News

The future of automotive cybersecurity: Treating vehicles as endpoints

automotive security, connected cars, cyber risk, Don't miss, Features, Hot stuff, managed security, News, Nuspire Networks, opinion /

The future of automotive cybersecurity: Treating vehicles as endpoints 2024-09-05 at 07:31 By Zeljka Zorz The automotive industry is facing many of the same cybersecurity risks and threats that successful organizations in other sectors are up against, but it’s also battling some distinct ones. In this Help Net Security interview, Josh Smith, Principal Threat Analyst […]

The future of automotive cybersecurity: Treating vehicles as endpoints Read More »

How to gamify cybersecurity preparedness

cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, skill development, strategy, Tanium, training /

How to gamify cybersecurity preparedness 2024-09-05 at 07:01 By Help Net Security Organizations’ preparedness and resilience against threats isn’t keeping pace with cybercriminals’ advancements. Some CEOs still believe that cybersecurity requires episodic intervention rather than ongoing attention. That isn’t the reality for many companies; cyber threat preparedness requires a concerted training effort, so cybersecurity teams

How to gamify cybersecurity preparedness Read More »

Enterprise DSPM for Fortune 500 – 1touch.io is your go-to solution

1touch.io, Don't miss, News, Video /

Enterprise DSPM for Fortune 500 – 1touch.io is your go-to solution 2024-09-05 at 06:31 By Help Net Security In this Help Net Security video, Jesse Sedler, VP of Product at 1touch.io, provides a compelling overview of the company’s innovative data security posture management solutions. Founded in 2017 by industry veterans, 1touch.io leverages cutting-edge AI to

Enterprise DSPM for Fortune 500 – 1touch.io is your go-to solution Read More »

vCISO services thrive, but challenges persist

CISO, cybersecurity, Cynomi, News, report, SMBs, survey /

vCISO services thrive, but challenges persist 2024-09-05 at 06:01 By Help Net Security While 75% of service providers report high customer demand for vCISO functionality, a new Cynomi report reveals that only 21% are actively offering it—opening a window onto a growth area for service providers while emphasizing the growing centrality of vCISO services to

vCISO services thrive, but challenges persist Read More »

North Korean hackers’ social engineering tricks

Cryptocurrency, Cryptocurrency Exchange, Don't miss, government-backed attacks, Hot stuff, News, North Korea, social engineering /

North Korean hackers’ social engineering tricks 2024-09-04 at 15:31 By Zeljka Zorz “North Korean malicious cyber actors conducted research on a variety of targets connected to cryptocurrency exchange-traded funds (ETFs) over the last several months,” the FBI has warned through a public service announcement. This suggests that they are likely to target companies associated with

North Korean hackers’ social engineering tricks Read More »

Vulnerability allows Yubico security keys to be cloned

Don't miss, Encryption, hardware, Hot stuff, Infineon Technologies, MFA, News, research, security key, Yubico /

Vulnerability allows Yubico security keys to be cloned 2024-09-04 at 13:31 By Zeljka Zorz Researchers have unearthed a cryptographic vulnerability in popular Yubico (FIDO) hardware security keys and modules that may allow attackers to clone the devices. But the news is not as catastrophic as it may seem at first glance. “The attacker would need

Vulnerability allows Yubico security keys to be cloned Read More »

Samba 4.21 comes with upgraded security features

networking, News, open source, Samba, software /

Samba 4.21 comes with upgraded security features 2024-09-04 at 12:01 By Help Net Security Samba is the standard suite of programs that enables seamless interoperability between Linux/Unix and Windows systems. Version 4.21 has been officially released. Hardening In previous versions of Samba, if a user or group name in either option could not be resolved

Samba 4.21 comes with upgraded security features Read More »

Protecting national interests: Balancing cybersecurity and operational realities

Beyond Blue, CISO, critical infrastructure, cybersecurity, Don't miss, Features, GCHQ, Government, Hot stuff, NCSC, News, opinion, strategy, tips /

Protecting national interests: Balancing cybersecurity and operational realities 2024-09-04 at 07:31 By Mirko Zorz With cyber threats becoming increasingly sophisticated and targeting critical infrastructure, in this Help Net Security interview, David Ferbrache, managing director of Beyond Blue, discusses the current state of cybersecurity readiness and resilience. Ferbrache talks about the complexities of managing both traditional

Protecting national interests: Balancing cybersecurity and operational realities Read More »

OpenBAS: Open-source breach and attack simulation platform

Don't miss, Filigran, GitHub, Hot stuff, News, open source, software /

OpenBAS: Open-source breach and attack simulation platform 2024-09-04 at 07:02 By Mirko Zorz OpenBAS is an open-source platform that enables organizations to plan, schedule, and execute crisis exercises, adversary simulations, and breach simulations. Compliant with ISO 22398 standards, OpenBAS is built as a modern web application featuring a user-centric interface and a RESTful API. The

OpenBAS: Open-source breach and attack simulation platform Read More »

Cybersecurity jobs available right now: September 4, 2024

cybersecurity jobs, Don't miss, Hot stuff, News /

Cybersecurity jobs available right now: September 4, 2024 2024-09-04 at 06:31 By Mirko Zorz Cyber Systems Operations United States Air Force | USA | On-site – View job details The United States Air Force is looking for a Cyber Systems Operations Specialist to design, install, and support systems to ensure they operate properly and remain

