Uphold Linux systems’ performance and availability in Azure 08/11/2023 at 07:01 By Help Net Security Cloud computing carries many benefits for your business… as long as you can ensure the performance and availability of your cloud environments. Let’s take the following three cloud computing benefits as examples. Rapidly scale cloud services: In the absence of […]
Uphold Linux systems’ performance and availability in Azure Read More »
Oracle Employee Helped Cocaine Dealers Hide $54 Million In Crypto, DOJ Says 07/11/2023 at 19:35 By Thomas Brewster, Forbes Staff A long-time Oracle engineer was allegedly hiding crypto for imprisoned cocaine dealers who were shifting millions of dollars every month, the DOJ says. One of the dealers protests that the crypto was legitimately acquired. This
Oracle Employee Helped Cocaine Dealers Hide $54 Million In Crypto, DOJ Says Read More »
Microsoft introduces new access policies in Entra to boost MFA usage 07/11/2023 at 18:17 By Helga Labus As part of a broader initiative to strengthen security, Microsoft is rolling out Microsoft-managed Conditional Access policies in Entra ID (formerly Azure Active Directory) to increase the use of multifactor authentication (MFA) for enterprise accounts. Microsoft Entra Conditional
Microsoft introduces new access policies in Entra to boost MFA usage Read More »
Looney Tunables bug exploited for cryptojacking 07/11/2023 at 12:46 By Helga Labus Kinsing threat actors have been spotted exploiting the recently disclosed Looney Tunables (CVE-2023-4911) vulnerability to covertly install cryptomining software into cloud-native environments. Kinsing (aka Money Libra) is a threat actor group that has been active since late 2021, targeting cloud-native environments and applications
Looney Tunables bug exploited for cryptojacking Read More »
7 free cyber threat maps showing attack intensity and frequency 07/11/2023 at 09:03 By Help Net Security Cyber threat maps are one of the most visually engaging tools in the arsenal of cybersecurity professionals. These real-time visualizations provide a global perspective on digital threats, showcasing the intensity and frequency of attacks as they happen. This
7 free cyber threat maps showing attack intensity and frequency Read More »
Kubescape 3.0 elevates open-source Kubernetes security 07/11/2023 at 08:32 By Help Net Security Targeted at the DevSecOps practitioner or platform engineer, Kubescape, the open-source Kubernetes security platform has reached version 3.0. Vulnerability scan results Kubescape 3.0 features Kubescape 3.0 adds new features that make it easier for organizations to secure their Kubernetes clusters, including: Compliance
Kubescape 3.0 elevates open-source Kubernetes security Read More »
Microsegmentation proves its worth in ransomware defense 07/11/2023 at 07:32 By Help Net Security The number of ransomware attacks (successful and unsuccessful) has doubled over the past two years, from 43 on average in 2021 to 86 in 2023, according to Akamai. Security organizations have responded to the recent rise in ransomware attacks by implementing
Microsegmentation proves its worth in ransomware defense Read More »
Outdated cryptographic protocols put vast amounts of network traffic at risk 07/11/2023 at 07:01 By Help Net Security Cryptography is largely taken for granted – rarely evaluated or checked – a practice that could have devastating consequences for businesses as attack surfaces continue to expand, the cost of a data breach rises year-over-year, and the
Outdated cryptographic protocols put vast amounts of network traffic at risk Read More »
eBook: Keeping Active Directory out of hackers’ cross-hairs 07/11/2023 at 06:46 By Help Net Security Active Directory is a prime target for threat actors, and companies must act now to eliminate it as a threat vector permanently. Read the e-book to review: Active Directory (AD) and what it provides Threats and how to keep hackers
eBook: Keeping Active Directory out of hackers’ cross-hairs Read More »
Okta breach post mortem reveals weaknesses exploited by attackers 06/11/2023 at 17:18 By Zeljka Zorz The recent breach of the Okta Support system was carried out via a compromised service account with permissions to view and update customer support cases. “During our investigation into suspicious use of this account, Okta Security identified that an employee
