Discover the growing threats to data security 2024-07-15 at 07:01 By Mirko Zorz In this Help Net Security interview, Pranava Adduri, CEO at Bedrock Security, discusses how businesses can identify and prioritize their data security risks. Adduri emphasizes the necessity of ongoing monitoring and automation to keep up with evolving threats and maintain the shortest […]
Discover the growing threats to data security Read More »
Pressure mounts for C-Suite executives to implement GenAI solutions 2024-07-15 at 06:01 By Help Net Security 87% of C-Suite executives feel under pressure to implement GenAI solutions at speed and scale, according to RWS. Despite these pressures, 76% expressed an overwhelming excitement across their organization for the potential benefits of GenAI. However, this excitement is
Pressure mounts for C-Suite executives to implement GenAI solutions Read More »
Week in review: RADIUS protocol critical vuln, Microsoft 0-day exploited for a year, AT&T breach 2024-07-14 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Hackers stole call, text records of “nearly all” of AT&T’s cellular customers Hackers leveraging stolen Snowflake account credentials
Hackers stole call, text records of “nearly all” of AT&T’s cellular customers 2024-07-12 at 15:31 By Zeljka Zorz Hackers leveraging stolen Snowflake account credentials have stolen records of calls and texts made by “nearly all” of AT&T’s cellular customers from May to October 2022, the company has confirmed. “The data does not contain the content
Hackers stole call, text records of “nearly all” of AT&T’s cellular customers Read More »
Info of 2,3+ million individuals stolen in Advance Auto Parts data breach 2024-07-12 at 14:46 By Zeljka Zorz Personal information of over 2,3 million individuals has been stolen by attackers as part of the massive data grab via compromised Snowflake accounts without MFA protection, Advance Auto Parts has confirmed by filing notices with the attorney
Info of 2,3+ million individuals stolen in Advance Auto Parts data breach Read More »
How to design a third-party risk management framework 2024-07-12 at 07:31 By Help Net Security Most organizations focus on securing routers, servers, firewalls, and other endpoints, but threats can also arise from unfamiliar sources such as third-party networks, which can be used by hackers to attack an organization. Through a strong TPRM framework, companies gain
How to design a third-party risk management framework Read More »
Managing cyberattack fallout: Financial and operational damage 2024-07-12 at 07:01 By Mirko Zorz In this Help Net Security, Ashley Harrington, Director of Cybersecurity at Aspida, discusses the impact of cyberattack on business operations and financial health. Beyond immediate disruptions and financial burdens, cyber incident can severely damage a company’s reputation among customers and partners. Can
Managing cyberattack fallout: Financial and operational damage Read More »
Top priorities for compliance leaders this year 2024-07-12 at 06:31 By Help Net Security Legal, compliance and privacy leaders list strengthening their personal impact on company strategy as their top priority for 2024, according to Gartner. Improving third party risk management (TPRM), and ensuring compliance programs can keep pace with fast-moving regulatory requirements are the
Top priorities for compliance leaders this year Read More »
New infosec products of the week: July 12, 2024 2024-07-12 at 06:01 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from AttackIQ, IT-Harvest, Pentera, Prompt Security, and Quantum Xchange. AttackIQ Mission Control simplifies security testing for distributed teams AttackIQ Mission Control enhances AttackIQ Enterprise BAS
New infosec products of the week: July 12, 2024 Read More »
Using Authy? Beware of impending phishing attempts 2024-07-11 at 15:46 By Zeljka Zorz Do you use Authy for your multi-factor authentication needs? If you do, you should keep an eye out for phishing attempts, as well as implement defenses against SIM swapping attacks. What happened? On July 1, Twilio – the company that develops the
Using Authy? Beware of impending phishing attempts Read More »
How AI helps decode cybercriminal strategies 2024-07-11 at 07:32 By Help Net Security With terms like “AI washing” making their way into mainstream business consciousness, the hype surrounding AI is making it harder to differentiate between the true applications and empty promises of the technology. The quest for tangible business benefits is in full swing,
How AI helps decode cybercriminal strategies Read More »
Strengthening cybersecurity preparedness with defense in depth 2024-07-11 at 07:01 By Mirko Zorz In this Help Net Security interview, Chaim Mazal, Chief Security Officer at Gigamon, discusses cybersecurity preparedness measures for businesses, the impact of international inconsistencies on global operations, and the board’s role in cybersecurity. What are the top cybersecurity preparedness measures that businesses
Strengthening cybersecurity preparedness with defense in depth Read More »
Travel scams exposed: How to recognize and avoid them 2024-07-11 at 06:31 By Help Net Security In this Help Net Security video, Aaron Walton, Threat Intel Analyst at Expel, discusses travel scams. For the past 18 months, the Expel SOC team has observed a campaign targeting administrative credentials for Booking.com. The attackers create phishing emails
Travel scams exposed: How to recognize and avoid them Read More »
Valuable insights for making the right cybersecurity decisions 2024-07-11 at 06:01 By Help Net Security This article compiles excerpts from various reports, presenting statistics and insights that could be helpful for CISOs. CISOs becoming more comfortable with risk levels Netskope | The Modern CISO: Bringing Balance | June 2024 Contradicting legacy stereotypes of the CISO
Valuable insights for making the right cybersecurity decisions Read More »
How AI-powered software spreads Russian disinformation on X 2024-07-10 at 18:16 By Zeljka Zorz The US Justice Department (DoJ) has seized two US-based domains used by Russian threat actors to create fake profiles on X (formerly Twitter) that would spread disinformation in the United States and abroad. This bot farm was created and operated via
How AI-powered software spreads Russian disinformation on X Read More »
Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112) 2024-07-10 at 15:46 By Zeljka Zorz CVE-2024-38112, a spoofing vulnerability in Windows MSHTML Platform for which Microsoft has released a fix on Tuesday, has likely been exploited by attackers in the wild for over a year, Check Point researcher Haifei Li
Google removes enrollment barrier for prospective Advanced Protection Program users 2024-07-10 at 14:01 By Zeljka Zorz Google has removed a potential obstacle for high-risk users who want to enroll in the company’s Advanced Protection Program (APP): they can now do it just by setting a passkey. Users already enrolled in APP have been provided the
Google removes enrollment barrier for prospective Advanced Protection Program users Read More »
Diversifying cyber teams to tackle complex threats 2024-07-10 at 08:01 By Help Net Security Technologies such as GenAI, ML and IoT are giving threat actors new tools that make it easier to target consumers and organizations. From Savvy Seahorse which lures victims into investment scams, to a self-replicating AI worm that uses the likes of
Diversifying cyber teams to tackle complex threats Read More »
How companies increase risk exposure with rushed LLM deployments 2024-07-10 at 07:31 By Mirko Zorz In this Help Net Security interview, Jake King, Head of Threat & Security Intelligence at Elastic, discusses companies’ exposure to new security risks and vulnerabilities as they rush to deploy LLMs. King explains how LLMs pose significant risks to data
How companies increase risk exposure with rushed LLM deployments Read More »
BunkerWeb: Open-source Web Application Firewall (WAF) 2024-07-10 at 07:01 By Mirko Zorz BunkerWeb is an open-source Web Application Firewall (WAF) distributed under the AGPLv3 free license. The solution’s core code is entirely auditable by a third party and the community. “The genesis of BunkerWeb comes from the following problem: every time someone from my team
BunkerWeb: Open-source Web Application Firewall (WAF) Read More »