Cybersecurity jobs available right now: September 4, 2024 Read More »

Ransomware attacks escalate as critical sectors struggle to keep up

Arctic Wolf Networks, At-Bay, cybercrime, Malwarebytes, News, Ransomware, report, Resilience Insurance, Semperis, survey, Trellix, Veeam Software, Zscaler /

Ransomware attacks escalate as critical sectors struggle to keep up 2024-09-04 at 06:03 By Help Net Security Ransomware remains a concerning cybersecurity threat, with attacks becoming more frequent, severe, and costly. Recent reports highlight alarming trends, including increased attacks on critical sectors like healthcare, education, and manufacturing. The US, leading in global ransomware incidents, faces

Ransomware attacks escalate as critical sectors struggle to keep up Read More »

Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261)

access point, consumer, Don't miss, firewall, Hot stuff, ISP, News, router, security update, SMBs, vulnerability, Zyxel /

Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261) 2024-09-03 at 16:01 By Zeljka Zorz Zyxel has patched a myriad of vulnerabilities in its various networking devices, including a critical one (CVE-2024-7261) that may allow unauthenticated attackers to execute OS commands on many Zyxel access points (APs) and security routers by

Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261) Read More »

Transport for London is dealing with a cyber security incident

Closed Door Security, cyberattack, Don't miss, Hot stuff, News, transportation, UK /

Transport for London is dealing with a cyber security incident 2024-09-03 at 12:46 By Zeljka Zorz Transport for London (TfL) has sent out notifications to customers on Sunday evening saying that they “are currently dealing with an ongoing cyber security incident.” The government body that manages most of the transport network of United Kingdom’s capital

Transport for London is dealing with a cyber security incident Read More »

Managing low-code/no-code security risks

cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, Nokod Security, opinion, Risk Management, strategy, vulnerability management /

Managing low-code/no-code security risks 2024-09-03 at 07:31 By Help Net Security Continuous threat exposure management (CTEM) – a concept introduced by Gartner – monitors cybersecurity threats continuously rather than intermittently. This five-stage framework (scoping, discovery, prioritization, validation, and mobilization) allows organizations to constantly assess and manage their security posture, reduce exposure to threats, and integrate

Managing low-code/no-code security risks Read More »

How ransomware tactics are shifting, and what it means for your business

attacks, CISO, cybercrime, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Ransomware, strategy, threats, WithSecure /

How ransomware tactics are shifting, and what it means for your business 2024-09-03 at 07:01 By Mirko Zorz In this Help Net Security interview, Tim West, Director of Threat Intelligence and Outreach at WithSecure, discusses Ransomware-as-a-Service (RaaS) with a focus on how these cybercriminal operations are adapting to increased competition, shifting structures, and a fragmented

How ransomware tactics are shifting, and what it means for your business Read More »

The attack with many names: SMS Toll Fraud

cybercrime, cybersecurity, Don't miss, fraud, Hot stuff, News, scams, Video /

The attack with many names: SMS Toll Fraud 2024-09-03 at 06:31 By Help Net Security Bad actors leverage premium-rate phone numbers and bots to steal billions of dollars from businesses. In this Help Net Security video, Frank Teruel, CFO at Arkose Labs, discusses how to spot and stop them. The post The attack with many

The attack with many names: SMS Toll Fraud Read More »

A third of organizations suffered a SaaS data breach this year

AppOmni, CISO, cybersecurity, News, report, SaaS, survey /

A third of organizations suffered a SaaS data breach this year 2024-09-03 at 06:01 By Help Net Security While SaaS security is finally getting the attention it deserves, there’s still a significant gap between intent and implementation. Ad hoc strategies and other practices still fall short of a security program. The move toward decentralization has

A third of organizations suffered a SaaS data breach this year Read More »

Complying with PCI DSS requirements by 2025

Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Integrity360, News, opinion, PCI DSS /

Complying with PCI DSS requirements by 2025 2024-09-02 at 12:31 By Help Net Security Version 4.0.1 of the Payment Card Industry Data Security Standard (PCI DSS), which came into effect back in April, incorporates a few important changes to make it fit for the modern digital world, addressing how technologies, the threat landscape and payment

Complying with PCI DSS requirements by 2025 Read More »

Damn Vulnerable UEFI: Simulate real-world firmware attacks

Don't miss, firmware, GitHub, Hot stuff, News, open source, software /

Damn Vulnerable UEFI: Simulate real-world firmware attacks 2024-09-02 at 07:31 By Help Net Security Damn Vulnerable UEFI (DVUEFI) is an open-source exploitation toolkit and learning platform for unveiling and fixing UEFI firmware vulnerabilities. Simulate real-world firmware attacks DVUEFI was created to assist ethical hackers, security researchers, and firmware enthusiasts in beginning their journey into UEFI

Damn Vulnerable UEFI: Simulate real-world firmware attacks Read More »

Ransomware crisis deepens as attacks and payouts rise

Corvus Insurance, cybercrime, News, Ransomware, report, survey, The Travelers Companies /

Ransomware crisis deepens as attacks and payouts rise 2024-09-02 at 07:01 By Help Net Security During the second quarter, new ransomware groups, including PLAY, Medusa, RansomHub, INC Ransom, BlackSuit, and some additional lesser-known factions, led a series of attacks that eclipsed the first quarter of this year by 16% and the second quarter of 2023

Ransomware crisis deepens as attacks and payouts rise Read More »

Scroll to Top