Strong privacy laws boost confidence in sharing information with AI 2024-11-04 at 06:03 By Help Net Security 53% of consumers report being aware of their national privacy laws, a 17-percentage point increase compared to 2019, according to Cisco. Informed consumers are also much more likely to feel their data is protected (81%) compared to those […]
Strong privacy laws boost confidence in sharing information with AI Read More »
Week in review: Windows Themes spoofing bug “returns”, employees phished via Microsoft Teams 2024-11-03 at 11:03 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Patching problems: The “return” of a Windows Themes spoofing vulnerability Despite two patching attempts, a security issue that may allow
50% of financial orgs have high-severity security flaws in their apps 2024-11-01 at 08:03 By Help Net Security Security debt, defined for this report as flaws that remain unfixed for longer than a year, exists in 76% of organizations in the financial services sector, with 50% of organizations carrying critical security debt, according to Veracode.
50% of financial orgs have high-severity security flaws in their apps Read More »
How open-source MDM solutions simplify cross-platform device management 2024-11-01 at 07:33 By Mirko Zorz In this Help Net Security interview, Mike McNeil, CEO at Fleet, talks about the security risks posed by unmanaged mobile devices and how mobile device management (MDM) solutions help address them. He also discusses employee resistance to MDM and how open-source
How open-source MDM solutions simplify cross-platform device management Read More »
OpenPaX: Open-source kernel patch that mitigates memory safety errors 2024-11-01 at 07:03 By Mirko Zorz OpenPaX is an open-source kernel patch that mitigates common memory safety errors, re-hardening systems against application-level memory safety attacks using a simple Linux kernel patch. It’s available under the same GPLv2 license terms as the Linux kernel. “We are pleased
OpenPaX: Open-source kernel patch that mitigates memory safety errors Read More »
Threat actors are stepping up their tactics to bypass email protections 2024-11-01 at 06:33 By Help Net Security Although most organizations use emails with built-in security features that filter out suspicious messages, criminals always find a way to bypass these systems. With the development of AI technology, phishing is becoming increasingly difficult to recognize, allowing
Threat actors are stepping up their tactics to bypass email protections Read More »
Infosec products of the month: October 2024 2024-11-01 at 06:04 By Help Net Security Here’s a look at the most interesting products from the past month, featuring releases from: Action1, Balbix, BreachLock, Commvault, Dashlane, Data Theorem, Edgio, ExtraHop, Fastly, Frontegg, GitGuardian, IBM, Ivanti, Jumio, Kusari, Legit Security, Metomic, Nametag, Neon, Nucleus Security, Okta, Qualys, Rubrik,
Infosec products of the month: October 2024 Read More »
Sophos mounted counter-offensive operation to foil Chinese attackers 2024-10-31 at 16:04 By Help Net Security Sophos conducted defensive and counter-offensive operation over the last five years with multiple interlinked nation-state adversaries based in China targeting perimeter devices, including Sophos Firewalls. Espionage campaigns tied to Chinese hacking groups The attackers used a series of campaigns with
Sophos mounted counter-offensive operation to foil Chinese attackers Read More »
Google on scaling differential privacy across nearly three billion devices 2024-10-31 at 15:03 By Mirko Zorz In this Help Net Security interview, Miguel Guevara, Product Manager, Privacy Safety and Security at Google, discusses the complexities involved in scaling differential privacy technology across large systems. He emphasizes the need to develop secure, private, and user-controlled products
Google on scaling differential privacy across nearly three billion devices Read More »
Lottie Player supply chain compromise: Sites, apps showing crypto scam pop-ups 2024-10-31 at 14:38 By Zeljka Zorz A supply chain compromise involving Lottie Player, a widely used web component for playing site and app animations, has made popular decentralized finance apps show pop-ups urging users to connect their wallets, TradingView has reported. The pop-up (Source:
Lottie Player supply chain compromise: Sites, apps showing crypto scam pop-ups Read More »
