News

From Windows 9x to 11: Tracing Microsoft’s security evolution

CISA, CISO, cybersecurity, Don't miss, Features, Hot stuff, Linux, macOS, Microsoft, News, opinion, strategy, Tenable, Windows /

From Windows 9x to 11: Tracing Microsoft’s security evolution 31/10/2023 at 09:01 By Mirko Zorz Over its journey from Windows 9x to Windows 11, Microsoft has implemented multiple security overhauls, each addressing the challenges of its time and setting the stage for future developments. In this Help Net Security interview, we feature security researcher Alex […]

From Windows 9x to 11: Tracing Microsoft’s security evolution Read More »

A closer look at healthcare’s battle with AI-driven attacks

access control, Artificial Intelligence, attacks, authentication, biometrics, cybercrime, cybersecurity, data breach, deepfakes, Don't miss, FBI, Features, fraud, healthcare, Hot stuff, medical devices, MFA, Moss Adams, News, opinion, Privacy, Ransomware /

A closer look at healthcare’s battle with AI-driven attacks 31/10/2023 at 08:02 By Mirko Zorz With its wealth of sensitive patient data, the healthcare industry has become a prime target for cybercriminals leveraging AI tools. As these threats continue to evolve, it’s important to understand how AI is shaping the cybercrime landscape in healthcare and

A closer look at healthcare’s battle with AI-driven attacks Read More »

The hidden costs of data breaches for small businesses

cybercrime, cybersecurity, data, data breach, Identity Theft Resource Center, News, Ping Identity, report, Shred-it, survey /

The hidden costs of data breaches for small businesses 31/10/2023 at 07:01 By Help Net Security Nearly 8 in 10 small business leaders admit they are anxious about the safety of their company’s sensitive data and information, according to Shred-it. According to the Identity Theft Resource Center’s report, the number of data breaches remains in

The hidden costs of data breaches for small businesses Read More »

F5 fixes critical BIG-IP vulnerability (CVE-2023-46747)

Don't miss, enterprise, F5 Networks, Hot stuff, News, patch, Praetorian, traffic monitoring, vulnerability /

F5 fixes critical BIG-IP vulnerability (CVE-2023-46747) 30/10/2023 at 18:46 By Helga Labus F5 Networks has released hotfixes for three vulnerabilities affecting its BIG-IP multi-purpose networking devices/modules, including a critical authentication bypass vulnerability (CVE-2023-46747) that could lead to unauthenticated remote code execution (RCE). About CVE-2023-46747 Discovered and reported by Thomas Hendrickson and Michael Weber of Praetorian

F5 fixes critical BIG-IP vulnerability (CVE-2023-46747) Read More »

White House issues Executive Order for safe, secure, and trustworthy AI

Artificial Intelligence, critical infrastructure, cybersecurity, DHS, framework, Government, legislation, News, NIST, Privacy, regulation, software, standards, strategy, USA /

White House issues Executive Order for safe, secure, and trustworthy AI 30/10/2023 at 15:47 By Help Net Security President Biden issued a landmark Executive Order to ensure that America leads the way in seizing the promise and managing the risks of artificial intelligence (AI). New standards for AI safety and security As AI’s capabilities grow,

White House issues Executive Order for safe, secure, and trustworthy AI Read More »

Citrix Bleed: Mass exploitation in progress (CVE-2023-4966)

Assetnote, Citrix, Don't miss, exploit, hardware, Hot stuff, Mandiant, NetScaler, News, Ransomware, vulnerability /

Citrix Bleed: Mass exploitation in progress (CVE-2023-4966) 30/10/2023 at 14:46 By Zeljka Zorz CVE-2023-4966, aka “Citrix Bleed”, a critical information disclosure vulnerability affecting Citrix NetScaler ADC/Gateway devices, is being massively exploited by threat actors. According to security researcher Kevin Beaumont’s cybersecurity industry sources, one ransomware group has already distributed a Python script to automate the

