News

Ransomware attacks escalate as critical sectors struggle to keep up

Arctic Wolf Networks, At-Bay, cybercrime, Malwarebytes, News, Ransomware, report, Resilience Insurance, Semperis, survey, Trellix, Veeam Software, Zscaler /

Ransomware attacks escalate as critical sectors struggle to keep up 2024-09-04 at 06:03 By Help Net Security Ransomware remains a concerning cybersecurity threat, with attacks becoming more frequent, severe, and costly. Recent reports highlight alarming trends, including increased attacks on critical sectors like healthcare, education, and manufacturing. The US, leading in global ransomware incidents, faces […]

React to this headline:

Loading spinner

Ransomware attacks escalate as critical sectors struggle to keep up Read More »

Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261)

access point, consumer, Don't miss, firewall, Hot stuff, ISP, News, router, security update, SMBs, vulnerability, Zyxel /

Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261) 2024-09-03 at 16:01 By Zeljka Zorz Zyxel has patched a myriad of vulnerabilities in its various networking devices, including a critical one (CVE-2024-7261) that may allow unauthenticated attackers to execute OS commands on many Zyxel access points (APs) and security routers by

React to this headline:

Loading spinner

Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261) Read More »

Transport for London is dealing with a cyber security incident

Closed Door Security, cyberattack, Don't miss, Hot stuff, News, transportation, UK /

Transport for London is dealing with a cyber security incident 2024-09-03 at 12:46 By Zeljka Zorz Transport for London (TfL) has sent out notifications to customers on Sunday evening saying that they “are currently dealing with an ongoing cyber security incident.” The government body that manages most of the transport network of United Kingdom’s capital

React to this headline:

Loading spinner

Transport for London is dealing with a cyber security incident Read More »

Managing low-code/no-code security risks

cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, Nokod Security, opinion, Risk Management, strategy, vulnerability management /

Managing low-code/no-code security risks 2024-09-03 at 07:31 By Help Net Security Continuous threat exposure management (CTEM) – a concept introduced by Gartner – monitors cybersecurity threats continuously rather than intermittently. This five-stage framework (scoping, discovery, prioritization, validation, and mobilization) allows organizations to constantly assess and manage their security posture, reduce exposure to threats, and integrate

React to this headline:

Loading spinner

Managing low-code/no-code security risks Read More »

How ransomware tactics are shifting, and what it means for your business

attacks, CISO, cybercrime, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Ransomware, strategy, threats, WithSecure /

How ransomware tactics are shifting, and what it means for your business 2024-09-03 at 07:01 By Mirko Zorz In this Help Net Security interview, Tim West, Director of Threat Intelligence and Outreach at WithSecure, discusses Ransomware-as-a-Service (RaaS) with a focus on how these cybercriminal operations are adapting to increased competition, shifting structures, and a fragmented

React to this headline:

Loading spinner

How ransomware tactics are shifting, and what it means for your business Read More »

The attack with many names: SMS Toll Fraud

cybercrime, cybersecurity, Don't miss, fraud, Hot stuff, News, scams, Video /

The attack with many names: SMS Toll Fraud 2024-09-03 at 06:31 By Help Net Security Bad actors leverage premium-rate phone numbers and bots to steal billions of dollars from businesses. In this Help Net Security video, Frank Teruel, CFO at Arkose Labs, discusses how to spot and stop them. The post The attack with many

React to this headline:

Loading spinner

The attack with many names: SMS Toll Fraud Read More »

A third of organizations suffered a SaaS data breach this year

AppOmni, CISO, cybersecurity, News, report, SaaS, survey /

A third of organizations suffered a SaaS data breach this year 2024-09-03 at 06:01 By Help Net Security While SaaS security is finally getting the attention it deserves, there’s still a significant gap between intent and implementation. Ad hoc strategies and other practices still fall short of a security program. The move toward decentralization has

React to this headline:

Loading spinner

A third of organizations suffered a SaaS data breach this year Read More »

Complying with PCI DSS requirements by 2025

Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Integrity360, News, opinion, PCI DSS /

Complying with PCI DSS requirements by 2025 2024-09-02 at 12:31 By Help Net Security Version 4.0.1 of the Payment Card Industry Data Security Standard (PCI DSS), which came into effect back in April, incorporates a few important changes to make it fit for the modern digital world, addressing how technologies, the threat landscape and payment

React to this headline:

Loading spinner

Complying with PCI DSS requirements by 2025 Read More »

Damn Vulnerable UEFI: Simulate real-world firmware attacks

Don't miss, firmware, GitHub, Hot stuff, News, open source, software /

Damn Vulnerable UEFI: Simulate real-world firmware attacks 2024-09-02 at 07:31 By Help Net Security Damn Vulnerable UEFI (DVUEFI) is an open-source exploitation toolkit and learning platform for unveiling and fixing UEFI firmware vulnerabilities. Simulate real-world firmware attacks DVUEFI was created to assist ethical hackers, security researchers, and firmware enthusiasts in beginning their journey into UEFI

React to this headline:

Loading spinner

Damn Vulnerable UEFI: Simulate real-world firmware attacks Read More »

Ransomware crisis deepens as attacks and payouts rise

Corvus Insurance, cybercrime, News, Ransomware, report, survey, The Travelers Companies /

Ransomware crisis deepens as attacks and payouts rise 2024-09-02 at 07:01 By Help Net Security During the second quarter, new ransomware groups, including PLAY, Medusa, RansomHub, INC Ransom, BlackSuit, and some additional lesser-known factions, led a series of attacks that eclipsed the first quarter of this year by 16% and the second quarter of 2023

React to this headline:

Loading spinner

Ransomware crisis deepens as attacks and payouts rise Read More »

Keeping up with automated threats is becoming harder

bot, cybersecurity, Kasada, News, report, survey, threats /

Keeping up with automated threats is becoming harder 2024-09-02 at 06:31 By Help Net Security 98% of organizations attacked by bots in the past year lost revenue as a result, according to Kasada. Web scraping (web crawling) is a significant threat followed closely by account fraud, with more than one third of IT/IS specialists reporting

React to this headline:

Loading spinner

Keeping up with automated threats is becoming harder Read More »

Infosec products of the month: August 2024

Adaptive Shield, AppOmni, ArmorCode, Bitwarden, Cequence Security, ClearSale, Clutch Security, Contrast Security, Dragos, Elastic, Endor Labs, Entrust, Fortanix, Fortinet, Guardio, HYCU, Ivanti, McAfee, News, Nucleus Security, Own, Rapid7, Resecurity, Rezonate, RightCrowd, Stellar, Veza, Wallarm, Wing Security /

Infosec products of the month: August 2024 2024-09-02 at 06:01 By Help Net Security Here’s a look at the most interesting products from the past month, featuring releases from: Adaptive Shield, AppOmni, ArmorCode, Bitwarden, Cequence Security, ClearSale, Clutch Security, Contrast Security, Dragos, Elastic, Endor Labs, Entrust, Fortanix, Fortinet, Guardio, HYCU, Ivanti, McAfee, Nucleus Security, Own,

React to this headline:

Loading spinner

Infosec products of the month: August 2024 Read More »

Week in review: SonicWall critical firewalls flaw fixed, APT exploits WPS Office for Windows RCE

News, Week in review /

Week in review: SonicWall critical firewalls flaw fixed, APT exploits WPS Office for Windows RCE 2024-09-01 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766) SonicWall has patched a critical vulnerability (CVE-2024-40766) in its next-gen

React to this headline:

Loading spinner

Week in review: SonicWall critical firewalls flaw fixed, APT exploits WPS Office for Windows RCE Read More »

