News

Organizations actively embrace zero trust, integration remains a hurdle

Fortinet, hybrid workforce, News, policy, remote working, report, SASE, zero trust /

Organizations actively embrace zero trust, integration remains a hurdle 21/06/2023 at 06:09 By Help Net Security IT teams have made security efforts and progress in zero-trust implementation strategies to establish a new sense of normalcy following the network upheaval caused by the start of the global pandemic. They have also addressed the need to secure […]

React to this headline:

Loading spinner

Organizations actively embrace zero trust, integration remains a hurdle Read More »

Photos: Infosecurity Europe 2023

CensorNet, Cobalt, conferences, CrowdStrike, Infosecurity Europe 2023, Intruder, Island, ManageEngine, Mazebolt, News, Panorays, Source Photonics, TikTok /

Photos: Infosecurity Europe 2023 20/06/2023 at 17:37 By Help Net Security Infosecurity Europe is taking place at ExCeL London from 20-22 June 2023 and Help Net Security is on site. Here’s a closer look at the conference featuring: Island, Crowdstrike, Panorays, ManageEngine, Mazebolt, Cobalt, Intruder, TikTok, and CensorNet. The post Photos: Infosecurity Europe 2023 appeared

React to this headline:

Loading spinner

Photos: Infosecurity Europe 2023 Read More »

Compromised Linux SSH servers engage in DDoS attacks, cryptomining

AhnLab, backdoor, bot, DDoS, Don't miss, Hot stuff, Linux, Malware, News /

Compromised Linux SSH servers engage in DDoS attacks, cryptomining 20/06/2023 at 13:36 By Helga Labus Poorly managed Linux SSH servers are getting compromised by unknown attackers and instructed to engage in DDoS attacks while simultaneously mining cryptocurrency in the background. The Tsunami DDoS bot Tsunami, also known as Kaiten, is a type of DDoS bot

React to this headline:

Loading spinner

Compromised Linux SSH servers engage in DDoS attacks, cryptomining Read More »

Zyxel patches critical vulnerability in NAS devices (CVE-2023-27992)

Don't miss, NAS, News, security update, vulnerability, Zyxel /

Zyxel patches critical vulnerability in NAS devices (CVE-2023-27992) 20/06/2023 at 13:05 By Zeljka Zorz Zyxel has released firmware patches for a critical vulnerability (CVE-2023-27992) in some of its consumer network attached storage (NAS) devices. About CVE-2023-27992 CVE-2023-27992 is an OS command injection flaw that could be triggered remotely by an unauthenticated attacker, via a specially

React to this headline:

Loading spinner

Zyxel patches critical vulnerability in NAS devices (CVE-2023-27992) Read More »

ChatGPT and data protection laws: Compliance challenges for businesses

Artificial Intelligence, ChatGPT, Compliance, cyber risk, Data Protection, data security, Don't miss, Features, GDPR, HIPAA, Hot stuff, law, News, opinion, PCI DSS, Privacy, Private AI, regulation, training /

ChatGPT and data protection laws: Compliance challenges for businesses 20/06/2023 at 07:33 By Mirko Zorz In this Help Net Security interview, Patricia Thaine, CEO at Private AI, reviews the main privacy concerns when using ChatGPT in a business context, as well as the risks that businesses can face if they betray customers’ trust. Thaine also

React to this headline:

Loading spinner

ChatGPT and data protection laws: Compliance challenges for businesses Read More »

10 open-source recon tools worth your time

cybersecurity, Don't miss, Hot stuff, News, open source, OWASP, penetration testing, software /

10 open-source recon tools worth your time 20/06/2023 at 07:02 By Help Net Security Recon is the initial stage in the penetration testing process. It’s a vital phase allowing the tester to understand their target and strategize their moves. Here are ten open-source recon tools that deserve to be in your arsenal. Altdns Altdns is

React to this headline:

Loading spinner

10 open-source recon tools worth your time Read More »

Demand for STEM training skyrockets

Coursera, digital transformation, education, infosec jobs, News, remote working, report, skill development /

