New infosec products of the week: November 3, 2023 03/11/2023 at 09:04 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Action1, Enzoic, Immuta, and Snappt. Immuta Discover identifies and classifies sensitive data Immuta Discover automatically and continuously discovers structured data in cloud data platforms. […]
New infosec products of the week: November 3, 2023 Read More »
Healthcare’s road to redefining cybersecurity with modern solutions 03/11/2023 at 08:07 By Help Net Security The rate of data encryption following a ransomware attack in healthcare was the highest in the last three years, according to Sophos. Ransomware attacks continue to grow in sophistication Among those organizations surveyed, cybercriminals successfully encrypted data in nearly 75%
Healthcare’s road to redefining cybersecurity with modern solutions Read More »
Financial organizations embrace automation for enhanced security 03/11/2023 at 07:31 By Help Net Security The security performance of financial applications generally outperforms other industries, with automation, targeted security training, and scanning via Application Programming Interface (API) contributing to a year-over-year reduction in the percentage of applications containing flaws, according to Veracode. Against a backdrop of
Financial organizations embrace automation for enhanced security Read More »
AI is transforming financial crime compliance 03/11/2023 at 07:01 By Help Net Security While 86% of compliance, operations, risk and IT professionals at banks and non-banking financial institutions (NBFIs) surveyed said they would increase spending on AI and ML over the next two years, a 93% of respondents said that instead of using automation to
AI is transforming financial crime compliance Read More »
Attackers exploiting Apache ActiveMQ flaw to deliver ransomware (CVE-2023-46604) 02/11/2023 at 17:01 By Zeljka Zorz Ransomware-wielding attackers are trying to break into servers running outdated versions of Apache ActiveMQ by exploiting a recently fixed vulnerability (CVE-2023-46604). “Beginning Friday, October 27, Rapid7 Managed Detection and Response (MDR) identified suspected exploitation of Apache ActiveMQ CVE-2023-46604 in two
Attackers exploiting Apache ActiveMQ flaw to deliver ransomware (CVE-2023-46604) Read More »
F5 BIG-IP vulnerabilities leveraged by attackers: What to do? 02/11/2023 at 14:01 By Zeljka Zorz The two BIG-IP vulnerabilities (CVE-2023-46747, CVE-2023-46748) F5 Networks has recently released hotfixes for are being exploited by attackers in the wild, the company has confirmed. “It is important to note that not all exploited systems may show the same indicators,
F5 BIG-IP vulnerabilities leveraged by attackers: What to do? Read More »
MITRE ATT&CK v14 released 02/11/2023 at 12:16 By Zeljka Zorz MITRE has released MITRE ATT&CK v14, the newest iteration of its popular investigation framework / knowledge base of tactics and techniques employed by cyber attackers. MITRE ATT&CK v14 ATT&CK’s goal is to catalog and categorize behaviors of cyber adversaries in real-world attacks. The framework is
MITRE ATT&CK v14 released Read More »
Cybersecurity workforce shortages: 67% report people deficits 02/11/2023 at 09:02 By Help Net Security The global cybersecurity workforce has reached 5.5 million people, an 8.7% increase from 2022, representing 440,000 new jobs, according to ISC2. While this is the highest workforce ever recorded, the report shows that demand is still outpacing the supply. The cybersecurity
Cybersecurity workforce shortages: 67% report people deficits Read More »
How human behavior research informs security strategies 02/11/2023 at 08:01 By Mirko Zorz In this Help Net Security interview, Kai Roer, CEO at Praxis Security Labs, explores the theoretical underpinnings, practical implications, and the crucial role of human behavior in cybersecurity. Roer explains why a comprehensive understanding of human complexity is paramount in today’s security
How human behavior research informs security strategies Read More »
Cybersecurity habits and behaviors executives need to be aware of 02/11/2023 at 07:01 By Help Net Security Top executives — the employee group most targeted by threat actors — are frequently provided unfettered access to valuable data sources and networked assets, according to Ivanti. Executives access unauthorized work data While 96% of leaders say they
Cybersecurity habits and behaviors executives need to be aware of Read More »