Citrix Bleed: Mass exploitation in progress (CVE-2023-4966) Read More »

Logging Made Easy: Free log management solution from CISA

CISA, Don't miss, GitHub, Hot stuff, log management, logging, NCSC, News, open source, software, Windows /

Logging Made Easy: Free log management solution from CISA 30/10/2023 at 13:17 By Help Net Security CISA launched a new version of Logging Made Easy (LME), a straightforward log management solution for Windows-based devices that can be downloaded and self-installed for free. CISA’s version reimagines technology developed by the United Kingdom’s National Cyber Security Centre

Logging Made Easy: Free log management solution from CISA Read More »

Google expands bug bounty program to cover AI-related threats

Artificial Intelligence, bug bounty, Don't miss, Google, Hot stuff, News /

Google expands bug bounty program to cover AI-related threats 30/10/2023 at 12:18 By Helga Labus Google has expanded its bug bounty program, aka Vulnerability Rewards Program (VRP), to cover threats that could arise from Google’s generative AI systems. Google’s AI bug bounty program Following the voluntary commitment to the Biden-⁠Harris Administration to develop responsible AI

Google expands bug bounty program to cover AI-related threats Read More »

The dangers of dual ransomware attacks

attacks, authentication, backup, CIO, CISO, Cohesity, collaboration, cybersecurity, data management, data security, digital forensics, disaster recovery, Don't miss, Expert analysis, Expert corner, Hot stuff, Incident Response, News, opinion, Ransomware /

The dangers of dual ransomware attacks 30/10/2023 at 09:32 By Help Net Security At some point in the movie “Groundhog Day,” Phil Connors breaks his bedside radio when he is woken up (yet again) by the song “I Got You Babe”. This déjà vu seems to await companies that fall victim to ransomware and fail

The dangers of dual ransomware attacks Read More »

AI threat landscape: Model theft and inference attacks emerge as top concerns

Artificial Intelligence, CISO, collaboration, cybersecurity, data, Don't miss, Features, generative AI, guidelines, Hot stuff, News, opinion, policy, regulation, risk, SaaS, Savvy /

AI threat landscape: Model theft and inference attacks emerge as top concerns 30/10/2023 at 08:31 By Mirko Zorz Generative AI has emerged as a powerful tool, heralded for its potential but also scrutinized for its implications. Enterprises will invest nearly $16 billion worldwide on GenAI solutions in 2023, according to IDC. In this Help Net

AI threat landscape: Model theft and inference attacks emerge as top concerns Read More »

Companies scramble to integrate immediate recovery into ransomware plans

cyber insurance, Data Protection, disaster recovery, News, Ransomware, report, strategy, survey, Zerto /

Companies scramble to integrate immediate recovery into ransomware plans 30/10/2023 at 08:01 By Help Net Security More than one-third of companies still do not have a well-rounded, holistic ransomware strategy in place, according to Zerto. Immediate recovery crucial for businesses’ survival The survey also found that companies are reevaluating their data protection and cyber resilience

Companies scramble to integrate immediate recovery into ransomware plans Read More »

Cyber attacks cause revenue losses in 42% of small businesses

cyber insurance, cybersecurity, data, data breach, Identity Theft Resource Center, News, Privacy, report, survey /

Cyber attacks cause revenue losses in 42% of small businesses 30/10/2023 at 07:32 By Help Net Security 85% of small business leaders say they are ready to respond to a cyber incident despite a record-high 73% reporting an attack in 2023, according to Identity Theft Resource Center. Employee and consumer data continue to be the

Cyber attacks cause revenue losses in 42% of small businesses Read More »

Week in review: VMware patches critical vulnerability, 1Password affected by Okta breach

News, Week in review /

Week in review: VMware patches critical vulnerability, 1Password affected by Okta breach 29/10/2023 at 12:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: GOAD: Vulnerable Active Directory environment for practicing attack techniques Game of Active Directory (GOAD) is a free pentesting lab. It provides

