News

Week in review: Cybersecurity cheat sheets, widely exploited Cisco zero-day, KeePass-themed malvertising

News, Week in review /

Week in review: Cybersecurity cheat sheets, widely exploited Cisco zero-day, KeePass-themed malvertising 22/10/2023 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: North Korean hackers are targeting software developers and impersonating IT workers State-sponsored North Korean hackers have significantly intensified their focus on […]

Week in review: Cybersecurity cheat sheets, widely exploited Cisco zero-day, KeePass-themed malvertising Read More »

Researchers uncover DarkGate malware’s Vietnamese connection

cybercrime, cybercriminals, Malware, News, Remote Access Trojan, WithSecure /

Researchers uncover DarkGate malware’s Vietnamese connection 20/10/2023 at 14:02 By Help Net Security WithSecure researchers have tracked attacks using DarkGate malware to an active cluster of cybercriminals operating out of Vietnam. DarkGate is a remote access trojan (RAT) that has been used in attacks since at least 2018 and is currently available to cybercriminals as

Researchers uncover DarkGate malware’s Vietnamese connection Read More »

North Korean hackers are targeting software developers and impersonating IT workers

APT, Don't miss, FBI, Hot stuff, Insider Threat, Microsoft, News, North Korea, software development, supply chain compromise, vulnerability /

North Korean hackers are targeting software developers and impersonating IT workers 20/10/2023 at 13:52 By Helga Labus State-sponsored North Korean hackers have significantly intensified their focus on the IT sector in recent years, by infiltrating firms developing software and companies lookind for IT workers. North Korean hackers targeting developers Microsoft has outlined on Wednesday how

North Korean hackers are targeting software developers and impersonating IT workers Read More »

New infosec products of the week: October 20, 2023

Arcitecta, AuditBoard, BackBox, News, Prevalent, Thales /

New infosec products of the week: October 20, 2023 20/10/2023 at 08:03 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Arcitecta, AuditBoard, BackBox, Prevalent, and Thales. Thales introduces SafeNet IDPrime FIDO Bio Smart Card The SafeNet IDPrime FIDO Bio Smart Card facilitates end user

New infosec products of the week: October 20, 2023 Read More »

Legacy authentication leads to growing consumer frustration

apple, authentication, biometrics, FIDO Alliance, generative AI, Google, News, passwordless, passwords, PayPal, report, scams, survey /

Legacy authentication leads to growing consumer frustration 20/10/2023 at 07:31 By Help Net Security Despite widespread usage of passwords lingering on, consumers want to use stronger, more user-friendly alternatives, according to FIDO Alliance. Entering a password manually without any form of additional authentication was the most commonly used authentication method across the use cases tracked

Legacy authentication leads to growing consumer frustration Read More »

The real impact of the cybersecurity poverty line on small organizations

Afni, CISO, cybersecurity, Don't miss, Features, framework, Hot stuff, MFA, News, opinion, policy, resilience, risk, risk assessment, strategy, threats /

The real impact of the cybersecurity poverty line on small organizations 20/10/2023 at 07:03 By Mirko Zorz The financial constraints many smaller organizations face often cast shadows on their ability to fortify defenses. In this Help Net Security interview, Brent Deterding, CISO at Afni, delves into the realities and myths surrounding the cybersecurity poverty line,

The real impact of the cybersecurity poverty line on small organizations Read More »

GenAI investments surge, anticipated to hit $143 billion by 2027

Artificial Intelligence, generative AI, IDC, investment, News, report, software, survey /

GenAI investments surge, anticipated to hit $143 billion by 2027 20/10/2023 at 06:33 By Help Net Security Enterprises will invest nearly $16 billion worldwide on GenAI solutions in 2023, according to IDC. This spending, which includes GenAI software and related infrastructure hardware and IT/business services, is expected to reach $143 billion in 2027 with a

GenAI investments surge, anticipated to hit $143 billion by 2027 Read More »

