News

New compensation trends in the cybersecurity sector

Artico Search, cybersecurity, Don't miss, education, Hot stuff, IANS, News, report, survey /

New compensation trends in the cybersecurity sector 2024-03-04 at 06:31 By Help Net Security For several years, cybersecurity leaders have grappled with talent shortages in crucial cyber roles. In the face of escalating financial requirements and expanding responsibilities, these leaders are under heightened pressure to achieve more with fewer resources, creating roles encompassing multiple security […]

New compensation trends in the cybersecurity sector Read More »

Photos: BSidesZagreb 2024

BSidesZG, conferences, cybersecurity, EU, Europe, GitGuardian, Mandiant, News /

Photos: BSidesZagreb 2024 2024-03-04 at 05:46 By Mirko Zorz BSidesZagreb is a complimentary, non-profit conference driven by community participation, designed for information security professionals and enthusiasts to gather, exchange ideas, and collaborate. Help Net Security sponsored the 2024 edition that took place on March 1, and here are photos from the event. Bojan Ždrnja, CTO

Photos: BSidesZagreb 2024 Read More »

Week in review: LockBit leak site is back online, NIST updates its Cybersecurity Framework

News, Week in review /

Week in review: LockBit leak site is back online, NIST updates its Cybersecurity Framework 2024-03-03 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Overcoming the pressures of cybersecurity startup leadership In this Help Net Security interview, Kunal Agarwal, CEO at Dope Security,

Week in review: LockBit leak site is back online, NIST updates its Cybersecurity Framework Read More »

Cybercriminals harness AI for new era of malware development

APT, Artificial Intelligence, cybercriminals, cybersecurity, dark web, Data leak, Group-IB, Malware, News, Ransomware, report, social engineering /

Cybercriminals harness AI for new era of malware development 2024-03-01 at 08:31 By Help Net Security The alliance between ransomware groups and initial access brokers (IABs) is still the powerful engine for cybercriminal industry, as evidenced by the 74% year-on-year increase in the number of companies that had their data uploaded on dedicated leak sites

Cybercriminals harness AI for new era of malware development Read More »

JCDC’s strategic shift: Prioritizing cyber hardening

APT, Artificial Intelligence, CISA, critical infrastructure, cybersecurity, Don't miss, Features, Government, Hot stuff, NCSC, News, opinion, Ransomware, strategy, Xage Security /

JCDC’s strategic shift: Prioritizing cyber hardening 2024-03-01 at 08:01 By Mirko Zorz In this Help Net Security interview, Geoffrey Mattson, CEO of Xage Security, discusses the evolution of the Joint Cyber Defense Collaborative (JCDC) since its 2021 inception and tackles its 2024 strategic priorities in response to escalating cyber threats. He elaborates on JCDC’s strategies

JCDC’s strategic shift: Prioritizing cyber hardening Read More »

Businesses foresee major impact from new SEC cybersecurity disclosure rules

AuditBoard, Compliance, cybersecurity, Government, News, report, Risk Management, survey, USA /

Businesses foresee major impact from new SEC cybersecurity disclosure rules 2024-03-01 at 07:04 By Help Net Security While 98% of security professionals and executives have started working to comply with the new U.S. Securities and Exchange Commission (SEC) cybersecurity disclosure ruling, over one-third are still in the early phases of their efforts, according to AuditBoard.

Businesses foresee major impact from new SEC cybersecurity disclosure rules Read More »

98% of businesses linked to breached third parties

cybercrime, cybersecurity, News, report, Risk Management, SecurityScorecard, software, supply chain, third party compromise /

98% of businesses linked to breached third parties 2024-03-01 at 06:32 By Help Net Security According to the updated SEC regulations on cybersecurity incident disclosure, findings by SecurityScorecard reveal that 98% of companies are associated with a third party that has experienced a breach. It often takes months or longer for breaches to become public

98% of businesses linked to breached third parties Read More »

