News

Organizations fail to log 44% of cyber attacks, major exposure gaps remain

access control, cybersecurity, network, News, Picus Security, report, threat /

Organizations fail to log 44% of cyber attacks, major exposure gaps remain 2024-08-02 at 07:31 By Help Net Security 40% of tested environments allowed attack paths that lead to domain admin access, according to Picus Security. Achieving domain admin access is particularly concerning because it is the highest level of access within an organization’s IT […]

Organizations fail to log 44% of cyber attacks, major exposure gaps remain Read More »

Record-breaking $75 million ransom paid to cybercrime group

attacks, Barrier Networks, extortion, law enforcement, News, Ransomware, report, zero trust, Zscaler /

Record-breaking $75 million ransom paid to cybercrime group 2024-08-02 at 07:01 By Help Net Security Ransomware attacks have reached new heights of ambition and audacity over the past year, marked by a notable surge in extortion attacks, according to a Zscaler. The findings from the report uncovered a record-breaking ransom payment of $75 million to

Record-breaking $75 million ransom paid to cybercrime group Read More »

Open-source project enables Raspberry Pi Bluetooth Wi-Fi network configuration

Bluetooth, GitHub, networking, News, open source, remote.it, software /

Open-source project enables Raspberry Pi Bluetooth Wi-Fi network configuration 2024-08-02 at 06:31 By Help Net Security Remote.It released its open-source project to enable Raspberry Pi Bluetooth (BLE) Wi-Fi network configuration. The project allows a computer or mobile device to easily transfer a Wi-Fi configuration via Bluetooth, the same way users set up smart devices around

Open-source project enables Raspberry Pi Bluetooth Wi-Fi network configuration Read More »

New infosec products of the week: August 2, 2024

Adaptive Shield, Clutch Security, Fortanix, News, Nucleus Security, Synack, Wing Security /

New infosec products of the week: August 2, 2024 2024-08-02 at 06:01 By Anamarija Pogorelec Here’s a look at the most interesting products from the past week, featuring releases from: Adaptive Shield, Fortanix, Clutch Security, Nucleus Security, Wing Security and Synack. Adaptive Shield unveils ITDR platform for SaaS Adaptive Shield has unveiled its Identity Threat

New infosec products of the week: August 2, 2024 Read More »

Threat intelligence: A blessing and a curse?

automation, cybersecurity, Cyware, data, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, Threat Intelligence /

Threat intelligence: A blessing and a curse? 2024-08-01 at 07:31 By Help Net Security Access to timely and accurate threat intelligence is now core to security operations for many organizations. Today, it seems that security teams are blessed with an abundance of data and intelligence feeds to choose from. However, selecting the right information from

Threat intelligence: A blessing and a curse? Read More »

Why CISOs face greater personal liability

CISO, communication, cyber resilience, cybersecurity, Don't miss, Features, Hot stuff, Insurance, News, opinion, Veritas Technologies /

Why CISOs face greater personal liability 2024-08-01 at 07:01 By Mirko Zorz In this Help Net Security interview, Christos Tulumba, CISO at Veritas Technologies, discusses the key factors contributing to increased personal liability risks for CISOs. These risks are driven by heightened cybersecurity threats, evolving regulations, and increased public awareness of security breaches. Tulumba also

Why CISOs face greater personal liability Read More »

Airlines are flying blind on third-party risks

cyber risk, cybersecurity, News, report, SecurityScorecard, survey, transportation /

Airlines are flying blind on third-party risks 2024-08-01 at 06:01 By Help Net Security The aviation industry has traditionally focused on physical security threats, but recent revelations about risks on Boeing‘s supply chain have spotlighted the critical need to measure and mitigate supply chain risk, according to SecurityScorecard. The report comes as regulatory bodies worldwide

Airlines are flying blind on third-party risks Read More »

Infosec products of the month: July 2024

AttackIQ, AuditBoard, Black Kite, BlueVoyant, Druva, GitGuardian, Invicti Security, IT-Harvest, LogRhythm, LOKKER, News, NordVPN, Pentera, Permit.io, Prompt Security, Quantum Xchange, Regula, Rezonate, Scythe, Secure Code Warrior, Strata Identity /

Infosec products of the month: July 2024 2024-08-01 at 05:46 By Help Net Security Here’s a look at the most interesting products from the past month, featuring releases from: AttackIQ, AuditBoard, Black Kite, BlueVoyant, Druva, GitGuardian, Invicti Security, IT-Harvest, LogRhythm, LOKKER, NordVPN, Pentera, Permit.io, Prompt Security, Quantum Xchange, Regula, Rezonate, Scythe, Secure Code Warrior, and

Infosec products of the month: July 2024 Read More »

SMS Stealer malware targeting Android users: Over 105,000 samples identified

Android, cybercrime, cybersecurity, Don't miss, Malware, News, scams, Zimperium /

SMS Stealer malware targeting Android users: Over 105,000 samples identified 2024-07-31 at 17:49 By Help Net Security Zimperium’s zLabs team has uncovered a new and widespread threat dubbed SMS Stealer. Detected during routine malware analysis, this malicious software has been found in over 105,000 samples, affecting more than 600 global brands. SMS Stealer’s extensive reach

SMS Stealer malware targeting Android users: Over 105,000 samples identified Read More »

Microsoft: DDoS defense error amplified attack on Azure, leading to outage

botnet, DDoS, Don't miss, Hot stuff, Microsoft, Microsoft 365, Microsoft Azure, News /

Microsoft: DDoS defense error amplified attack on Azure, leading to outage 2024-07-31 at 13:46 By Zeljka Zorz A DDoS attack that started on Tuesday has made a number of Microsoft Azure and Microsoft 365 services temporarily inaccessible, the company has confirmed. Microsoft’s mitigation statement on the Azure status history page Microsoft Azure, 365 outage triggered