The double-edged sword of heightened regulation for financial services

cybercriminals, cybersecurity, Data Protection, financial industry, Malware, News, regulation, report, supply chain, Trustwave /

The double-edged sword of heightened regulation for financial services 20/10/2023 at 06:04 By Help Net Security Financial services organizations are enticing targets for cybercriminals due to their significant wealth holdings, presenting abundant opportunities for monetary gain through extortion, theft, and fraud, according to Trustwave. In addition to the money itself, the financial services sector stores

The double-edged sword of heightened regulation for financial services Read More »

Google Play Protect takes on malicious apps with code-level scanning

Android, app, Application Security, Don't miss, Google, Google Play, Hot stuff, Malware, News, scanning /

Google Play Protect takes on malicious apps with code-level scanning 19/10/2023 at 13:47 By Helga Labus Google is enhancing Google Play Protect’s real-time scanning to include code-level scanning, to keep Android devices safe from malicious and unwanted apps, especially those downloaded (or sideloaded) from outside of the Google Play app store – whether from third-party

Google Play Protect takes on malicious apps with code-level scanning Read More »

2024 cybersecurity predictions: GenAI edition

Artificial Intelligence, cybersecurity, Don't miss, Expert analysis, Expert corner, generative AI, Hot stuff, News, opinion, Stellar Cyber /

2024 cybersecurity predictions: GenAI edition 19/10/2023 at 12:36 By Help Net Security Unless you have lived under a rock for the past year, you know that generative artificial intelligence applications, such as ChatGPT, have penetrated many aspects of our online lives. From generating marketing content, creating images for advertisements and blogs, or even writing malicious

2024 cybersecurity predictions: GenAI edition Read More »

Google ads for KeePass, Notepad++ lead to malware

consumer, Don't miss, enterprise, Google Search, Hot stuff, KeePass, malvertising, Malware, Malwarebytes, News, search engine, SMBs /

Google ads for KeePass, Notepad++ lead to malware 19/10/2023 at 12:16 By Zeljka Zorz Users using Google to search for and download the KeePass password manager and the Notepad++ text editor may have inadvertently gotten saddled with malware, says Jérôme Segura, Director of Threat Intelligence at Malwarebytes. Malvertising via search engine ads is a constant,

Google ads for KeePass, Notepad++ lead to malware Read More »

The must-knows about low-code/no-code platforms

Artificial Intelligence, automation, cybersecurity, DevSecOps, Digital.ai, Don't miss, Expert analysis, Expert corner, generative AI, Hot stuff, News, opinion /

The must-knows about low-code/no-code platforms 19/10/2023 at 08:03 By Help Net Security The era of AI has proven that machine learning technologies have a unique and effective capability to streamline processes that alter the ways we live and work. We now have the option to listen to playlists carefully curated to match our taste by

The must-knows about low-code/no-code platforms Read More »

Reinforcing cybersecurity: The network’s role to prevent, detect, and respond to attacks

cybersecurity, data breach, data loss prevention, DNS, Don't miss, Expert analysis, Expert corner, Hot stuff, Kentik, network, News, opinion /

Reinforcing cybersecurity: The network’s role to prevent, detect, and respond to attacks 19/10/2023 at 07:34 By Help Net Security It’s always DNS. That’s what the famous internet meme popular among sysadmins says anyway. It’s funny because while clearly, every network issue doesn’t resolve to some funky DNS issue, too many network admins have banged their

Reinforcing cybersecurity: The network’s role to prevent, detect, and respond to attacks Read More »

Cyber resilience starts in the C-suite

automation, Cloud, Commvault, cyber resilience, cybersecurity, data loss prevention, Encryption, IDC, Malware, News, Ransomware, report, strategy, survey /

Cyber resilience starts in the C-suite 19/10/2023 at 06:33 By Help Net Security In many cases, senior executives/line-of-business leaders are minimally engaged in their company’s cyber preparedness initiatives — only 33% of CEOs or managing directors and 21% of other senior leaders are heavily involved, according to Commvault. According to the research, 52% of senior

