this headline:

Loading spinner

Lazarus impersonated Meta recruiter to breach Spanish aerospace firm Read More »

9 essential ransomware guides and checklists available for free

ANSSI, CISA, cybercrime, Don't miss, DXC Technology, Egnyte, FTC, Government, guide, Hot stuff, how-to, IBM, IBM X-Force, Malware, National Cyber Security Centre, News, Ransomware, strategy, tips /

9 essential ransomware guides and checklists available for free 02/10/2023 at 08:03 By Help Net Security According to Fortinet, ransomware activity has intensified, registering an increase of 13 times compared to the beginning of 2023 in terms of all malware detections. The rise of Ransomware-as-a-Service has primarily driven this surge in ransomware variations. According to

React to this headline:

Loading spinner

9 essential ransomware guides and checklists available for free Read More »

Securing GitHub Actions for a safer DevOps pipeline

CISA, Cloud, cloud security, credentials, cybersecurity, DevOps, Don't miss, Features, GitHub, Hot stuff, Kubernetes, monitoring, News, NSA, open source, opinion, StepSecurity /

Securing GitHub Actions for a safer DevOps pipeline 02/10/2023 at 07:32 By Mirko Zorz GitHub Actions provides a platform for continuous integration and continuous delivery (CI/CD), enabling your build, test, and deployment process automation. It allows you to establish workflows that build and test each pull request in your repository and deploy approved pull requests

React to this headline:

Loading spinner

Securing GitHub Actions for a safer DevOps pipeline Read More »

Global events fuel DDoS attack campaigns

5G, cybercriminals, cybersecurity, DDoS, Netscout, News, report, survey /

Global events fuel DDoS attack campaigns 02/10/2023 at 06:32 By Help Net Security Cybercriminals launched approximately 7.9 million DDoS attacks in 1H 2023, representing a 31% year-over-year increase, according to NETSCOUT. Global events like the Russia-Ukraine war and NATO bids have driven recent DDoS attack growth. Finland was targeted by pro-Russian hacktivists in 2022 during

React to this headline:

Loading spinner

Global events fuel DDoS attack campaigns Read More »

Infosec products of the month: September 2023

1Password, AlphaSOC, Armis, Baffle, Ciphertex Data Security, Cisco, ComplyCube, CTERA, CyberSaint, Dig, Fortinet, Ghost Security, Hornetsecurity, Immersive Labs, Kingston Digital, Laiyer.ai, MixMode, News, NTT Security, OneTrust, Panzura, Purism, runZero, SeeMetrics, Swissbit, TXOne Networks, Viavi Solutions, Wing Security /

Infosec products of the month: September 2023 02/10/2023 at 05:32 By Help Net Security Here’s a look at the most interesting products from the past month, featuring releases from: 1Password, Armis, AlphaSOC, Baffle, Ciphertex Data Security, Cisco, ComplyCube, CTERA, CyberSaint, Dig Security, Fortinet, Ghost Security, Hornetsecurity, Immersive Labs, Kingston, Laiyer.ai, MixMode, NTT Security Holdings, OneTrust,

React to this headline:

Loading spinner

Infosec products of the month: September 2023 Read More »

Week in review: Chrome zero-day is actually in libwebp, Sony hacking rumours

News, Week in review /

Week in review: Chrome zero-day is actually in libwebp, Sony hacking rumours 01/10/2023 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: How global enterprises navigate the complex world of data privacy In this Help Net Security interview, Evelyn de Souza, Head of

React to this headline:

Loading spinner

Week in review: Chrome zero-day is actually in libwebp, Sony hacking rumours Read More »

Malicious ads creep into Bing Chat responses

Artificial Intelligence, Don't miss, Hot stuff, malvertising, Malwarebytes, Microsoft, News, search engine /

Malicious ads creep into Bing Chat responses 29/09/2023 at 16:46 By Helga Labus Users of Bing Chat, the GPT-4-powered search engine Microsoft introduced earlier this year, are being targeted with ads leading to malware. According to Malwarebytes researchers, searching for Advanced IP Scanner (network-scanning software) or MyCase (legal case management software) may result in an

React to this headline:

Loading spinner

Malicious ads creep into Bing Chat responses Read More »

New infosec products of the week: September 29, 2023

AlphaSOC, Baffle, Immersive Labs, News, OneTrust, Panzura, runZero, SeeMetrics /

New infosec products of the week: September 29, 2023 29/09/2023 at 08:00 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from AlphaSOC, Baffle, Immersive Labs, OneTrust, Panzura, runZero, and SeeMetrics. Immersive Labs Workforce Exercising allows cyber leaders to identify and fill skills gaps Immersive Labs

React to this headline:

Loading spinner

New infosec products of the week: September 29, 2023 Read More »