Microsoft: DDoS defense error amplified attack on Azure, leading to outage Read More »

Innovative approach promises faster bug fixes

News, programming, research /

Innovative approach promises faster bug fixes 2024-07-31 at 12:02 By Help Net Security Modern software applications usually consist of numerous files and several million lines of code. Due to the sheer quantity, finding and correcting faults, known as debugging, is difficult. In many software companies, developers still search for faults manually, which takes up a

Innovative approach promises faster bug fixes Read More »

What CISOs need to keep CEOs (and themselves) out of jail

CEO, CISO, communication, cybersecurity, Don't miss, Expert analysis, Expert corner, Gutsy, Hot stuff, monitoring, News, opinion, security controls /

What CISOs need to keep CEOs (and themselves) out of jail 2024-07-31 at 07:32 By Help Net Security Former Uber CISO Joe Sullivan, who was convicted for attempting to cover up a data breach Uber suffered in 2016, recently posited that in the very near future, CEOs might find themselves held directly responsible for cybersecurity

What CISOs need to keep CEOs (and themselves) out of jail Read More »

Secretive: Open-source app for storing and managing SSH keys in the Secure Enclave

Don't miss, GitHub, Hot stuff, macOS, News, open source, software /

Secretive: Open-source app for storing and managing SSH keys in the Secure Enclave 2024-07-31 at 07:02 By Help Net Security Secretive is an open-source, user-friendly app designed to store and manage SSH keys within the Secure Enclave. Typically, SSH keys are stored on disk with appropriate permissions, which is usually sufficient. However, it’s not overly

Secretive: Open-source app for storing and managing SSH keys in the Secure Enclave Read More »

Cybersecurity jobs available right now: July 31, 2024

cybersecurity jobs, News /

Cybersecurity jobs available right now: July 31, 2024 2024-07-31 at 06:32 By Anamarija Pogorelec Cloud Security Architect Precisely | United Kingdom | Remote – View job details As a Cloud Security Architect, you will be responsible for the design and architecture of Precisely’s cloud security posture. Determine security requirements by evaluating business and product strategies,

Cybersecurity jobs available right now: July 31, 2024 Read More »

Leveraging dynamic configuration for seamless and compliant software changes

Artificial Intelligence, code, Compliance, configuration management, cybersecurity, Don't miss, Features, Hot stuff, Lekko, News, opinion, regulation, risk assessment /

Leveraging dynamic configuration for seamless and compliant software changes 2024-07-31 at 06:01 By Mirko Zorz In this Help Net Security interview, Konrad Niemiec, CEO and Founder of Lekko, discusses the benefits of dynamic configuration in preventing system outages and enabling faster response times during incidents. Niemiec explains how dynamic configuration evolves feature flagging, supports operational

Leveraging dynamic configuration for seamless and compliant software changes Read More »

Average data breach cost jumps to $4.88 million, collateral damage increased

Artificial Intelligence, automation, critical infrastructure, cybersecurity, data breach, IBM, News, report, threat detection /

Average data breach cost jumps to $4.88 million, collateral damage increased 2024-07-30 at 15:16 By Help Net Security IBM released its annual Cost of a Data Breach Report revealing the global average cost of a data breach reached $4.88 million in 2024, as breaches grow more disruptive and further expand demands on cyber teams. Breach

Average data breach cost jumps to $4.88 million, collateral damage increased Read More »

VMware ESXi auth bypass zero-day exploited by ransomware operators (CVE-2024-37085)

CVE, Don't miss, enterprise, Hot stuff, Microsoft, News, Ransomware, virtualization, VMWare, vulnerability /

VMware ESXi auth bypass zero-day exploited by ransomware operators (CVE-2024-37085) 2024-07-30 at 14:01 By Zeljka Zorz Ransomware operators have been leveraging CVE-2024-37085, an authentication bypass vulnerability affecting Active Directory domain-joined VMware ESXi hypervisors, to gain full administrative access to them and encrypt their file system. VMware owner Broadcom has released a fix for CVE-2024-37085 on

VMware ESXi auth bypass zero-day exploited by ransomware operators (CVE-2024-37085) Read More »

Review: Action1 – Simple and powerful patch management

Action1, cybersecurity, Don't miss, Hot stuff, MFA, News, patching, Review, Reviews, SaaS, software /

Review: Action1 – Simple and powerful patch management 2024-07-30 at 07:16 By Help Net Security Although endpoint anti-malware and other security controls are now standard at the operating system level, keeping all endpoint software up-to-date and secure remains an open issue for many organizations. Patch management is not yet a commodity, and substantial improvements can

Review: Action1 – Simple and powerful patch management Read More »

Securing remote access to mission-critical OT assets

Claroty, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, remote access, threats /

Securing remote access to mission-critical OT assets 2024-07-30 at 07:01 By Mirko Zorz In this Help Net Security interview, Grant Geyer, Chief Strategy Officer at Claroty, discusses the prevalent vulnerabilities in Windows-based engineering workstations (EWS) and human-machine interfaces (HMI) within OT environments. Geyer also addresses the challenges and solutions for securing remote access to critical

Securing remote access to mission-critical OT assets Read More »

Coding practices: The role of secure programming languages

Don't miss, Hot stuff, News, NIST, software development, tips /

Coding practices: The role of secure programming languages 2024-07-30 at 06:31 By Mirko Zorz Safety and quality are not features that can be added through testing — they must be integral to the design. Opting for a safer or more secure language or language subset during implementation can eliminate entire categories of vulnerabilities. The Software

Coding practices: The role of secure programming languages Read More »

Scroll to Top