Okta breach post mortem reveals weaknesses exploited by attackers Read More »
For Less Than $1, Anyone Can Buy A Military Vet’s Financial And Health History 06/11/2023 at 15:02 By Thomas Brewster, Forbes Staff Data brokers are collecting and selling reams of sensitive personal information about members of the military, according to Duke University research. That could put national security at risk, the researchers say. This article
For Less Than $1, Anyone Can Buy A Military Vet’s Financial And Health History Read More »
Google Play will mark independently validated VPN apps 06/11/2023 at 13:49 By Helga Labus Android VPN apps that have gone through an independent security validation will now be able to claim that distinction on Google Play with a prominent badge in their Data Safety section. “We’ve launched this banner beginning with VPN apps due to
Google Play will mark independently validated VPN apps Read More »
Atlassian Confluence data-wiping vulnerability exploited 06/11/2023 at 13:19 By Zeljka Zorz Threat actors are trying to exploit CVE-2023-22518, a critical Atlassian Confluence flaw that allows unauthenticated attackers to reset vulnerable instances’ database, Greynoise is observing. The Shadowserver Foundation has also seen 30+ IP addresses testing for the flaw in internet-facing Confluence installations. From security updates
Atlassian Confluence data-wiping vulnerability exploited Read More »
How global password practices are changing 06/11/2023 at 09:33 By Help Net Security Password health and hygiene improved globally over the past year, reducing the risk of account takeover for consumers and businesses, according to Dashlane. Password reuse remains prevalent, however, leaving user accounts particularly vulnerable to password-spraying attacks if they’re not protected by strong
How global password practices are changing Read More »
Exploring the global shift towards AI-specific legislation 06/11/2023 at 09:01 By Mirko Zorz In this Help Net Security interview, Sarah Pearce, Partner at Hunton Andrews Kurth, offers insights into the evolving landscape of AI legislation and its global impact. Pearce explores key principles, public participation, the future of AI laws in a world of rapid
Exploring the global shift towards AI-specific legislation Read More »
The roadblocks to preventive cybersecurity success 06/11/2023 at 08:04 By Help Net Security In the last two years, the average organization’s cybersecurity program was prepared to defend preventively, or block, just 57% of the cyberattacks it encountered, according to Tenable. This means 43% of attacks launched against them are successful and must be remediated after
The roadblocks to preventive cybersecurity success Read More »
The perils of over-reliance on single cloud providers 06/11/2023 at 07:39 By Help Net Security The risk associated with dependence on a particular cloud provider for multiple business capabilities is in the top five emerging risks for organizations for the second consecutive quarter, according to a survey by Gartner. Emerging risks In September 2023, Gartner
The perils of over-reliance on single cloud providers Read More »
Week in review: Exploited Citrix Bleed vulnerability, Atlassian patches critical Confluence bug 05/11/2023 at 12:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: AI threat landscape: Model theft and inference attacks emerge as top concerns In this Help Net Security interview, Guy Guzner, CEO
KandyKorn macOS malware lobbed at blockchain engineers 03/11/2023 at 15:46 By Helga Labus North Korean hackers are using novel MacOS malware named KandyKorn to target blockchain engineers of a cryptocurrency exchange platform. The attack By impersonating blockchain engineering community members on Discord, the attackers used social engineering techniques to make victims download a malicious ZIP
KandyKorn macOS malware lobbed at blockchain engineers Read More »
Microsoft launches new initiative to augment security 03/11/2023 at 14:48 By Zeljka Zorz Nearly 22 years after Bill Gates announced a concerted Microsoft-wide push to deliver Trustworthy Computing, the company is launching the Secure Future Initiative, to boost the overall security of Microsoft’s products and its customers and users. A new Microsoft initiative focused on
Microsoft launches new initiative to augment security Read More »