VMware users anxious about costs and ransomware threats

data, News, Ransomware, report, software, survey, VergeIO, VMWare /

VMware users anxious about costs and ransomware threats 29/09/2023 at 07:31 By Help Net Security VMware customers have growing concerns about the state of the virtualization software and the company behind it – ranging from rising licensing costs, ransomware vulnerabilities and a diminishing quality of support, according to VergeIO. 84% of respondents indicated that they

React to this headline:

Loading spinner

VMware users anxious about costs and ransomware threats Read More »

Financial crime compliance costs exceed $206 billion

Artificial Intelligence, Compliance, cybercrime, cybersecurity, financial industry, LexisNexis Risk Solutions, News, report, survey /

Financial crime compliance costs exceed $206 billion 29/09/2023 at 07:02 By Help Net Security The growing complexity of compliance regulations and ever-evolving criminal methodologies are a major difficulty for financial institutions, according to LexisNexis Risk Solutions. Global financial crime compliance costs for financial institutions exceed $206 billion. This cost is comparable to more than 12%

React to this headline:

Loading spinner

Financial crime compliance costs exceed $206 billion Read More »

Cybersecurity budgets show moderate growth

Artico Search, CISO, Cloud, cybersecurity, IANS, investment, News, report, survey /

Cybersecurity budgets show moderate growth 29/09/2023 at 06:01 By Help Net Security Despite the economic uncertainty and inflation, security budgets generally continued to rise but at a lower rate than prior years, according to new research from IANS and Artico Search. Security budgets increase by 6% in 2023 Respondents reported an average security budget increase

React to this headline:

Loading spinner

Cybersecurity budgets show moderate growth Read More »

Yet another Chrome zero-day exploited in the wild! (CVE-2023-5217)

0-day, Chrome, Don't miss, Google, Hot stuff, News, security update, vulnerability /

Yet another Chrome zero-day exploited in the wild! (CVE-2023-5217) 28/09/2023 at 14:47 By Helga Labus Google has fixed another critical zero-day vulnerability (CVE-2023-5217) in Chrome that is being exploited in the wild. About CVE-2023-5217 The vulnerability is caused by a heap buffer overflow in vp8 encoding in libvpx – a video codec library from Google

React to this headline:

Loading spinner

Yet another Chrome zero-day exploited in the wild! (CVE-2023-5217) Read More »

How to avoid the 4 main pitfalls of cloud identity management

access management, cloud security, DevOps, Don't miss, Expert analysis, Expert corner, identity, identity management, Lacework, misconfiguration, News, opinion /

How to avoid the 4 main pitfalls of cloud identity management 28/09/2023 at 08:02 By Help Net Security Securing cloud identities isn’t easy. Organizations need to complete a laundry list of actions to confirm proper configuration, ensure clear visibility into identities, determine and understand who can take what actions, and on top of it all

React to this headline:

Loading spinner

How to avoid the 4 main pitfalls of cloud identity management Read More »

The hidden costs of neglecting cybersecurity for small businesses

Artificial Intelligence, attacks, Compliance, cybersecurity, Don't miss, education, Encryption, Features, Hot stuff, Incident Response, investment, Judy Security, MFA, News, opinion, passwords, phishing, regulation, threat, training, vulnerability /

The hidden costs of neglecting cybersecurity for small businesses 28/09/2023 at 07:31 By Mirko Zorz In this Help Net Security interview, Raffaele Mautone, CEO of Judy Security, talks about the cybersecurity problems that small businesses face and the need for prioritization to save businesses from potential fines and damage to their brand reputation. He also

React to this headline:

Loading spinner

The hidden costs of neglecting cybersecurity for small businesses Read More »

The clock is ticking for businesses to prepare for mandated certificate automation

automation, certificates, Compliance, critical infrastructure, cybersecurity, GlobalSign, News, report, SSL/TLS, survey /

The clock is ticking for businesses to prepare for mandated certificate automation 28/09/2023 at 06:36 By Help Net Security Many organizations are unprepared for sweeping industry changes that call for mandated certificate automation, according to GMO GlobalSign. There could be significant changes within the Public Key Infrastructure (PKI) marketplace, the most pressing matter being Google’s

React to this headline:

Loading spinner

The clock is ticking for businesses to prepare for mandated certificate automation Read More »

Ransomware groups are shifting their focus away from larger targets

attacks, cybercrime, cybercriminals, cybersecurity, Government, healthcare, Malware, News, Ransomware, report, survey, Trend Micro /

Ransomware groups are shifting their focus away from larger targets 28/09/2023 at 06:02 By Help Net Security One in every six ransomware attacks targeting US government offices was traced back to the LockBit ransomware group, according to Trend Micro. Overall ransomware attack victim numbers increased by 47% from H2 2022. “We’ve observed a significant increase

React to this headline:

Loading spinner

Ransomware groups are shifting their focus away from larger targets Read More »

Scroll to Top