New infosec products of the week: March 1, 2024

Exabeam, GitHub, Legato Security, News, Spin.AI, Viavi Solutions /

New infosec products of the week: March 1, 2024 2024-03-01 at 06:02 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Legato Security, Exabeam, Spin.AI, and Viavi Solutions. Legato Security Ensemble helps organizations prevent breaches Ensemble addresses the challenges businesses face in securing their networks

New infosec products of the week: March 1, 2024 Read More »

Airbnb scammers pose as hosts, redirect users to fake Tripadvisor site

Don't miss, hospitality industry, Hot stuff, Malwarebytes, News, scams, social engineering, URL shorteners /

Airbnb scammers pose as hosts, redirect users to fake Tripadvisor site 2024-02-29 at 16:19 By Helga Labus Scammers on Airbnb are faking technical issues and citing higher fees to get users to a spoofed Tripadvisor website and steal their money. The Airbnb scam Malwarebytes researchers came across the Airbnb scam when trying to book an

Airbnb scammers pose as hosts, redirect users to fake Tripadvisor site Read More »

ALPHV/BlackCat threatens to leak data stolen in Change Healthcare cyberattack

CISA, cyberattack, Don't miss, FBI, healthcare, Hot stuff, News, Ransomware /

ALPHV/BlackCat threatens to leak data stolen in Change Healthcare cyberattack 2024-02-29 at 14:46 By Helga Labus The ALPHV/BlackCat ransomware group has claimed responsibility for the cyberattack that targeted Optum, a subsidiary of UnitedHealth Group (UHG), causing disruption to the Change Healthcare platform and affecting pharmacy transactions across the US. ALPHV/BlackCat is back Last December, US

ALPHV/BlackCat threatens to leak data stolen in Change Healthcare cyberattack Read More »

Kali Linux 2024.1 released: New tools, new look, new Kali Nethunter kernels

Don't miss, Hot stuff, Kali Linux, News, OffSec, penetration testing /

Kali Linux 2024.1 released: New tools, new look, new Kali Nethunter kernels 2024-02-29 at 12:35 By Zeljka Zorz OffSec has released Kali Linux 2024.1, the latest version of its popular penetration testing and digital forensics platform. The new version comes with new tools, a fresh look (themes, wallpapers and icons for Kali and Kali Purple),

Kali Linux 2024.1 released: New tools, new look, new Kali Nethunter kernels Read More »

BobTheSmuggler: Open-source tool for undetectable payload delivery

cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, penetration testing, software /

BobTheSmuggler: Open-source tool for undetectable payload delivery 2024-02-29 at 08:03 By Mirko Zorz BobTheSmuggler is an open-source tool designed to easily compress, encrypt, and securely transport your payload. It basically enables you to hide a payload in plain sight. BobTheSmuggler is helpful in phishing campaign assessments, data exfiltration exercises, and assumed breach scenarios. Features Hiding

BobTheSmuggler: Open-source tool for undetectable payload delivery Read More »

How organizations can navigate identity security risks in 2024

access management, authentication, CISO, cloud security, cybersecurity, Don't miss, Features, Hot stuff, hybrid IT, identity management, News, opinion, SaaS, strategy, tips, Zilla Security /

How organizations can navigate identity security risks in 2024 2024-02-29 at 07:34 By Mirko Zorz Managing IAM challenges in hybrid IT environments requires a holistic approach, integrating solutions and automating processes to ensure effective access controls and operational efficiency. In this Help Net Security interview, Deepak Taneja, CEO of Zilla Security, discusses identity security risks

How organizations can navigate identity security risks in 2024 Read More »

Cryptojacking is no longer the sole focus of cloud attackers

Cado Security, Cloud, cybercrime, cybersecurity, Malware, News, report, survey /

Cryptojacking is no longer the sole focus of cloud attackers 2024-02-29 at 06:31 By Help Net Security As commercial adoption of cloud technologies continues, cloud-focused malware campaigns have increased in sophistication and number – a collective effort to safeguard both large and small enterprises is critical, according to Cado Security. Docker remains the most frequently

Cryptojacking is no longer the sole focus of cloud attackers Read More »

