News

Patching problems: The “return” of a Windows Themes spoofing vulnerability

0-day, 0patch, ACROS Security, Data leak, Don't miss, Hot stuff, micropatch, News, Windows /

Patching problems: The “return” of a Windows Themes spoofing vulnerability 2024-10-29 at 12:18 By Zeljka Zorz Despite two patching attempts, a security issue that may allow attackers to compromise Windows user’s NTLM (authentication) credentials via a malicious Windows themes file still affects Microsoft’s operating system, 0patch researchers have discovered. The path to discovery The story […]

React to this headline:

Loading spinner

Patching problems: The “return” of a Windows Themes spoofing vulnerability Read More »

Inside console security: How innovations shape future hardware protection

cybersecurity, Don't miss, exploit, Features, hardware, Hot stuff, News, online gaming, opinion, Sony /

Inside console security: How innovations shape future hardware protection 2024-10-29 at 08:00 By Mirko Zorz In this Help Net Security interview, security researchers Specter and ChendoChap discuss gaming consoles’ unique security model, highlighting how it differs from other consumer devices. They also share their thoughts on how advancements in console security could shape future consumer

React to this headline:

Loading spinner

Inside console security: How innovations shape future hardware protection Read More »

OT PCAP Analyzer: Free PCAP analysis tool

EmberOT, networking, News, software /

OT PCAP Analyzer: Free PCAP analysis tool 2024-10-29 at 07:34 By Mirko Zorz EmberOT’s OT PCAP Analyzer, developed for the industrial security community, is a free tool providing a high-level overview of the devices and protocols in packet capture files. “The OT PCAP Analyzer was designed specifically with critical OT environments in mind. We’ve created

React to this headline:

Loading spinner

OT PCAP Analyzer: Free PCAP analysis tool Read More »

Cybersecurity jobs available right now: October 29, 2024

cybersecurity jobs, News /

Cybersecurity jobs available right now: October 29, 2024 2024-10-29 at 07:03 By Anamarija Pogorelec API Gateway Security Engineer Ness Technologies | Israel | Hybrid – View job details As an API Gateway Security Engineer, you will be responsible for managing and implementing API Gateway solutions with a strong focus on information security. Your responsibilities will

React to this headline:

Loading spinner

Cybersecurity jobs available right now: October 29, 2024 Read More »

Trust and risk in the AI era

Artificial Intelligence, automation, cybersecurity, News, report, survey, Vanta /

Trust and risk in the AI era 2024-10-29 at 06:07 By Help Net Security 55% of organizations say the security risks for their business have never been higher, according to Vanta. Yet the average company only dedicates 11% of its IT budget to security — far from the ideal allocation of 17%, according to business

React to this headline:

Loading spinner

Trust and risk in the AI era Read More »

Black Basta operators phish employees via Microsoft Teams

Don't miss, enterprise, Hot stuff, Microsoft Teams, News, phishing, Ransomware, ReliaQuest, SMBs, social engineering /

Black Basta operators phish employees via Microsoft Teams 2024-10-28 at 18:51 By Zeljka Zorz Black Basta ransomware affiliates are still trying to trick enterprise employees into installing remote access tool by posing as help desk workers, now also via Microsoft Teams. Phishing via MS Teams Earlier this year, Rapid7 warned about Black Basta using the

React to this headline:

Loading spinner

Black Basta operators phish employees via Microsoft Teams Read More »

Police hacks, disrupts Redline, Meta infostealer operations

Don't miss, Hot stuff, law enforcement, Malware, News /

Police hacks, disrupts Redline, Meta infostealer operations 2024-10-28 at 16:25 By Zeljka Zorz The Dutch National Police, along with partner law enforcement agencies, has disrupted the operation of the Redline and Meta infostealers and has collected information that may unmask users who paid to leverage the infamous malware. Screenshot of the Redline License Server panel

React to this headline:

