News

Researchers unveil novel attack methods targeting Intel’s conditional branch predictor

attacks, chip, cybersecurity, hardware, Intel, News, software /

Researchers unveil novel attack methods targeting Intel’s conditional branch predictor 2024-04-29 at 13:46 By Help Net Security Researchers have found two novel types of attacks that target the conditional branch predictor found in high-end Intel processors, which could be exploited to compromise billions of processors currently in use. The multi-university and industry research team led

Researchers unveil novel attack methods targeting Intel’s conditional branch predictor Read More »

DHS establishes AI Safety and Security Board to protect critical infrastructure

Artificial Intelligence, critical infrastructure, cybersecurity, DHS, Government, News, USA /

DHS establishes AI Safety and Security Board to protect critical infrastructure 2024-04-29 at 12:31 By Help Net Security The Department of Homeland Security announced the establishment of the Artificial Intelligence Safety and Security Board (the Board). The Board will advise the Secretary, the critical infrastructure community, other private sector stakeholders, and the broader public on

DHS establishes AI Safety and Security Board to protect critical infrastructure Read More »

Prompt Fuzzer: Open-source tool for strengthening GenAI apps

Artificial Intelligence, Don't miss, generative AI, GitHub, Hot stuff, News, open source, software /

Prompt Fuzzer: Open-source tool for strengthening GenAI apps 2024-04-29 at 08:01 By Mirko Zorz Prompt Fuzzer is an open-source tool that evaluates the security of your GenAI application’s system prompt against dynamic LLM-based threats. Prompt Fuzzer features Simulation of over a dozen types of GenAI attacks The tool contextualizes itself automatically based on the system

Prompt Fuzzer: Open-source tool for strengthening GenAI apps Read More »

AI is creating a new generation of cyberattacks

Artificial Intelligence, cybersecurity, Netacea, News, report, survey /

AI is creating a new generation of cyberattacks 2024-04-29 at 07:01 By Help Net Security Most businesses see offensive AI fast becoming a standard tool for cybercriminals, with 93% of security leaders expecting to face daily AI-driven attacks, according to Netacea. Offensive AI in cyberattacks The research, “Cyber security in the age of offensive AI”,

AI is creating a new generation of cyberattacks Read More »

Closing the cybersecurity skills gap with upskilling programs

cybersecurity, News, Pluralsight, report, skill development, survey /

Closing the cybersecurity skills gap with upskilling programs 2024-04-29 at 06:31 By Help Net Security The list of skills technologists and organizations need to succeed grows with each new tech advancement, according to Pluralsight. But for many organizations, budgets and staff continue to shrink. This survey asked 1,400 executives and IT professionals how organizations can

Closing the cybersecurity skills gap with upskilling programs Read More »

Week in review: Two Cisco ASA zero-days exploited, MITRE breach, GISEC Global 2024

News, Week in review /

Week in review: Two Cisco ASA zero-days exploited, MITRE breach, GISEC Global 2024 2024-04-28 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359) A state-sponsored threat actor has managed to compromise Cisco Adaptive

Week in review: Two Cisco ASA zero-days exploited, MITRE breach, GISEC Global 2024 Read More »

Most people still rely on memory or pen and paper for password management

authentication, Bitwarden, cybersecurity, Don't miss, News, passwords, report, survey /

Most people still rely on memory or pen and paper for password management 2024-04-26 at 08:02 By Help Net Security Bitwarden surveyed 2,400 individuals from the US, UK, Australia, France, Germany, and Japan to investigate current user password practices. The survey shows that 25% of respondents globally reuse passwords across 11-20+ accounts, and 36% admit

Most people still rely on memory or pen and paper for password management Read More »

LSA Whisperer: Open-source tools for interacting with authentication packages

cybersecurity, GitHub, Microsoft, News, open source, red team, software /

LSA Whisperer: Open-source tools for interacting with authentication packages 2024-04-26 at 07:32 By Mirko Zorz LSA Whisperer consists of open-source tools designed to interact with authentication packages through their unique messaging protocols. Support is currently provided for the cloudap, kerberos, msv1_0, negotiate, pku2u, schannel packages and cloudap’s AzureAD plugin. Partial or unstable support is provided

LSA Whisperer: Open-source tools for interacting with authentication packages Read More »

Breaking down the numbers: Cybersecurity funding activity recap

Aim Security, Alethea, anecdotes, Axonius, BforeAI, BigID, Bugcrowd, CyberSaint, cybersecurity, Defense Unicorns, Don't miss, Dropzone AI, Hot stuff, Incognia, investment, Nagomi Security, News, NinjaOne, Nozomi Networks, Oleria, Permit.io, Prompt Security, Prophet Security, PVML, Seal Security, Simbian, StrikeReady, Sublime Security, Sweet Security, Vicarius /

Breaking down the numbers: Cybersecurity funding activity recap 2024-04-26 at 06:45 By Help Net Security Here’s a list of interesting cybersecurity companies that received funding so far in 2024. Aim Security January | $10 million Aim Security raised $10 million in seed funding, led by YL Ventures, with participation from CCL (Cyber Club London), the

Breaking down the numbers: Cybersecurity funding activity recap Read More »

New infosec products of the week: April 26, 2024

CyberInt, Forcepoint, Invicti Security, Netwrix, News, Trend Micro, WhyLabs, Zero Networks /