Vishing, smishing, and phishing attacks skyrocket 1,265% post-ChatGPT

Artificial Intelligence, attacks, ChatGPT, cybercrime, cybersecurity, Enea, News, phishing, report, survey, telecommunications, vishing /

Vishing, smishing, and phishing attacks skyrocket 1,265% post-ChatGPT 2024-02-29 at 06:02 By Help Net Security 76% of enterprises lack sufficient voice and messaging fraud protection as AI-powered vishing and smishing skyrocket following the launch of ChatGPT, according to Enea. Enterprises report significant losses from mobile fraud 61% of enterprises still suffer significant losses to mobile

Vishing, smishing, and phishing attacks skyrocket 1,265% post-ChatGPT Read More »

The CISO’s guide to reducing the SaaS attack surface

Don't miss, Hot stuff, News, Nudge Security, Whitepapers and webinars /

The CISO’s guide to reducing the SaaS attack surface 2024-02-29 at 06:02 By Help Net Security SaaS sprawl introduces security risks, operational headaches, and eye-popping subscription costs. Download this guide to learn how to implement a strategic approach to reducing your SaaS attack surface without slowing down the business. Inside the guide, you’ll find: Tools

The CISO’s guide to reducing the SaaS attack surface Read More »

Infosec products of the month: February 2024

Appdome, BackBox, Center for Internet Security, Cisco, CompliancePro Solutions, Cyberhaven, LOKKER, ManageEngine, Metomic, News, OPSWAT, Pindrop, ProcessUnity, Qualys, SentinelOne, Sumsub, Truffle Security, Vade Secure, Varonis /

Infosec products of the month: February 2024 2024-02-29 at 05:48 By Help Net Security Here’s a look at the most interesting products from the past month, featuring releases from: Appdome, BackBox, Center for Internet Security, Cisco, CompliancePro Solutions, Cyberhaven, LOKKER, ManageEngine, Metomic, OPSWAT, Pindrop, ProcessUnity, Qualys, SentinelOne, Sumsub,Truffle Security, Vade Secure, and Varonis. CIS ESS

Infosec products of the month: February 2024 Read More »

European retailer Pepco loses €15.5 million in phishing (possibly BEC?) attack

BEC scams, cybercrime, Don't miss, EU, Hot stuff, News, phishing /

European retailer Pepco loses €15.5 million in phishing (possibly BEC?) attack 2024-02-28 at 16:34 By Zeljka Zorz Pepco Group has confirmed that its Hungarian business has been hit by a “sophisticated fraudulent phishing attack.” The European company, which operates shops under the Pepco, Poundland and Dealz brands, said that the company lost approximately €15.5 million

European retailer Pepco loses €15.5 million in phishing (possibly BEC?) attack Read More »

State-sponsored hackers know enterprise VPN appliances inside out

attacks, cyber espionage, Don't miss, enterprise, Fortinet, government-backed attacks, Hot stuff, Ivanti, Mandiant, News, threat, Threat Intelligence /

State-sponsored hackers know enterprise VPN appliances inside out 2024-02-28 at 14:19 By Zeljka Zorz Suspected Chinese state-sponsored hackers who have been leveraging Ivanti Connect Secure VPN flaws to breach a variety of organizations have demonstrated “a nuanced understanding of the appliance”, according to Mandiant incident responders and threat hunters. They were able to perform a

State-sponsored hackers know enterprise VPN appliances inside out Read More »

Understanding employees’ motivations behind risky actions

Artificial Intelligence, BEC scams, cybersecurity, News, phishing, Proofpoint, Ransomware, report, risk, security awareness, training /

Understanding employees’ motivations behind risky actions 2024-02-28 at 07:31 By Help Net Security More 68% of employees knowingly put their organizations at risk, potentially leading to ransomware or malware infections, data breaches, or financial loss, according to Proofpoint. Perception on security responsibility And while the incidence of successful phishing attacks has slightly declined (71% of

Understanding employees’ motivations behind risky actions Read More »

Scroll to Top