New infosec products of the week: June 14, 2024 2024-06-14 at 06:01 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Acronis, Diligent, Entrust, KELA, Plainsea, and SentinelOne. Plainsea: Cybersecurity platform that enables continuous service delivery Designed with managed security service providers in mind, Plainsea […]
New infosec products of the week: June 14, 2024 Read More »
PHP command injection flaw exploited to deliver ransomware (CVE-2024-4577) 2024-06-13 at 15:01 By Zeljka Zorz An OS command injection vulnerability in Windows-based PHP (CVE-2024-4577) in CGI mode is being exploited by the TellYouThePass ransomware gang. Imperva says the attacks started on June 8, two days after the PHP development team pushed out fixes, and one
PHP command injection flaw exploited to deliver ransomware (CVE-2024-4577) Read More »
Urgently needed: AI governance in cyber warfare 2024-06-13 at 12:31 By Help Net Security Artificial intelligence is quickly becoming central to societal growth. AI has great power to improve daily life, from education to healthcare, from sustainability to defense. AI also brings to the forefront a number of risks that cut across the core values
Urgently needed: AI governance in cyber warfare Read More »
How businesses can integrate token technology into existing payment systems 2024-06-13 at 07:02 By Mirko Zorz In this Help Net Security interview, Mark Nelsen, SVP and Global Head of Consumer Product at Visa, discusses the integration of token technology into existing payment systems. How do businesses integrate tokenization into their existing payment systems, and what
How businesses can integrate token technology into existing payment systems Read More »
GenAI keeps cybersecurity pros on high alert 2024-06-13 at 06:01 By Help Net Security “Businesses across every industry face unprecedented challenges posed by an increasing attack surface, zero-day vulnerabilities, cloud misconfigurations, and new emerging threats driven by AI,” said Andrei Florescu, president and GM of Bitdefender Business Solutions Group. “The findings of our recent survey
GenAI keeps cybersecurity pros on high alert Read More »
AWS unveils new and improved security features 2024-06-12 at 18:31 By Zeljka Zorz At its annual re:Inforce conference, Amazon Web Services (AWS) has announced new and enhanced security features and tools. Additional multi-factor authentication option To facilitate the concerted push to get customers to secure their accounts with multiple authentication factors, AWS has added support
AWS unveils new and improved security features Read More »
20,000 FortiGate appliances compromised by Chinese hackers 2024-06-12 at 14:16 By Zeljka Zorz Coathanger – a piece of malware specifically built to persist on Fortinet’s FortiGate appliances – may still be lurking on too many devices deployed worldwide. How Coathanger persists on FortiGate devices In February 2024, the Dutch Military Intelligence and Security Service (MIVD)
20,000 FortiGate appliances compromised by Chinese hackers Read More »
Major cybersecurity upgrades announced to safeguard American healthcare 2024-06-12 at 13:01 By Help Net Security Recent cyberattacks targeting the nation’s healthcare system have demonstrated the vulnerability of hospitals and payment systems. Providers across the health system had to scramble for funding after one attack on a key payment system. And some hospitals had to redirect
Major cybersecurity upgrades announced to safeguard American healthcare Read More »
Microsoft launches cybersecurity program to tackle attacks, protect rural hospitals 2024-06-12 at 13:01 By Help Net Security Microsoft has unveiled a new cybersecurity program to support hospitals serving more than 60 million people living in rural America. In 2023, the healthcare sector reported more ransomware attacks than any other critical infrastructure sector and attacks involving
Microsoft launches cybersecurity program to tackle attacks, protect rural hospitals Read More »
Open-source security in AI 2024-06-12 at 07:31 By Help Net Security New AI products are coming onto the market faster than we have seen in any previous technology revolution. Companies’ free access and right to use open source in AI software models has allowed them to prototype an AI product to market cheaper than ever
Open-source security in AI Read More »