Cyber resilience starts in the C-suite Read More »

Business resilience becomes primary force behind cybersecurity investments

access management, Artificial Intelligence, cyber resilience, cybersecurity, identity management, Incident Response, investment, monitoring, News, Nixu, report, Risk Management, survey /

Business resilience becomes primary force behind cybersecurity investments 19/10/2023 at 06:03 By Help Net Security Over 80% of northern European organizations emphasize that the need to ensure business resilience is the top driver for their cybersecurity investments, according to Nixu. The report reveals both encouraging progress and increasing concerns. Alarmingly, 50% of organizations reach only

Business resilience becomes primary force behind cybersecurity investments Read More »

State-sponsored APTs are leveraging WinRAR bug

APT, Don't miss, DuskRise, exploit, Google, government-backed attacks, Hot stuff, News, phishing, spear-phishing, WinRAR /

State-sponsored APTs are leveraging WinRAR bug 18/10/2023 at 18:21 By Zeljka Zorz A number of government-backed APTs are exploiting CVE-2023-38831, a file extension spoofing vulnerability in WinRAR, a widely used file archiver utility for Windows. CVE-2023-38831 has been patched in August 2023, along with another high-severity RCE vulnerability (CVE-2023-40477). Exploited as a zero-day by cybercriminals

State-sponsored APTs are leveraging WinRAR bug Read More »

Citrix NetScaler bug exploited in the wild since August (CVE-2023-4966)

0-day, Citrix, Don't miss, exploit, Hot stuff, Mandiant, News, security update /

Citrix NetScaler bug exploited in the wild since August (CVE-2023-4966) 18/10/2023 at 17:18 By Helga Labus A recently patched Citrix NetScaler ADC/Gateway information disclosure vulnerability (CVE-2023-4966) has been exploited by attackers in the wild since late August 2023, Mandiant researchers have revealed. About CVE-2023-4966 Citrix’s security advisory, published on October 10, says that the vulnerability

Citrix NetScaler bug exploited in the wild since August (CVE-2023-4966) Read More »

Jupyter Notebooks targeted by cryptojackers

AWS, Cado Security, Cloud, cryptojacking, Don't miss, Google Cloud, Hot stuff, Malware, News /

Jupyter Notebooks targeted by cryptojackers 18/10/2023 at 14:36 By Helga Labus Cryptojackers are targeting exposed Jupyter Notebooks to install cryptominers and steal credential files for popular cloud services, researchers have uncovered. What are Jupyter Notebooks? “Jupyter is a service that allows you to host individual snippets of code and lets others execute this code in

Jupyter Notebooks targeted by cryptojackers Read More »

The evolution of deception tactics from traditional to cyber warfare

Acalvio, Artificial Intelligence, automation, CISA, cyber resilience, cybersecurity, Cyberwarfare, data, deception, digital transformation, Don't miss, Features, framework, Government, Hot stuff, News, opinion, regulation, strategy, USA /

The evolution of deception tactics from traditional to cyber warfare 18/10/2023 at 07:33 By Mirko Zorz Admiral James A. Winnefeld, USN (Ret.), is the former vice chairman of the Joint Chiefs of Staff and is an advisor to Acalvio Technologies. In this Help Net Security interview, he compares the strategies of traditional and cyber warfare,

The evolution of deception tactics from traditional to cyber warfare Read More »

10 essential cybersecurity cheat sheets available for free

cloud security, cybersecurity, Don't miss, guide, Hot stuff, Incident Response, Linux, News, skill development, strategy, tips, Windows /

10 essential cybersecurity cheat sheets available for free 18/10/2023 at 07:02 By Help Net Security Cheat sheets are concise, to-the-point references tailored for instant insights. This article provides a curated list of 10 essential cybersecurity cheat sheets, all free to download. Whether you’re seeking a quick refresher or a beginner trying to make sense of

10 essential cybersecurity cheat sheets available for free Read More »

Scroll to Top