The challenges of GenAI in fintech 2024-05-20 at 08:01 By Help Net Security Due to the cybersecurity disclosure rules the Securities and Exchange Commission (SEC) has adopted in 2023, public entities in the US are required to disclose any material cybersecurity incidents. Moving forward, these organizations will need in-depth knowledge of the impact, nature, scope […]
The challenges of GenAI in fintech Read More »
Grafana: Open-source data visualization platform 2024-05-20 at 07:31 By Mirko Zorz Grafana is an open-source solution for querying, visualizing, alerting, and exploring metrics, logs, and traces regardless of where they are stored. Grafana provides tools to transform your time-series database (TSDB) data into meaningful graphs and visualizations. Additionally, its plugin framework lets you integrate various
Grafana: Open-source data visualization platform Read More »
Cybercriminals shift tactics to pressure more victims into paying ransoms 2024-05-20 at 07:01 By Help Net Security Ransomware didn’t just grow in the US in 2023, it evolved, with the frequency of ransomware claims jumping 64% year-over-year, according to At-Bay. This was primarily driven by an explosion in “indirect” ransomware incidents which increased by more
Cybercriminals shift tactics to pressure more victims into paying ransoms Read More »
Consumers continue to overestimate their ability to spot deepfakes 2024-05-20 at 06:31 By Help Net Security The Jumio 2024 Online Identity Study reveals significant consumer concerns about the risks posed by generative AI and deepfakes, including the potential for increased cybercrime and identity fraud. The study examined the views of more than 8,000 adult consumers,
Consumers continue to overestimate their ability to spot deepfakes Read More »
Week in review: New Black Basta’s social engineering campaign, passing the CISSP exam in 6 weeks 2024-05-19 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Black Basta target orgs with new social engineering campaign Black Basta, one of the most prolific ransomware-as-a-service
US exposes scheme enabling North Korean IT workers to bypass sanctions 2024-05-17 at 14:46 By Zeljka Zorz The US Justice Department had unsealed charges against a US woman and an Ukranian man who, along with three unidentified foreign nationals, have allegedly helped North Korean IT workers work remotely for US companies under assumed US identities
US exposes scheme enabling North Korean IT workers to bypass sanctions Read More »
The importance of access controls in incident response 2024-05-17 at 12:31 By Help Net Security The worst time to find out your company doesn’t have adequate access controls is when everything is on fire. The worst thing that can happen during an incident is that your development and operations teams are blocked from solving the
The importance of access controls in incident response Read More »
The IT skills shortage situation is not expected to get any better 2024-05-17 at 07:31 By Help Net Security A growing IT skills shortage is impacting organizations in all industries and across all regions, according to IDC. In a recent IDC survey of North American IT leaders, nearly two thirds said that a lack of
The IT skills shortage situation is not expected to get any better Read More »
Too many ICS assets are exposed to the public internet 2024-05-17 at 06:31 By Help Net Security The enterprise attack surface is expanding in multiple ways, becoming more numerous and more specific, according to runZero. “Our research reveals alarming gaps and unexpected trends in enterprise infrastructure, including the decay of network segmentation, persistent challenges in
Too many ICS assets are exposed to the public internet Read More »
New infosec products of the week: May 17, 2024 2024-05-17 at 06:01 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Calix, FireMon, ManageEngine, and OWASP Foundation. Calix strengthens SmartBiz security with automated alerts and anti-spam compliance tools Calix unveiled updates to SmartBiz, a purpose-built
New infosec products of the week: May 17, 2024 Read More »
Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002) 2024-05-16 at 14:16 By Zeljka Zorz New versions of Git are out, with fixes for five vulnerabilities, the most critical (CVE-2024-32002) of which can be used by attackers to remotely execute code during a “clone” operation. About Git Git is a widely-popular distributed version
Google fixes third exploited Chrome zero-day in a week (CVE-2024-4947) 2024-05-16 at 12:01 By Zeljka Zorz For the third time in the last seven days, Google has fixed a Chrome zero-day vulnerability (CVE-2024-4947) for which an exploit exists in the wild. About CVE-2024-4947 CVE-2024-4947 is a type confusion vulnerability in V8, Chrome’s JavaScript and WebAssembly
Google fixes third exploited Chrome zero-day in a week (CVE-2024-4947) Read More »
Is an open-source AI vulnerability next? 2024-05-16 at 08:31 By Help Net Security AI has captured widespread interest and offers numerous benefits. However, its rapid advancement and widespread adoption raise concerns, especially for those of us in cybersecurity. With so much interest, there are lots of insecure applications finding their way onto our devices and
Is an open-source AI vulnerability next? Read More »
OWASP dep-scan: Open-source security and risk audit tool 2024-05-16 at 08:01 By Mirko Zorz OWASP dep-scan is an open-source security and risk assessment tool that leverages information on vulnerabilities, advisories, and licensing restrictions for project dependencies. It supports local repositories and container images as input sources, making it suitable for integration with ASPM/VM platforms and
OWASP dep-scan: Open-source security and risk audit tool Read More »
Ebury botnet compromises 400,000+ Linux servers 2024-05-16 at 07:31 By Help Net Security ESET researchers released its deep-dive investigation into one of the most advanced server-side malware campaigns. It is still growing and has seen hundreds of thousands of compromised servers in its at least 15-year-long operation. The Ebury group and botnet have been involved
Ebury botnet compromises 400,000+ Linux servers Read More »
Product showcase: Block ads, cookie pop-ups, trackers with CleanWeb 2024-05-16 at 07:01 By Help Net Security A study by PageFair revealed that ad blocker usage surged by 30% in 2016 alone, reflecting a growing public concern for privacy and uninterrupted browsing. Fast-forward to today, and the numbers are even more dramatic. According to Forbes, Americans
Product showcase: Block ads, cookie pop-ups, trackers with CleanWeb Read More »
Cloud security incidents make organizations turn to AI-powered prevention 2024-05-16 at 06:31 By Help Net Security Cloud security incidents are alarmingly on the rise, with 61% of organizations reporting breaches within the last year, marking a significant increase from 24% the year before, according to Check Point. This trend underscores the escalating risk landscape in
Cloud security incidents make organizations turn to AI-powered prevention Read More »
How attackers deliver malware to Foxit PDF Reader users 2024-05-15 at 16:31 By Zeljka Zorz Threat actors are taking advantage of the flawed design of Foxit PDF Reader’s alerts to deliver malware via booby-trapped PDF documents, Check Point researchers have warned. Exploiting the issue The researchers have analyzed several campaigns using malicious PDF files that
How attackers deliver malware to Foxit PDF Reader users Read More »
Core security measures to strengthen privacy and data protection programs 2024-05-15 at 08:01 By Mirko Zorz As privacy laws evolve globally, organizations face increasing complexity in adapting their data protection strategies to stay compliant. In this Help Net Security interview, Kabir Barday, CEO at OneTrust, emphasizes that embracing privacy by design enables organizations to navigate
Core security measures to strengthen privacy and data protection programs Read More »
Cybersecurity jobs available right now: May 15, 2024 2024-05-15 at 07:31 By Anamarija Pogorelec Associate / Pentester (Red Team) – Cybersecurity Audit Siemens | Germany | Hybrid – View job details As an Associate / Pentester (Red Team) – Cybersecurity Audit, you will be responsible for conducting cybersecurity assessments across the entire Siemens landscape, including
Cybersecurity jobs available right now: May 15, 2024 Read More »