Week in review: VMware patches critical vulnerability, 1Password affected by Okta breach Read More »

Apple news: iLeakage attack, MAC address leakage bug

apple, attack, data theft, Don't miss, Hot stuff, iOS, iPad, macOS, Mysk, News, Privacy, research, vulnerability /

Apple news: iLeakage attack, MAC address leakage bug 27/10/2023 at 12:31 By Zeljka Zorz On Wednesday, Apple released security updates for all supported branches of iOS and iPadOS, macOS, tvOS, watchOS and Safari. This time around, the updates did not garner as much attention as when they deliver a zero-day fix, though it has to

Apple news: iLeakage attack, MAC address leakage bug Read More »

Raven: Open-source CI/CD pipeline security scanner

cybersecurity, Cycode, Don't miss, GitHub, News, open source, scanning /

Raven: Open-source CI/CD pipeline security scanner 27/10/2023 at 08:32 By Help Net Security Raven (Risk Analysis and Vulnerability Enumeration for CI/CD) is an open-source CI/CD pipeline security scanner that makes hidden risks visible by connecting the dots across vulnerabilities woven throughout the pipeline that, when viewed collectively, reveal a much greater risk than when assessed

Raven: Open-source CI/CD pipeline security scanner Read More »

New infosec products of the week: October 27, 2023

Darktrace, Data Theorem, Jumio, Malwarebytes, News, Progress, Wazuh /

New infosec products of the week: October 27, 2023 27/10/2023 at 08:02 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Darktrace, Data Theorem, Jumio, Malwarebytes, Progress, and Wazuh. Progress Flowmon ADS 12.2 AI offers advanced security event monitoring Flowmon ADS 12.2 harnesses the power

New infosec products of the week: October 27, 2023 Read More »

IoT security threats highlight the need for zero trust principles

critical infrastructure, cybercrime, cybercriminals, data, DDoS, IoT, Malware, News, report, survey, zero trust, Zscaler /

IoT security threats highlight the need for zero trust principles 27/10/2023 at 07:31 By Help Net Security The high number of attacks on IoT devices represents a 400% increase in malware compared to the previous year, according to Zscaler. The increasing frequency of malware attacks targeting IoT devices is a significant concern for OT security,

IoT security threats highlight the need for zero trust principles Read More »

SMBs at risk as AI misconceptions lead to overconfidence

Artificial Intelligence, cybercriminals, cybersecurity, Devolutions, Malware, News, Ransomware, report, SMBs, survey, training /

SMBs at risk as AI misconceptions lead to overconfidence 27/10/2023 at 07:03 By Help Net Security Despite advancements in IT security measures, SMBs remain firmly in the crosshairs of cybercriminals, according to Devolutions. Ransomware payments and IoT malware incidents soar Spikes in incidents such as ransomware payments and IoT malware attacks indicate that this year

SMBs at risk as AI misconceptions lead to overconfidence Read More »

AI strengthens banking’s defense against fraud

Artificial Intelligence, biometrics, cybersecurity, Entrust, fraud, identity, identity verification, News, online banking, online payment, report, survey /

AI strengthens banking’s defense against fraud 27/10/2023 at 06:32 By Help Net Security Consumers are ready for the next wave of payment technology, including deployment of AI-driven biometrics to verify identity in digital-first account opening processes, according to Entrust. The key to future payment solutions 63% of respondents indicated that they are comfortable with AI

AI strengthens banking’s defense against fraud Read More »

AI-related security fears drive 2024 IT spending

Artificial Intelligence, CIO, Cloud, cybersecurity, Gartner, generative AI, investment, News, report, security spending, survey /

AI-related security fears drive 2024 IT spending 27/10/2023 at 06:02 By Help Net Security Worldwide IT spending is projected to total $5.1 trillion in 2024, an increase of 8% from 2023, according to Gartner. 2024 set to see strong public cloud spending growth While generative AI has not yet had a material impact on IT

AI-related security fears drive 2024 IT spending Read More »

Scroll to Top