News

Unclear pricing for GRC tools creates market confusion

cybersecurity, Gartner, GRC, News, report, risk assessment, strategy, survey /

Unclear pricing for GRC tools creates market confusion 2024-10-25 at 06:33 By Help Net Security Due to widely varying government, risk, and compliance (GRC) tool pricing, enterprise risk management (ERM) leaders must understand four different pricing-tier categories of GRC solutions and apply a scoping framework to further estimate likely costs ahead of vendor selection, according […]

Unclear pricing for GRC tools creates market confusion Read More »

New infosec products of the week: October 25, 2024

Fastly, IBM, Ivanti, Kusari, News, Nucleus Security /

New infosec products of the week: October 25, 2024 2024-10-25 at 06:03 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Fastly, IBM, Ivanti, Kusari, and Nucleus Security. IBM Guardium Data Security Center protects hybrid cloud and AI IBM Guardium Data Security Center provides a

New infosec products of the week: October 25, 2024 Read More »

Trustwave Again Named as an MSSP Alert Top 10 Managed Security Services Provider

database security, Managed Detection and Response, Managed Security Services, News, SIEM/SOC, Spotlights /

Trustwave Again Named as an MSSP Alert Top 10 Managed Security Services Provider 2024-10-24 at 16:03 By For eight consecutive years, MSSP Alert has named Trustwave as one of the Top 10 Managed Security Services Providers worldwide. Trustwave placed 10th on MSSP’s 2024 Top 250 MSSP list, indicating the company’s status as a leading provider of managed security services. This

Trustwave Again Named as an MSSP Alert Top 10 Managed Security Services Provider Read More »

Fortinet FortiManager flaw exploited in zero-day attacks (CVE-2024-47575)

0-day, Don't miss, enterprise, Fortinet, Hot stuff, MSP, News, Rapid7, security update /

Fortinet FortiManager flaw exploited in zero-day attacks (CVE-2024-47575) 2024-10-24 at 12:18 By Zeljka Zorz Fortinet has finally made public information about CVE-2024-47575, a critical FortiManager vulnerability that attackers have exploited as a zero-day. About CVE-2024-47575 CVE-2024-47575 is a vulnerability stemming from missing authentication for a critical function in FortiManager’s fgfmd daemon. Remote, unauthenticated attackers could

Fortinet FortiManager flaw exploited in zero-day attacks (CVE-2024-47575) Read More »

What’s more important when hiring for cybersecurity roles?

certification, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, MyTurn, News, opinion, skill development, training /

What’s more important when hiring for cybersecurity roles? 2024-10-24 at 08:03 By Help Net Security When building a cybersecurity team, you likely asked yourself, “Should I focus on certifications or real-world skills?” And since you rarely encounter entry-level candidates who can hit the ground running, naturally, you’d consider a candidate with both. But that’s not

What’s more important when hiring for cybersecurity roles? Read More »

Enhancing national security: The four pillars of the National Framework for Action

Center for Internet Security, cybersecurity, DOJ, Don't miss, Features, generative AI, Hot stuff, law enforcement, News, opinion, resilience, threat detection /

Enhancing national security: The four pillars of the National Framework for Action 2024-10-24 at 07:33 By Mirko Zorz In this Help Net Security interview, John Cohen, Executive Director, Program for Countering Hybrid Threats at the Center for Internet Security, discusses the four pillars of the National Framework for Action, emphasizing how these measures can combat

Enhancing national security: The four pillars of the National Framework for Action Read More »

AI and deepfakes fuel phishing scams, making detection harder

Artificial Intelligence, credentials, cybercrime, cybersecurity, News, report, survey, Teleport /

AI and deepfakes fuel phishing scams, making detection harder 2024-10-24 at 06:03 By Help Net Security AI impersonation is now the hardest vector for cybersecurity professionals to protect companies against, according to Teleport. The study, which surveyed 250 senior US and UK decision-makers, shows that social engineering remains one of the top tactics cybercriminals use

AI and deepfakes fuel phishing scams, making detection harder Read More »

How to enable Safe Browsing in Google Chrome on Android

browser, Chrome, cybersecurity, Google, News, tips /

How to enable Safe Browsing in Google Chrome on Android 2024-10-24 at 06:03 By Help Net Security To safeguard your data, Google Chrome uses Safe Browsing to protect you from: harmful websites and extensions, malicious or intrusive advertisements, malware, phishing attacks, and social engineering threats. Safe Browsing scans and evaluates websites to identify potentially harmful

How to enable Safe Browsing in Google Chrome on Android Read More »

ESET HOME Security enhancements strengthen protection against AI-driven threats

ESET, News /

ESET HOME Security enhancements strengthen protection against AI-driven threats 2024-10-23 at 12:33 By Industry News ESET announced its upgraded consumer offering, ESET HOME Security, with new features, such as ESET Folder Guard and Multithread Scanning. These enhancements to ESET HOME Security, as an all-in-one solution for consumers, correspond to the increasing number of advanced, automated, and

ESET HOME Security enhancements strengthen protection against AI-driven threats Read More »

Effective strategies for measuring and testing cyber resilience

attacks, CISO, cyber hygiene, cyber resilience, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, strategy, supply chain, UK /