Demand for STEM training skyrockets 20/06/2023 at 06:02 By Help Net Security The rapid pace of globalization, digital transformation, and AI advancements have created a renewed demand for digital and human skills among US learners, according to Coursera. “The rise of digital jobs and remote work is creating unprecedented opportunities for local talent to participate

React to this headline:

Loading spinner

Demand for STEM training skyrockets Read More »

A third MOVEit vulnerability fixed, Cl0p lists victim organizations (CVE-2023-35708)

Data leak, Don't miss, extortion, file-sharing, Hot stuff, News, Progress, USA, vulnerability, WithSecure /

A third MOVEit vulnerability fixed, Cl0p lists victim organizations (CVE-2023-35708) 19/06/2023 at 15:09 By Zeljka Zorz Progress Software has asked customers to update their MOVEit Transfer installations again, to fix a third SQL injection vulnerability (CVE-2023-35708) discovered in the web application in less that a month. Previously, the Cl0p cyber extortion gang exploited CVE-2023-34362 to

React to this headline:

Loading spinner

A third MOVEit vulnerability fixed, Cl0p lists victim organizations (CVE-2023-35708) Read More »

Microsoft confirms DDoS attacks against M365, Azure Portal

Azure, DDoS, Don't miss, Hot stuff, Microsoft, Microsoft 365, News, OneDrive, Outlook /

Microsoft confirms DDoS attacks against M365, Azure Portal 19/06/2023 at 14:02 By Helga Labus The Microsoft 365 and Azure Portal outages users expirienced this month were caused by Layer 7 DDoS attacks, Microsoft has confirmed on Friday. The DDoS attacks against Microsoft 365 and Azure Portal Throughout the first half June 2023 Microsoft confirmed, at

React to this headline:

Loading spinner

Microsoft confirms DDoS attacks against M365, Azure Portal Read More »

Three cybersecurity actions that make a difference

Accenture, CISO, cyber resilience, cybersecurity, digital transformation, how-to, News, report, strategy, tips /

Three cybersecurity actions that make a difference 19/06/2023 at 06:02 By Help Net Security Organizations that closely align their cybersecurity programs to business objectives are 18% more likely to achieve target revenue growth and market share and improve customer satisfaction, as well as 26% more likely to lower the cost of cybersecurity breaches/incidents, on average,

React to this headline:

Loading spinner

Three cybersecurity actions that make a difference Read More »

Untangling the web of supply chain security with Tony Turner

Cybellum, News, Opswright, podcast /

Untangling the web of supply chain security with Tony Turner 19/06/2023 at 05:38 By Help Net Security Decades ago, Tony Turner, CEO of Opswright and author of Software Transparency: Supply Chain Security in an Era of a Software-Driven Society, faced an SQL Slammer worm. Having been one of the 75,000 infected users, he called upon

React to this headline:

Loading spinner

Untangling the web of supply chain security with Tony Turner Read More »

Week in review: Fortinet patches pre-auth RCE, Switzerland under cyberattack

News, Week in review /

Week in review: Fortinet patches pre-auth RCE, Switzerland under cyberattack 18/06/2023 at 11:03 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Building a culture of security awareness in healthcare begins with leadership In this Help Net Security interview, Ken Briggs, General Counsel at Salucro,

React to this headline:

Loading spinner

Week in review: Fortinet patches pre-auth RCE, Switzerland under cyberattack Read More »

Photos: BSidesLjubljana 0x7E7

BSidesLjubljana, conferences, News /

Photos: BSidesLjubljana 0x7E7 16/06/2023 at 14:03 By Mirko Zorz BSidesLjubljana 0x7E7 is taking place today at the Computer History Museum, and Help Net Security is on site. Here’s a look at the event featuring Solar Designer (Openwall), Boris Sieklik (MongoDB), Darko Kukovec (Infinum), and Daniel Poposki. The post Photos: BSidesLjubljana 0x7E7 appeared first on Help

React to this headline:

Loading spinner

Photos: BSidesLjubljana 0x7E7 Read More »