Public exposure of data breaches is becoming inevitable 01/11/2023 at 09:01 By Help Net Security Ransomware incidents rising again as criminals use data exfiltration and supply chain attacks to maximize their leverage, according to Allianz. Allianz Commercial analysis of large cyber losses shows the number of cases in which data is exfiltrated is soaring, as
Public exposure of data breaches is becoming inevitable Read More »
Product showcase: LayerX browser security extension 01/11/2023 at 08:32 By Help Net Security The browser has become the main workspace in modern organizations. It’s where employees create and interact with data, and how they access organizational and external SaaS and web apps. That’s why the browser is extensively targeted by adversaries. They seek to steal
Product showcase: LayerX browser security extension Read More »
Ransomware attacks set to break records in 2023 01/11/2023 at 08:01 By Help Net Security Ransomware attacks continue at a record-breaking pace, with Q3 2023 global ransomware attack frequency up 11% over Q2 and 95% year-over-year (YoY), according to Corvus Insurance. In its Q2 2023 Global Ransomware Report, Corvus noted a significant resurgence in global
Ransomware attacks set to break records in 2023 Read More »
Mainframes are around to stay, it’s time to protect them 01/11/2023 at 07:31 By Help Net Security While many organizations run their core business applications on the mainframe, IT leaders lack confidence in the effectiveness of their mainframe security compliance, signaling a need for more robust security practices, according to Rocket Software. For decades, mainframe
Mainframes are around to stay, it’s time to protect them Read More »
The hidden costs of Java, and the impact of pricing changes 01/11/2023 at 07:01 By Help Net Security An overwhelming 98% of all the businesses surveyed use Java in their software applications or infrastructure, and 57% of those organizations indicate that Java is the backbone of most of their applications, according to Azul. When including
The hidden costs of Java, and the impact of pricing changes Read More »
Infosec products of the month: October 2023 01/11/2023 at 06:32 By Help Net Security Here’s a look at the most interesting products from the past month, featuring releases from: Appdome, Arcitecta, AuditBoard, BackBox, Cloaked, ComplyCube, Darktrace, Data Theorem, Flexxon, Fortanix, Fortinet, Jumio, LogicMonitor, Malwarebytes, ManageEngine, Nutanix, Prevalent, Progress, SailPoint, Thales, Vanta, Veriff, and Wazuh. Veriff
Infosec products of the month: October 2023 Read More »
Israel Calls In Hackers And Spyware Companies To Break Into Abductees’ Phones 31/10/2023 at 17:33 By Thomas Brewster, Forbes Staff The whole of Israel’s hacker ecosystem “is devoted to the effort to gather any kind of information,” one analyst tells Forbes. This article is an excerpt from Forbes – Cybersecurity View Original Source
Israel Calls In Hackers And Spyware Companies To Break Into Abductees’ Phones Read More »
BiBi-Linux wiper targets Israeli companies 31/10/2023 at 15:01 By Helga Labus Attackers have started using new wiper malware called BiBi-Linux to attack Israeli companies and destroy their data. The BiBi-Linux wiper The Security Joes Incident Response team found the malware during a forensics investigation of a breach within an Israeli company. “This malware is an
BiBi-Linux wiper targets Israeli companies Read More »
Atlassian patches critical Confluence bug, urges for immediate action (CVE-2023-22518) 31/10/2023 at 13:16 By Zeljka Zorz Atlassian is urging enterprise administrators to update their on-premises Confluence Data Center and Server installations quickly to plug a critical security vulnerability (CVE-2023-22518) that could lead to “significant data loss if exploited by an unauthenticated attacker.” About CVE-2023-22518 CVE-2023-22518
Atlassian patches critical Confluence bug, urges for immediate action (CVE-2023-22518) Read More »
SolarWinds and CISO accused of fraud, control failures 31/10/2023 at 11:16 By Help Net Security The Securities and Exchange Commission announced charges against SolarWinds and its CISO, Timothy G. Brown, for fraud and internal control failures relating to allegedly known cybersecurity risks and vulnerabilities. The complaint alleges that, from at least its October 2018 initial
SolarWinds and CISO accused of fraud, control failures Read More »