Loading spinner

Police hacks, disrupts Redline, Meta infostealer operations Read More »

A good cyber leader prioritizes the greater good

cyber hygiene, cybersecurity, Don't miss, Expert analysis, Expert corner, ExtraHop, Hot stuff, News, opinion, strategy /

A good cyber leader prioritizes the greater good 2024-10-28 at 08:01 By Help Net Security In the war against malicious cyber activity, it’s time for security vendors to step in – and it’s not how you might think. CISA Director Jen Easterly put it right at this year’s Black Hat conference: “We got ourselves into

React to this headline:

Loading spinner

A good cyber leader prioritizes the greater good Read More »

How isolation technologies are shaping the future of Kubernetes security

containers, cybersecurity, Don't miss, Edera, Features, Hot stuff, Kubernetes, News, opinion, regulation /

How isolation technologies are shaping the future of Kubernetes security 2024-10-28 at 08:01 By Mirko Zorz In this Help Net Security interview, Emily Long, CEO at Edera, discusses the most common vulnerabilities in Kubernetes clusters and effective mitigation strategies. Long shares insights on emerging isolation technologies that could enhance Kubernetes security and better protect containerized

React to this headline:

Loading spinner

How isolation technologies are shaping the future of Kubernetes security Read More »

Fraudsters revive old tactics mixed with modern technology

cybercrime, cybersecurity, fraud, News, report, scams, survey, Visa /

Fraudsters revive old tactics mixed with modern technology 2024-10-28 at 07:04 By Help Net Security Threat actors continue to probe the payments ecosystem for vulnerabilities and were successful in conducting fraud schemes affecting multiple financial institutions, technologies, and processes, according to Visa. The resurgence of physical theft Scammers are going back to basics with an

React to this headline:

Loading spinner

Fraudsters revive old tactics mixed with modern technology Read More »

Top 10 strategic technology trends shaping the future of business

Artificial Intelligence, CIO, cybersecurity, digital transformation, Gartner, News, report, strategy, survey /

Top 10 strategic technology trends shaping the future of business 2024-10-28 at 06:03 By Help Net Security The ethical and responsible use of technology is fast becoming part of the mandate for CIOs, as organizations balance the need for progress with the protection of stakeholders’ trust and well-being, according to Gartner. “This year’s top strategic

React to this headline:

Loading spinner

Top 10 strategic technology trends shaping the future of business Read More »

Week in review: Fortinet patches critical FortiManager 0-day, VMware fixes vCenter Server RCE

News, Week in review /

Week in review: Fortinet patches critical FortiManager 0-day, VMware fixes vCenter Server RCE 2024-10-27 at 11:19 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Fortinet releases patches for publicly undisclosed critical FortiManager vulnerability In the last couple of days, Fortinet has released critical security

React to this headline:

Loading spinner

Week in review: Fortinet patches critical FortiManager 0-day, VMware fixes vCenter Server RCE Read More »

SEC fines tech companies for misleading SolarWinds disclosures

Avaya, Check Point, Compliance, cyber risk, Don't miss, Mimecast, News, SolarWinds, Unisys /

SEC fines tech companies for misleading SolarWinds disclosures 2024-10-25 at 15:07 By Help Net Security The Securities and Exchange Commission charged four current and former public companies – Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd, and Mimecast Limited – with making materially misleading disclosures regarding cybersecurity risks and intrusions. The SEC also

React to this headline:

Loading spinner

SEC fines tech companies for misleading SolarWinds disclosures Read More »

Exploited: Cisco, SharePoint, Chrome vulnerabilities

brute-force, Chrome, CISA, Cisco, Don't miss, enterprise, exploit, Hot stuff, Kaspersky, News, PoC, SharePoint, vulnerability /

