Week in review: LockBit exploits Citrix Bleed, Apache ActiveMQ bug exploited for cryptojacking 26/11/2023 at 12:33 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: PolarDNS: Open-source DNS server tailored for security evaluations PolarDNS is a specialized authoritative DNS server that allows the operator to […]
NIS2 and its global ramifications 24/11/2023 at 08:31 By Help Net Security The Network and Information Systems Directive (NIS2), due to come into effect in October 2024, seeks to improve cyber resilience in the European Union (EU). Its effects are likely to be wider reaching, though, bringing in more stringent processes and controls and redefining
NIS2 and its global ramifications Read More »
Network security tops infrastructure investments 24/11/2023 at 07:33 By Help Net Security Network security is both the top challenge and the top investment priority for enterprise IT leaders, according to ISG. Network security challenges 60% of respondents to the ISG survey on network modernization ranked network security among their top five challenges, with 21% ranking
Network security tops infrastructure investments Read More »
AI and contextual threat intelligence reshape defense strategies 24/11/2023 at 07:01 By Help Net Security AI continues to evolve to improve both cyber defense and cyber criminal activities, while regulatory pressures, continued consolidation, and geopolitical concerns will drive more proactive cybersecurity efforts with contextual threat intelligence, according to Cybersixgill. As organizations increasingly adopt Threat Exposure
AI and contextual threat intelligence reshape defense strategies Read More »
Cybercriminals turn to ready-made bots for quick attacks 23/11/2023 at 08:31 By Help Net Security Bots and human fraud farms were responsible for billions of attacks in the H1 of 2023 and into Q3, according to Arkose Labs. These attacks comprised 73% of all website and app traffic measured. In other words, almost three-quarters of
Cybercriminals turn to ready-made bots for quick attacks Read More »
Consumers plan to be more consistent with their security in 2024 23/11/2023 at 07:31 By Help Net Security The vast majority of consumers are concerned that cyberattacks will increase or remain consistent over the coming year (97%) and become more sophisticated (69%), outpacing the ability of cyber defenses to protect against these threats, according to
Consumers plan to be more consistent with their security in 2024 Read More »
Online stores may not be as secure as you think 23/11/2023 at 07:01 By Help Net Security Credit card skimming is on the rise for the holiday shopping season, according to Malwarebytes. Online stores are not always as secure as you might think they are, and yet you need to hand over your valuable credit
Online stores may not be as secure as you think Read More »
How LockBit used Citrix Bleed to breach Boeing and other targets 22/11/2023 at 16:47 By Zeljka Zorz CVE-2023-4966, aka “Citrix Bleed”, has been exploited by LockBit 3.0 affiliates to breach Boeing’s parts and distribution business, and “other trusted third parties have observed similar activity impacting their organization,” cybersecurity and law enforcement officials have confirmed on
How LockBit used Citrix Bleed to breach Boeing and other targets Read More »
Microsoft announces Defender bug bounty program 22/11/2023 at 14:47 By Helga Labus Microsoft has announced a new bug bounty program aimed at unearthing vulnerabilities in Defender-related products and services, and is offering participants the possibility to earn up to $20,000 for the most critical bugs. The Microsoft Defender bug bounty program Microsoft Defender includes various
Microsoft announces Defender bug bounty program Read More »
CISA offers cybersecurity services to non-federal orgs in critical infrastructure sector 22/11/2023 at 12:47 By Helga Labus The Cybersecurity and Infrastructure Security Agency (CISA) has announced a pilot program that aims to offer cybersecurity services to critical infrastructure entities as they have become a common target in cyberattacks. “In alignment with CISA’s ‘Target Rich, Resource
CISA offers cybersecurity services to non-federal orgs in critical infrastructure sector Read More »
CISOs can marry security and business success 22/11/2023 at 08:33 By Help Net Security With an endless string of cyber fires to be put out, it’s easy to forget that the cybersecurity function in an organization doesn’t exist in a vacuum. Its main purpose is to ensure the organization succeeds, and that’s the reason CISOs
CISOs can marry security and business success Read More »
Open-source AV/EDR bypassing lab for training and learning 22/11/2023 at 07:31 By Mirko Zorz Best EDR Of The Market is a user-mode endpoint detection and response (EDR) project designed to serve as a testing ground for understanding and bypassing EDR’s user-mode detection methods. These techniques are mainly based on a dynamic analysis of the target
Open-source AV/EDR bypassing lab for training and learning Read More »
Organizations rethink cybersecurity investments to meet NIS Directive requirements 22/11/2023 at 07:07 By Help Net Security Despite a 25% increase of the cost of major cyber incidents in 2022 compared to 2021, the new report on cybersecurity investment from ENISA reveals a slight increase of 0,4% of IT budget dedicated to cybersecurity by EU operators
Organizations rethink cybersecurity investments to meet NIS Directive requirements Read More »
FreeBSD 14.0 released, OpenSSH and OpenSSL updated 21/11/2023 at 17:17 By Help Net Security FreeBSD 14.0 is now available for the amd64, aarch64, i386, powerpc, powerpc64, powerpc64le, powerpcspe, armv7, and riscv64 architectures. FreeBSD provides sophisticated features in networking, performance, security, and compatibility. It serves as an excellent choice for an Internet or Intranet server. It
FreeBSD 14.0 released, OpenSSH and OpenSSL updated Read More »
Apache ActiveMQ bug exploited to deliver Kinsing malware 21/11/2023 at 15:02 By Helga Labus Attackers are exploiting a recently fixed vulnerability (CVE-2023-46604) in Apache ActiveMQ to install Kinsing malware and cryptocurrency miners on targeted Linux systems. CVE-2023-46604 exploitation Apache ActiveMQ is a popular Java-based open source message broker that allows communication between applications and services
Apache ActiveMQ bug exploited to deliver Kinsing malware Read More »
The shifting sands of the war against cyber extortion 21/11/2023 at 14:33 By Zeljka Zorz Ransomware and cyber extortion attacks aimed at organizations are not letting up. Occasionally, they even come in pairs. The often large and sometimes massive ransomware recovery costs companies incur when they decide not to meet the demands deter many other
The shifting sands of the war against cyber extortion Read More »
8 free AI and GenAI courses from AWS 21/11/2023 at 14:02 By Industry News Amazon’s AI Ready initiative aims to provide free AI skills training and education to 2 million people globally by 2025. “Artificial intelligence is the most transformative technology of our generation. If we are going to unlock the full potential of AI
8 free AI and GenAI courses from AWS Read More »
PolarDNS: Open-source DNS server tailored for security evaluations 21/11/2023 at 08:36 By Mirko Zorz PolarDNS is a specialized authoritative DNS server that allows the operator to produce custom DNS responses suitable for DNS protocol testing purposes. What can you do with PolarDNS? PolarDNS can be used for testing of: DNS resolvers (server-side) DNS clients DNS
PolarDNS: Open-source DNS server tailored for security evaluations Read More »
Organizations’ serious commitment to software risk management pays off 21/11/2023 at 07:32 By Industry News There has been a significant decrease in vulnerabilities found in target applications – from 97% in 2020 to 83% in 2022 – an encouraging sign that code reviews, automated testing and continuous integration are helping to reduce common programming errors,
Organizations’ serious commitment to software risk management pays off Read More »
The hidden obstacles to integrating AI into your business 21/11/2023 at 07:02 By Help Net Security A mere 14% of organizations globally are fully prepared to deploy and leverage AI-powered technologies, according to Cisco. The report highlights companies’ preparedness to utilize and deploy AI, showcasing critical gaps across key business pillars and infrastructures that pose
The hidden obstacles to integrating AI into your business Read More »