Cynet enables 426% ROI in Forrester Total Economic Impact Study 2024-10-31 at 13:33 By Help Net Security Cost savings and business benefits were quantified in “The Total Economic Impact of Cynet All-in-One Security,” a commissioned study conducted by Forrester Consulting on behalf of Cynet in October 2024. The Total Economic Impact Study framework helps organizations
Cynet enables 426% ROI in Forrester Total Economic Impact Study Read More »
North Korean hackers pave the way for Play ransomware 2024-10-31 at 12:49 By Zeljka Zorz North Korean state-sponsored hackers – Jumpy Pisces, aka Andariel, aka Onyx Sleet – have been spotted burrowing into enterprise systems, then seemingly handing matters over to the Play ransomware group. Timeline of the attack (Source: Palo Alto Networks) The attack
North Korean hackers pave the way for Play ransomware Read More »
IoT needs more respect for its consumers, creations, and itself 2024-10-31 at 07:58 By Help Net Security Yet again, connected devices are in the news for all the wrong reasons. In October, security researchers found that robot vacuums from Chinese company, Ecovacs, can be compromised via a backdoor. In one case, hackers gained control over
IoT needs more respect for its consumers, creations, and itself Read More »
How agentic AI handles the speed and volume of modern threats 2024-10-31 at 07:08 By Mirko Zorz In this Help Net Security interview, Lior Div, CEO at Seven AI, discusses the concept of agentic AI and its application in cybersecurity. He explains how it differs from traditional automated security systems by offering greater autonomy and
How agentic AI handles the speed and volume of modern threats Read More »
99% of CISOs work extra hours every week 2024-10-31 at 06:06 By Help Net Security The most common challenge for CISOs is resource constraints: not enough staff, budget or technology to support the security program needed or meet compliance requirements, according to DirectDefense. Cybersecurity industry faces ongoing talent shortage The World Economic Forum claims there’s
99% of CISOs work extra hours every week Read More »
Ransomware hits web hosting servers via vulnerable CyberPanel instances 2024-10-30 at 16:19 By Zeljka Zorz A threat actor – or possibly several – has hit approximately 22,000 vulnerable instances of CyberPanel and encrypted files on the servers running it with the PSAUX and other ransomware. The PSAUX ransom note (Source: LeakIX) The CyberPanel vulnerabilities CyberPanel
Ransomware hits web hosting servers via vulnerable CyberPanel instances Read More »
Product showcase: Shift API security left with StackHawk 2024-10-30 at 15:05 By Help Net Security With the proliferation of APIs, and the speed at which AI functionality is helping fuel innovation, a strategic approach for securing APIs is no longer a nice to have, it’s a criticality. Without a proactive approach, your APIs could become
Product showcase: Shift API security left with StackHawk Read More »
Russian hackers deliver malicious RDP configuration files to thousands 2024-10-30 at 12:49 By Zeljka Zorz Midnight Blizzard – a cyber espionage group that has been linked to the Russian Foreign Intelligence Service (SVR) – is targeting government, academia, defense, and NGO workers with phishing emails containing a signed Remote Desktop Protocol (RDP) configuration file. “Based
Russian hackers deliver malicious RDP configuration files to thousands Read More »
Risk hunting: A proactive approach to cyber threats 2024-10-30 at 07:34 By Help Net Security Cybersecurity is an overly reactive industry. Too often we act like firefighters, rushing from blaze to blaze, extinguishing flames hoping to keep the damage to a minimum, rather than fire suppression experts designing environments that refuse to burn. Just consider
Risk hunting: A proactive approach to cyber threats Read More »
Simplifying decentralized identity systems for everyday use 2024-10-30 at 07:04 By Mirko Zorz In this Help Net Security interview, Carla Roncato, VP of Identity at WatchGuard Technologies, discusses how companies can balance privacy, security, and usability in digital identity systems. She emphasizes modern techniques like biometrics and passkeys to replace knowledge-based authentication methods and highlights
Simplifying decentralized identity systems for everyday use Read More »