Exploited: Cisco, SharePoint, Chrome vulnerabilities 2024-10-25 at 13:33 By Zeljka Zorz Threat actors have been leveraging zero and n-day vulnerabilities in Cisco security appliances (CVE-2024-20481), Microsoft Sharepoint (CVE-2024-38094), and Google’s Chrome browser (CVE-2024-4947). CVE-2024-20481 (Cisco ASA/FTD) In the past few days, Cisco has released fixes for a slew of vulnerabilities affecting the software powering its

React to this headline:

Loading spinner

Exploited: Cisco, SharePoint, Chrome vulnerabilities Read More »

Proof Verify reduces false positives and improves fraud detection accuracy

News, Proof /

Proof Verify reduces false positives and improves fraud detection accuracy 2024-10-25 at 12:04 By Industry News Proof launched Verify, a live face-to-face experience that delivers high-level assurance with identity verification performed in the presence of an agent, reducing the risk of fraudulent activities such as deepfakes by ensuring that users are legitimate. Organizations and consumers

React to this headline:

Loading spinner

Proof Verify reduces false positives and improves fraud detection accuracy Read More »

Achieving peak cyber resilience

Artificial Intelligence, cyber resilience, cyberattacks, cybersecurity, Data Protection, disaster recovery, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, Veritas Technologies /

Achieving peak cyber resilience 2024-10-25 at 08:03 By Help Net Security Climbing Mount Everest isn’t a feat for the faint hearted. Extreme weather, dangerous terrain and acclimatization requirements make the trek challenging for even the most experienced climbers. It’s estimated that the expedition takes more than two months, on average. That’s a lengthy process that

React to this headline:

Loading spinner

Achieving peak cyber resilience Read More »

The future of cyber insurance: Meeting the demand for non-attack coverage

access control, Allianz, cyber insurance, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Privacy, Ransomware, risk assessment /

The future of cyber insurance: Meeting the demand for non-attack coverage 2024-10-25 at 07:35 By Mirko Zorz In this Help Net Security interview, Michael Daum, Head of Global Cyber Claims for Allianz Commercial, discusses the significant rise in cyber claims in 2024, driven by an increase in data breaches and ransomware attacks. Daum highlights the

React to this headline:

Loading spinner

The future of cyber insurance: Meeting the demand for non-attack coverage Read More »

Unclear pricing for GRC tools creates market confusion

cybersecurity, Gartner, GRC, News, report, risk assessment, strategy, survey /

Unclear pricing for GRC tools creates market confusion 2024-10-25 at 06:33 By Help Net Security Due to widely varying government, risk, and compliance (GRC) tool pricing, enterprise risk management (ERM) leaders must understand four different pricing-tier categories of GRC solutions and apply a scoping framework to further estimate likely costs ahead of vendor selection, according

React to this headline:

Loading spinner

Unclear pricing for GRC tools creates market confusion Read More »

New infosec products of the week: October 25, 2024

Fastly, IBM, Ivanti, Kusari, News, Nucleus Security /

New infosec products of the week: October 25, 2024 2024-10-25 at 06:03 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Fastly, IBM, Ivanti, Kusari, and Nucleus Security. IBM Guardium Data Security Center protects hybrid cloud and AI IBM Guardium Data Security Center provides a

React to this headline:

Loading spinner

New infosec products of the week: October 25, 2024 Read More »

Trustwave Again Named as an MSSP Alert Top 10 Managed Security Services Provider

database security, Managed Detection and Response, Managed Security Services, News, SIEM/SOC, Spotlights /

Trustwave Again Named as an MSSP Alert Top 10 Managed Security Services Provider 2024-10-24 at 16:03 By For eight consecutive years, MSSP Alert has named Trustwave as one of the Top 10 Managed Security Services Providers worldwide. Trustwave placed 10th on MSSP’s 2024 Top 250 MSSP list, indicating the company’s status as a leading provider of managed security services. This

React to this headline:

Loading spinner

Trustwave Again Named as an MSSP Alert Top 10 Managed Security Services Provider Read More »

Scroll to Top