News

Product showcase: Shift API security left with StackHawk

API security, Don't miss, Hot stuff, News, Product showcase, StackHawk /

Product showcase: Shift API security left with StackHawk 2024-10-30 at 15:05 By Help Net Security With the proliferation of APIs, and the speed at which AI functionality is helping fuel innovation, a strategic approach for securing APIs is no longer a nice to have, it’s a criticality. Without a proactive approach, your APIs could become […]

React to this headline:

Loading spinner

Product showcase: Shift API security left with StackHawk Read More »

Russian hackers deliver malicious RDP configuration files to thousands

Amazon, APT, Australia, cyber espionage, Don't miss, Europe, Government, Hot stuff, Japan, Microsoft, News, RDP, Russian Federation, spear-phishing, UK /

Russian hackers deliver malicious RDP configuration files to thousands 2024-10-30 at 12:49 By Zeljka Zorz Midnight Blizzard – a cyber espionage group that has been linked to the Russian Foreign Intelligence Service (SVR) – is targeting government, academia, defense, and NGO workers with phishing emails containing a signed Remote Desktop Protocol (RDP) configuration file. “Based

React to this headline:

Loading spinner

Russian hackers deliver malicious RDP configuration files to thousands Read More »

Risk hunting: A proactive approach to cyber threats

cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, risk, Risk Management, vulnerability management, Zscaler /

Risk hunting: A proactive approach to cyber threats 2024-10-30 at 07:34 By Help Net Security Cybersecurity is an overly reactive industry. Too often we act like firefighters, rushing from blaze to blaze, extinguishing flames hoping to keep the damage to a minimum, rather than fire suppression experts designing environments that refuse to burn. Just consider

React to this headline:

Loading spinner

Risk hunting: A proactive approach to cyber threats Read More »

Simplifying decentralized identity systems for everyday use

authentication, credentials, cybersecurity, Don't miss, Features, Hot stuff, identity, News, opinion, Privacy, standards, WatchGuard /

Simplifying decentralized identity systems for everyday use 2024-10-30 at 07:04 By Mirko Zorz In this Help Net Security interview, Carla Roncato, VP of Identity at WatchGuard Technologies, discusses how companies can balance privacy, security, and usability in digital identity systems. She emphasizes modern techniques like biometrics and passkeys to replace knowledge-based authentication methods and highlights

React to this headline:

Loading spinner

Simplifying decentralized identity systems for everyday use Read More »

6 key elements for building a healthcare cybersecurity response plan

cyber risk, healthcare, Incident Response, News, Ransomware, report, risk assessment, Software Advice, strategy, survey /

6 key elements for building a healthcare cybersecurity response plan 2024-10-30 at 06:33 By Help Net Security Medical practices remain vulnerable to cyberattacks, with over a third unable to cite a cybersecurity incident response plan, according to Software Advice. This gap exposes healthcare providers to risks of patient data breaches, HIPAA violations, financial penalties, and

React to this headline:

Loading spinner

6 key elements for building a healthcare cybersecurity response plan Read More »

US charges suspected Redline infostealer developer, admin

Don't miss, ESET, Eurojust, Hot stuff, Justice Department, law enforcement, Malware, News /

US charges suspected Redline infostealer developer, admin 2024-10-29 at 18:22 By Zeljka Zorz The identity of a suspected developer and administrator of the Redline malware-as-a-service operation has been revealed: Russian national Maxim Rudometov. Infrastructure takedown As promised on Monday when they announced the disruption of the Redline and Meta infostealer operations, law enforcement Operation Magnus

React to this headline:

Loading spinner

US charges suspected Redline infostealer developer, admin Read More »

Phishers reach targets via Eventbrite services

Don't miss, Eventbrite, Hot stuff, News, Perception Point, phishing /

Phishers reach targets via Eventbrite services 2024-10-29 at 15:17 By Zeljka Zorz Crooks are leveraging the event management and ticketing website Eventbrite to deliver their phishing emails to potential targets. “Since July, these attacks have increased 25% week over week, resulting in a total growth rate of 900%,” Perception Point researchers say. The phishing emails

React to this headline:

Loading spinner

Phishers reach targets via Eventbrite services Read More »

Patching problems: The “return” of a Windows Themes spoofing vulnerability

0-day, 0patch, ACROS Security, Data leak, Don't miss, Hot stuff, micropatch, News, Windows /

Patching problems: The “return” of a Windows Themes spoofing vulnerability 2024-10-29 at 12:18 By Zeljka Zorz Despite two patching attempts, a security issue that may allow attackers to compromise Windows user’s NTLM (authentication) credentials via a malicious Windows themes file still affects Microsoft’s operating system, 0patch researchers have discovered. The path to discovery The story

React to this headline:

Loading spinner

Patching problems: The “return” of a Windows Themes spoofing vulnerability Read More »

Inside console security: How innovations shape future hardware protection

cybersecurity, Don't miss, exploit, Features, hardware, Hot stuff, News, online gaming, opinion, Sony /

Inside console security: How innovations shape future hardware protection 2024-10-29 at 08:00 By Mirko Zorz In this Help Net Security interview, security researchers Specter and ChendoChap discuss gaming consoles’ unique security model, highlighting how it differs from other consumer devices. They also share their thoughts on how advancements in console security could shape future consumer

React to this headline:

Loading spinner

Inside console security: How innovations shape future hardware protection Read More »

OT PCAP Analyzer: Free PCAP analysis tool

EmberOT, networking, News, software /

OT PCAP Analyzer: Free PCAP analysis tool 2024-10-29 at 07:34 By Mirko Zorz EmberOT’s OT PCAP Analyzer, developed for the industrial security community, is a free tool providing a high-level overview of the devices and protocols in packet capture files. “The OT PCAP Analyzer was designed specifically with critical OT environments in mind. We’ve created