Security and privacy strategies for CISOs in a mobile-first world 2024-06-12 at 07:01 By Mirko Zorz In this Help Net Security interview, Jim Dolce, CEO at Lookout, discusses securing mobile devices to mitigate escalating cloud threats. He emphasizes that organizations must shift their approach to data security, acknowledging the complexities introduced by mobile access to
Security and privacy strategies for CISOs in a mobile-first world Read More »
Cybersecurity jobs available right now: June 12, 2024 2024-06-12 at 06:31 By Anamarija Pogorelec Cloud Security Engineer Metacore | Germany | Hybrid – View job details As a Cloud Security Engineer, you will develop, implement, and maintain cloud security architecture, policies, and procedures. You will collaborate with game and infrastructure teams to identify, evaluate, and
Cybersecurity jobs available right now: June 12, 2024 Read More »
Microsoft fixes RCE vulnerabilities in MSMQ, Outlook (CVE-2024-30080, CVE-2024-30103) 2024-06-11 at 23:01 By Zeljka Zorz June 2024 Patch Tuesday is here and Microsoft has delivered fixes for a critical MSMQ flaw (CVE-2024-30080) and a RCE vulnerability in Microsoft Outlook (CVE-2024-30103). 49 CVE-numbered vulnerabilities have been fixed in total, none of which have been exploited in
Microsoft fixes RCE vulnerabilities in MSMQ, Outlook (CVE-2024-30080, CVE-2024-30103) Read More »
Users of JetBrains IDEs at risk of GitHub access token compromise (CVE-2024-37051) 2024-06-11 at 15:46 By Zeljka Zorz JetBrains has fixed a critical vulnerability (CVE-2024-37051) that could expose users of its integrated development environments (IDEs) to GitHub access token compromise. About CVE-2024-37051 JetBrains offers IDEs for various programming languages. CVE-2024-37051 is a vulnerability in the
Users of JetBrains IDEs at risk of GitHub access token compromise (CVE-2024-37051) Read More »
Cloud migration expands the CISO role yet again 2024-06-11 at 07:31 By Help Net Security The CISO role used to be focused primarily on information security — creating and implementing policies to safeguard an organization’s data and IT infrastructure from cybersecurity threats. However, as organizations rapidly migrate to cloud environments, the responsibilities and challenges for
Cloud migration expands the CISO role yet again Read More »
Preparing for a career in cybersecurity? Check out these statistics 2024-06-11 at 07:01 By Help Net Security This article includes excerpts from various reports that provide statistics and insights on cybersecurity jobs, skills shortages, and workforce dynamics. Lack of skills and budget slow zero-trust implementation Entrust | 2024 State of Zero Trust & Encryption Study
Preparing for a career in cybersecurity? Check out these statistics Read More »
Security providers view compliance as a high-growth opportunity 2024-06-11 at 06:01 By Help Net Security 85% of managed service and security providers face significant challenges maintaining compliance for customers, with lack of resources, expertise, or technology cited as the most common roadblocks to offering managed compliance, according to Apptega. That being said, the survey also
Security providers view compliance as a high-growth opportunity Read More »
The number of known Snowflake customer data breaches is rising 2024-06-10 at 15:46 By Zeljka Zorz LendingTree subsidiary QuoteWizard and automotive parts provider Advance Auto Parts have been revealed as victims of attackers who are trying to sell data stolen from Snowflake-hosted cloud databases. Snowflake says that their investigation is still ongoing, but continues to
The number of known Snowflake customer data breaches is rising Read More »
AI’s role in accelerating vulnerability management 2024-06-10 at 08:01 By Help Net Security With its capability to analyze, predict, and automate, AI stands to reshape many corners of business, most notably cybersecurity. In the field of vulnerability management specifically, AI is poised to have a profound impact, enhancing two key areas: Providing quicker analysis and
AI’s role in accelerating vulnerability management Read More »
Radare: Open-source reverse engineering framework 2024-06-10 at 07:32 By Mirko Zorz Radare is an open-source UNIX-like reverse engineering framework and command-line toolset. It can be scripted, modified, and used for batch analysis. “I started the project in 2006 when I was working as a forensic analyst, and I wrote a simple command-line hexadecimal editor to
Radare: Open-source reverse engineering framework Read More »