How RansomHub went from zero to 210 victims in six months

CISA, Don't miss, FBI, Hot stuff, News, Ransomware /

How RansomHub went from zero to 210 victims in six months 2024-08-30 at 15:16 By Zeljka Zorz RansomHub, a ransomware-as-a-service (RaaS) outfit that “popped up” earlier this year, has already amassed at least 210 victims (that we know of). Its affiliates have hit government services, IT and communication companies, healthcare institutions, financial organizations, emergency services,

React to this headline:

Loading spinner

How RansomHub went from zero to 210 victims in six months Read More »

A macro look at the most pressing cybersecurity risks

cybercrime, cybersecurity, Forescout, News, report /

A macro look at the most pressing cybersecurity risks 2024-08-30 at 07:31 By Help Net Security Forescout’s 2024H1 Threat Review is a new report that reviews the current state of vulnerabilities, threat actors, and ransomware attacks in the first half of 2024 and compares them to H1 2023. “Attackers are looking for any weak point

React to this headline:

Loading spinner

A macro look at the most pressing cybersecurity risks Read More »

Sinon: Open-source automatic generative burn-in for Windows deception hosts

Don't miss, GitHub, Hot stuff, News, open source, software /

Sinon: Open-source automatic generative burn-in for Windows deception hosts 2024-08-30 at 07:01 By Mirko Zorz Sinon is an open-source, modular tool for the automatic burn-in of Windows-based deception hosts. It aims to reduce the difficulty of orchestrating deception hosts at scale while enabling diversity and randomness through generative capabilities. Sinon is designed to automate the

React to this headline:

Loading spinner

Sinon: Open-source automatic generative burn-in for Windows deception hosts Read More »

Cyber threats that shaped the first half of 2024

Critical Start, cybercrime, News, report, survey, threats /

Cyber threats that shaped the first half of 2024 2024-08-30 at 06:31 By Help Net Security Global cybercrime has shown no sign of decline and is expected to grow strong per year over the next five years. To identify the most urgent cybersecurity threats of the first half of 2024, the Critical Start Cyber Research

React to this headline:

Loading spinner

Cyber threats that shaped the first half of 2024 Read More »

New infosec products of the week: August 30, 2024

Bitwarden, Dragos, Fortinet, HYCU, News, Rezonate /

New infosec products of the week: August 30, 2024 2024-08-30 at 06:01 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Bitwarden, Dragos, Fortinet, HYCU, and Rezonate. Fortinet introduces sovereign SASE and GenAI capabilities Fortinet announced the addition of sovereign SASE and GenAI capabilities to

React to this headline:

Loading spinner

New infosec products of the week: August 30, 2024 Read More »

Midnight Blizzard delivered iOS, Chrome exploits via compromised government websites

APT, Don't miss, exploit, Government, government-backed attacks, Hot stuff, Malware, News, Russian Federation /

Midnight Blizzard delivered iOS, Chrome exploits via compromised government websites 2024-08-29 at 16:16 By Zeljka Zorz Suspected Russian hackers have been hitting iPhone and Android users visiting government websites with exploits first leveraged by commercial surveillance vendors, Google TAG researchers shared. The watering hole campaigns Between November 2023 and July 2024, threat actors have repeatedly

React to this headline:

Loading spinner

Midnight Blizzard delivered iOS, Chrome exploits via compromised government websites Read More »

The NIS2 Directive: How far does it reach?

cybersecurity, Don't miss, EU, Expert analysis, Expert corner, Hot stuff, Hunton Andrews Kurth, legislation, News, opinion, regulation, strategy /

The NIS2 Directive: How far does it reach? 2024-08-29 at 07:31 By Help Net Security The NIS2 Directive is one of the most recent efforts of the EU legislator to boost cybersecurity across the bloc and to keep up with the challenges of an increasingly digitalized society and growing cyber threats. As the name implies,

React to this headline:

Loading spinner

The NIS2 Directive: How far does it reach? Read More »

Scroll to Top