React to this headline:

Loading spinner

OT PCAP Analyzer: Free PCAP analysis tool Read More »

Cybersecurity jobs available right now: October 29, 2024

cybersecurity jobs, News /

Cybersecurity jobs available right now: October 29, 2024 2024-10-29 at 07:03 By Anamarija Pogorelec API Gateway Security Engineer Ness Technologies | Israel | Hybrid – View job details As an API Gateway Security Engineer, you will be responsible for managing and implementing API Gateway solutions with a strong focus on information security. Your responsibilities will

React to this headline:

Loading spinner

Cybersecurity jobs available right now: October 29, 2024 Read More »

Trust and risk in the AI era

Artificial Intelligence, automation, cybersecurity, News, report, survey, Vanta /

Trust and risk in the AI era 2024-10-29 at 06:07 By Help Net Security 55% of organizations say the security risks for their business have never been higher, according to Vanta. Yet the average company only dedicates 11% of its IT budget to security — far from the ideal allocation of 17%, according to business

React to this headline:

Loading spinner

Trust and risk in the AI era Read More »

Black Basta operators phish employees via Microsoft Teams

Don't miss, enterprise, Hot stuff, Microsoft Teams, News, phishing, Ransomware, ReliaQuest, SMBs, social engineering /

Black Basta operators phish employees via Microsoft Teams 2024-10-28 at 18:51 By Zeljka Zorz Black Basta ransomware affiliates are still trying to trick enterprise employees into installing remote access tool by posing as help desk workers, now also via Microsoft Teams. Phishing via MS Teams Earlier this year, Rapid7 warned about Black Basta using the

React to this headline:

Loading spinner

Black Basta operators phish employees via Microsoft Teams Read More »

Police hacks, disrupts Redline, Meta infostealer operations

Don't miss, Hot stuff, law enforcement, Malware, News /

Police hacks, disrupts Redline, Meta infostealer operations 2024-10-28 at 16:25 By Zeljka Zorz The Dutch National Police, along with partner law enforcement agencies, has disrupted the operation of the Redline and Meta infostealers and has collected information that may unmask users who paid to leverage the infamous malware. Screenshot of the Redline License Server panel

React to this headline:

Loading spinner

Police hacks, disrupts Redline, Meta infostealer operations Read More »

A good cyber leader prioritizes the greater good

cyber hygiene, cybersecurity, Don't miss, Expert analysis, Expert corner, ExtraHop, Hot stuff, News, opinion, strategy /

A good cyber leader prioritizes the greater good 2024-10-28 at 08:01 By Help Net Security In the war against malicious cyber activity, it’s time for security vendors to step in – and it’s not how you might think. CISA Director Jen Easterly put it right at this year’s Black Hat conference: “We got ourselves into

React to this headline:

Loading spinner

A good cyber leader prioritizes the greater good Read More »

How isolation technologies are shaping the future of Kubernetes security

containers, cybersecurity, Don't miss, Edera, Features, Hot stuff, Kubernetes, News, opinion, regulation /

How isolation technologies are shaping the future of Kubernetes security 2024-10-28 at 08:01 By Mirko Zorz In this Help Net Security interview, Emily Long, CEO at Edera, discusses the most common vulnerabilities in Kubernetes clusters and effective mitigation strategies. Long shares insights on emerging isolation technologies that could enhance Kubernetes security and better protect containerized

React to this headline:

Loading spinner

How isolation technologies are shaping the future of Kubernetes security Read More »

Fraudsters revive old tactics mixed with modern technology

cybercrime, cybersecurity, fraud, News, report, scams, survey, Visa /

Fraudsters revive old tactics mixed with modern technology 2024-10-28 at 07:04 By Help Net Security Threat actors continue to probe the payments ecosystem for vulnerabilities and were successful in conducting fraud schemes affecting multiple financial institutions, technologies, and processes, according to Visa. The resurgence of physical theft Scammers are going back to basics with an

React to this headline:

Loading spinner

Fraudsters revive old tactics mixed with modern technology Read More »

Top 10 strategic technology trends shaping the future of business

Artificial Intelligence, CIO, cybersecurity, digital transformation, Gartner, News, report, strategy, survey /

Top 10 strategic technology trends shaping the future of business 2024-10-28 at 06:03 By Help Net Security The ethical and responsible use of technology is fast becoming part of the mandate for CIOs, as organizations balance the need for progress with the protection of stakeholders’ trust and well-being, according to Gartner. “This year’s top strategic

React to this headline:

Loading spinner

Top 10 strategic technology trends shaping the future of business Read More »

Week in review: Fortinet patches critical FortiManager 0-day, VMware fixes vCenter Server RCE

News, Week in review /

Week in review: Fortinet patches critical FortiManager 0-day, VMware fixes vCenter Server RCE 2024-10-27 at 11:19 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Fortinet releases patches for publicly undisclosed critical FortiManager vulnerability In the last couple of days, Fortinet has released critical security

React to this headline:

Loading spinner

Week in review: Fortinet patches critical FortiManager 0-day, VMware fixes vCenter Server RCE Read More »

SEC fines tech companies for misleading SolarWinds disclosures

Avaya, Check Point, Compliance, cyber risk, Don't miss, Mimecast, News, SolarWinds, Unisys /

SEC fines tech companies for misleading SolarWinds disclosures 2024-10-25 at 15:07 By Help Net Security The Securities and Exchange Commission charged four current and former public companies – Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd, and Mimecast Limited – with making materially misleading disclosures regarding cybersecurity risks and intrusions. The SEC also

React to this headline:

Loading spinner

SEC fines tech companies for misleading SolarWinds disclosures Read More »

Scroll to Top