New infosec products of the week: April 26, 2024 2024-04-26 at 06:03 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Cyberint, Forcepoint, Invicti Security, Netwrix, Trend Micro, Zero Networks, and WhyLabs. Trend Micro launches AI-driven cyber risk management capabilities Trend Micro unveiled AI-driven cyber

New infosec products of the week: April 26, 2024 Read More »

Net neutrality has been restored

fcc, Government, net neutrality, News, standards, USA /

Net neutrality has been restored 2024-04-25 at 21:46 By Help Net Security The Federal Communications Commission (FCC) today voted to restore a national standard to ensure the internet is fast, open, and fair. Today’s decision to reclassify broadband service as a Title II telecommunications service allows the FCC to protect consumers, defend national security, and

Net neutrality has been restored Read More »

56% of cyber insurance claims originate in the email inbox

BEC scams, Coalition, cybersecurity, email security, firewall, Insurance, News, Ransomware, report, survey, VPN /

56% of cyber insurance claims originate in the email inbox 2024-04-25 at 13:01 By Help Net Security 56% of all 2023 claims were a result of funds transfer fraud (FTF) or business email compromise (BEC), highlighting the importance of email security as a critical aspect of cyber risk management, according to Coalition. The 2024 Cyber

56% of cyber insurance claims originate in the email inbox Read More »

Applying DevSecOps principles to machine learning workloads

Artificial Intelligence, cybersecurity, DevSecOps, Don't miss, Expert analysis, Expert corner, Hot stuff, machine learning, News, opinion, Protect AI, software development /

Applying DevSecOps principles to machine learning workloads 2024-04-25 at 07:33 By Help Net Security Protecting data and other enterprise assets is an increasingly challenging task, and one that touches nearly every corner of an organization. As the complexity of digital systems grows, the challenges mount. One method that helps reign in the chaos is bringing

Applying DevSecOps principles to machine learning workloads Read More »

Overcoming GenAI challenges in healthcare cybersecurity

Artificial Intelligence, cybersecurity, data, Don't miss, Features, framework, generative AI, healthcare, Hot stuff, machine learning, News, opinion, Privacy, Team8 Health /

Overcoming GenAI challenges in healthcare cybersecurity 2024-04-25 at 07:01 By Mirko Zorz In this Help Net Security interview, Assaf Mischari, Managing Partner, Team8 Health, discusses the risks associated with GenAI healthcare innovations and their impact on patient privacy. What are the key cybersecurity challenges in healthcare in the context of GenAI, and how can they

Overcoming GenAI challenges in healthcare cybersecurity Read More »

25 cybersecurity AI stats you should know

Accenture, Artificial Intelligence, Cisco, Cloud Security Alliance, Code42, cybercrime, cybersecurity, Don't miss, Dynatrace, FS-ISAC, Google Cloud, Group-IB, HiddenLayer, Hot stuff, ISC2, LastPass, McAfee, Netskope, News, report, survey, Zscaler /

25 cybersecurity AI stats you should know 2024-04-25 at 06:31 By Help Net Security In this article, you will find excerpts from reports we recently covered, which offer stats and insights into the challenges and cybersecurity issues arising from the expansion of AI. Security pros are cautiously optimistic about AI Cloud Security Alliance and Google

25 cybersecurity AI stats you should know Read More »

73% of SME security pros missed or ignored critical alerts

Coro, cyberattacks, cybersecurity, monitoring, News, professional, report /

73% of SME security pros missed or ignored critical alerts 2024-04-25 at 06:01 By Help Net Security Small and medium-sized enterprises (SMEs) IT staff is overwhelmed by the complexity and demands of managing multiple tools in their security stack, leading them to miss critical severity events and weaken their company’s security posture, according to Coro.

73% of SME security pros missed or ignored critical alerts Read More »

Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359)

0-day, CISA, Cisco, Don't miss, firewall, government-backed attacks, Hot stuff, Lumen, Microsoft, NCSC, News, security update /

Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359) 2024-04-24 at 21:31 By Zeljka Zorz A state-sponsored threat actor has managed to compromise Cisco Adaptive Security Appliances (ASA) used on government networks across the globe and use two zero-day vulnerabilities (CVE-2024-20353, CVE-2024-20359) to install backdoors on them, Cisco Talos researchers have shared on Wednesday.

Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359) Read More »

PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389)

Don't miss, enterprise, network monitoring, News, PoC, Progress, Rhino Security, vulnerability /

PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389) 2024-04-24 at 15:01 By Zeljka Zorz More details of and a proof-of-concept exploit for an unauthenticated OS command injection vulnerability (CVE-2024-2389) in Flowmon, Progress Software’s network monitoring/analysis and security solution, have been published. The critical vulnerability has been disclosed and patched by Progress earlier this month. “Currently,

PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389) Read More »

Global attacker median dwell time continues to fall

cybersecurity, Google Cloud, Mandiant, News, Ransomware, report, survey, threats /

Global attacker median dwell time continues to fall 2024-04-24 at 14:01 By Help Net Security While the use of zero-day exploits is on the rise, Mandiant’s M-Trends 2024 report reveals a significant improvement in global cybersecurity posture: the global median dwell time – the time attackers remain undetected within a target environment – has reached

Global attacker median dwell time continues to fall Read More »

Scroll to Top