New infosec products of the week: June 16, 2023

Netscout, News, Okta, Quantinuum, Seceon, Zilla Security /

New infosec products of the week: June 16, 2023 16/06/2023 at 07:31 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from NETSCOUT, Okta, Quantinuum, Seceon, and Zilla Security. Okta Device Access enables businesses to secure access to both devices and applications As part of Okta’s

React to this headline:

Loading spinner

New infosec products of the week: June 16, 2023 Read More »

Cybercriminals return to business as usual in a post-pandemic world

cybercriminals, cybersecurity, Malware, News, phishing, Proofpoint, report, threats /

Cybercriminals return to business as usual in a post-pandemic world 16/06/2023 at 06:31 By Help Net Security After two years of pandemic-induced disruption, 2022 was a return to business as usual for the world’s cybercriminals, according to Proofpoint. As COVID-19 medical and economic programs began to wind down, attackers had to find new ways to

React to this headline:

Loading spinner

Cybercriminals return to business as usual in a post-pandemic world Read More »

Cybersecurity culture improves despite the dark clouds of the past year

CISO, ClubCISO, cybercrime, cybersecurity, News, survey, Telstra Purple /

Cybersecurity culture improves despite the dark clouds of the past year 16/06/2023 at 06:00 By Help Net Security Despite a hardening economic climate, heightened global tensions and the onset of new technology making cybercrime easier, 76% of the CISOs, suggested that no material breaches had occurred and 60% said that no material cybersecurity incident had

React to this headline:

Loading spinner

Cybersecurity culture improves despite the dark clouds of the past year Read More »

VMware fixes critical flaws in Aria Operations for Networks (CVE-2023-20887)

Don't miss, enterprise, Hot stuff, News, PoC, security update, Tenable, VMWare, vulnerability /

VMware fixes critical flaws in Aria Operations for Networks (CVE-2023-20887) 15/06/2023 at 13:01 By Helga Labus VMware has fixed two critical (CVE-2023-20887, CVE-2023-20888) and one important vulnerability (CVE-2023-20889) in Aria Operations for Networks (formerly vRealize Network Insight), its popular enterprise network monitoring tool. About the vulnerabilities (CVE-2023-20887, CVE-2023-20888,CVE-2023-20889) CVE-2023-20887 is a pre-authentication command injection vulnerability

React to this headline:

Loading spinner

VMware fixes critical flaws in Aria Operations for Networks (CVE-2023-20887) Read More »

Fiddler Auditor: Open-source tool evaluates the robustness of large language models

Don't miss, Fiddler, GitHub, News, open source, software /

Fiddler Auditor: Open-source tool evaluates the robustness of large language models 15/06/2023 at 07:17 By Help Net Security Fiddler Auditor is an open-source tool designed to evaluate the robustness of Large Language Models (LLMs) and Natural Language Processing (NLP) models. LLMs can sometimes produce unwarranted content, potentially create hostile responses, and may disclose confidential information

React to this headline:

Loading spinner

Fiddler Auditor: Open-source tool evaluates the robustness of large language models Read More »

Cyber debt levels reach tipping point

Artificial Intelligence, CISO, cyber risk, CyberArk, cybersecurity, digital transformation, News, report /

Cyber debt levels reach tipping point 15/06/2023 at 06:35 By Help Net Security The tension between difficult economic conditions and the pace of technology innovation, including the evolution of AI, is influencing the growth of identity-led cybersecurity exposure, according to CyberArk. The CyberArk’s report details how these issues – allied to an expected 240% growth

React to this headline:

Loading spinner

Cyber debt levels reach tipping point Read More »

Small organizations outpace large enterprises in MFA adoption

authentication, cybersecurity, MFA, News, Okta, passwordless, report /

Small organizations outpace large enterprises in MFA adoption 15/06/2023 at 06:04 By Help Net Security The use of MFA has nearly doubled since 2020 and that phishing-resistant authenticators represent the best choice in terms of security and convenience for users, according to Okta. MFA authentication gains traction MFA authentication has steadily gained traction across organizations

React to this headline:

Loading spinner

Small organizations outpace large enterprises in MFA adoption Read More »

Scroll to Top