Effective strategies for measuring and testing cyber resilience 2024-10-23 at 08:02 By Mirko Zorz In this Help Net Security interview, Detective Superintendent Ian Kirby, CEO of the National Cyber Resilience Centre Group (NCRCG), discusses the emerging cyber threats and strategies organizations can use to increase cyber resilience. He emphasizes basic cyber hygiene, security awareness training,

Effective strategies for measuring and testing cyber resilience Read More »

Argus: Open-source information gathering toolkit

Don't miss, GitHub, Hot stuff, News, open source, penetration testing, software /

Argus: Open-source information gathering toolkit 2024-10-23 at 07:33 By Help Net Security Argus is an open-source toolkit that simplifies information gathering and reconnaissance. It features a user-friendly interface and a collection of powerful modules, enabling the exploration of networks, web applications, and security configurations. Argus offers a collection of tools categorized into three main areas:

Argus: Open-source information gathering toolkit Read More »

Cybersecurity jobs available right now: October 23, 2024

cybersecurity jobs, News /

Cybersecurity jobs available right now: October 23, 2024 2024-10-23 at 06:33 By Anamarija Pogorelec Cybersecurity Engineer Texas Instruments | USA | On-site – View job details As a Cybersecurity Engineer, you will design, implement and maintain cybersecurity controls for security tools to help drive zero trust and secure by design principles across complex environments. Validate

Cybersecurity jobs available right now: October 23, 2024 Read More »

Most women in IT work overtime to advance in their careers

Acronis, cybersecurity, News, report, skill development, survey /

Most women in IT work overtime to advance in their careers 2024-10-23 at 06:03 By Help Net Security As a historically male-dominated industry, many IT companies have been described as having limited career development opportunities for female employees, according to Acronis. Issues like lack of mentorship, inadequate policies for work-life balance, and sometimes even a

Most women in IT work overtime to advance in their careers Read More »

VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812)

Broadcom, CVE, Don't miss, Hot stuff, News, security update, virtualization, VMWare, vulnerability /

VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812) 2024-10-22 at 14:02 By Zeljka Zorz Broadcom has released new patches for previously fixed vulnerabilities (CVE-2024-38812, CVE-2024-38813) in vCenter Server, one of which hasn’t been fully addressed the first time and could allow attackers to achieve remote code execution. The vulnerabilities were privately reported by

VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812) Read More »

Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383)

CVE, Don't miss, exploit, Hot stuff, News, Positive Technologies, Roundcube, vulnerability /

Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383) 2024-10-22 at 12:34 By Zeljka Zorz Attackers have exploited an XSS vulnerability (CVE-2024-37383) in the Roundcube Webmail client to target a governmental organization of a CIS country, Positive Technologies (PT) analysts have discovered. The vulnerability was patched in May 2024, in Roundcube Webmail versions 1.5.7 and

Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383) Read More »

IT security and government services: Balancing transparency and security

CivicPlus, cyberattacks, cybersecurity, Don't miss, Expert analysis, Expert corner, Government, Hot stuff, News, opinion, strategy, training /

IT security and government services: Balancing transparency and security 2024-10-22 at 07:33 By Help Net Security Government information technology leaders find themselves at a challenging balance point: On one end of the scale are increasing threats from cyber actors, bolstered by advanced technology like artificial intelligence (AI); on the other end is a longstanding commitment

IT security and government services: Balancing transparency and security Read More »

Phishing scams and malicious domains take center stage as the US election approaches

cybercrime, dark web, election security, Fortinet, News, phishing, report, scams, survey, USA /

Phishing scams and malicious domains take center stage as the US election approaches 2024-10-22 at 07:03 By Help Net Security Phishing scams aimed at voters, malicious domain registrations impersonating candidates, and other threat activity designed to exploit unassuming victims take center stage as the US election approaches, according to Fortinet. “As the 2024 US presidential

Phishing scams and malicious domains take center stage as the US election approaches Read More »

Myths holding women back from cybersecurity careers

awareness, certification, cybersecurity, Don't miss, education, Features, Hot stuff, News, opinion, professional, skill development /

Myths holding women back from cybersecurity careers 2024-10-22 at 06:33 By Mirko Zorz In this Help Net Security interview, Dr Kathryn Jones, Head of School, Computer Science and Informatics at Cardiff University, discusses the challenges and misconceptions that deter women from pursuing careers in cybersecurity. Dr Jones also outlines the diverse skills, mentorship, and outreach

Myths holding women back from cybersecurity careers Read More »

Hackers are finding new ways to leverage AI

Artificial Intelligence, Bugcrowd, cybersecurity, hacking, News, report, survey /

Hackers are finding new ways to leverage AI 2024-10-22 at 06:20 By Help Net Security AI adoption and integration has continued its rapid momentum within the hacking community, according to Bugcrowd. Nevertheless, it continues to pose both benefits and unfortunate cyber risks. This year’s report revealed a significant shift in the perceived value of AI

Hackers are finding new ways to leverage AI Read More »

Whitepaper: Securing GenAI

Don't miss, Hot stuff, IronCore Labs, News, Whitepapers and webinars /

Whitepaper: Securing GenAI 2024-10-22 at 05:48 By Help Net Security The ultimate guide to AI security: key AI security risks, vulnerabilities and strategies for protection. 61% of companies use AI, but few secure it. This whitepaper covers the key AI risks being overlooked from LLMs to RAG. Inside the Securing GenAI whitepaper: GenAI attack surface

Whitepaper: Securing GenAI Read More »

Scroll to Top