SMBs seek help as cyber threats reach an all-time high 18/10/2023 at 06:32 By Help Net Security Understanding the evolving threat landscape is the biggest cybersecurity challenge facing SMBs, including non-for-profit organizations – and more than half are calling for help to manage the risks, according to Sage. Globally, 48% of SMBs have experienced a […]
SMBs seek help as cyber threats reach an all-time high Read More »
Generative AI merges with intelligent malware, threat level rises 18/10/2023 at 06:00 By Help Net Security There has been a 44% increase in organized ID fraud in North America compared to preceding quarters, according to AU10TIX. This upsurge is believed to be driven by the ongoing economic recovery and inflationary pressures, particularly in the US
Generative AI merges with intelligent malware, threat level rises Read More »
Secure source code but vulnerable app: Tackle compiler-born vulnerabilities 18/10/2023 at 05:47 By Help Net Security In the pursuit of optimized performance, modern compilers employ sophisticated techniques, translating high-level source code into efficient, executable programs. However, this advanced translation sometimes inadvertently weaves vulnerabilities into the fabric of the end product. Unbeknownst to many, these obscure
Secure source code but vulnerable app: Tackle compiler-born vulnerabilities Read More »
Valve introduces SMS-based confirmation to prevent malicious games on Steam 17/10/2023 at 16:32 By Helga Labus Video game publisher/digital distribution company Valve is forcing developers who publish games on its Steam platform to “validate” new builds with a confirmation code received via SMS. The Steam SMS confirmation requirement Valve sent out notices last month to
Valve introduces SMS-based confirmation to prevent malicious games on Steam Read More »
Researchers warn of increased malware delivery via fake browser updates 17/10/2023 at 13:32 By Zeljka Zorz ClearFake, a recently documented threat leveraging compromised WordPress sites to push malicious fake browser updates, is likely operated by the threat group behind the SocGholish “malware delivery via fake browser updates” campaigns, Sekoia researchers have concluded. About ClearFake ClearFake
Researchers warn of increased malware delivery via fake browser updates Read More »
How to go from collecting risk data to actually reducing risk? 17/10/2023 at 08:17 By Help Net Security Organizations trying to cope with securing their expanding attack surfaces eventually find themselves at a crossroads: they need to move beyond finding risks to effectively mitigating risk. Making that transition starts with a shift from using “risks
How to go from collecting risk data to actually reducing risk? Read More »
The collaborative power of CISOs, CTOs and CIOs for a secure future 17/10/2023 at 07:03 By Mirko Zorz In this Help Net Security interview, Phil Venables, CISO at Google Cloud, discusses the results of a recent Google report on board collaboration with the C-suite — particularly the CIO, CTO, and CISO to stay current with
The collaborative power of CISOs, CTOs and CIOs for a secure future Read More »
One in five CISOs miss out on pay raise 17/10/2023 at 07:03 By Help Net Security The CISO role was partially shielded from the macroeconomic challenges of 2023, according to a new research from IANS and Artico Search. 20% of CISOs did not receive a raise The most recent average CISO total compensation increase was
One in five CISOs miss out on pay raise Read More »
Cyberattacks on healthcare organizations affect patient care 17/10/2023 at 06:32 By Help Net Security 88% of organizations experienced an average of 40 attacks in the past 12 months, according to a survey conducted by the Proofpoint and Ponemon Institute. Supply chain attacks: Leading patient care risk The average total cost of a cyberattack experienced by
Cyberattacks on healthcare organizations affect patient care Read More »
Anticipating the benefits of a passwordless tomorrow 17/10/2023 at 06:02 By Help Net Security Businesses are actively moving to eradicate passwords from employees’ lives, with 89% of IT leaders expecting passwords to represent less than a quarter of their organization’s logins within five years or less, according to a FIDO Alliance and LastPass report. Moving
Anticipating the benefits of a passwordless tomorrow Read More »
Essential cyber hygiene: Making cyber defense cost effective 17/10/2023 at 05:32 By Help Net Security Strengthening your cyber defenses can be a daunting task. Where do you start? Which tools do you use? How much will it cost? And, what do you risk losing if you do nothing? It’s not always easy to answer these
Essential cyber hygiene: Making cyber defense cost effective Read More »
ELITEWOLF: NSA’s repository of signatures and analytics to secure OT 17/10/2023 at 05:02 By Help Net Security Cyber entities continue to show a persistent interest in targeting critical infrastructure by taking advantage of vulnerable OT assets. To counter this threat, NSA has released a repository for OT Intrusion Detection Signatures and Analytics to the NSA
ELITEWOLF: NSA’s repository of signatures and analytics to secure OT Read More »
Cisco IOS XE zero-day exploited by attackers to deliver implant (CVE-2023-20198) 16/10/2023 at 22:33 By Zeljka Zorz A previously unknown vulnerability (CVE-2023-20198) affecting networking devices running Cisco IOS XE software is being exploited by a threat actor to take control of the devices and install an implant, Cisco Talos researchers have warned today. About CVE-2023-20198
Cisco IOS XE zero-day exploited by attackers to deliver implant (CVE-2023-20198) Read More »
Compromised Skype accounts deliver DarkGate malware to employees 16/10/2023 at 16:46 By Helga Labus A threat actor is using compromised Skype accounts to deliver the DarkGate malware to target organizations, Trend Micro researchers have warned. “Versions of DarkGate have been advertised on Russian language forum eCrime since May 2023. Since then, an increase in the
Compromised Skype accounts deliver DarkGate malware to employees Read More »
Microsoft announces AI bug bounty program 16/10/2023 at 15:18 By Zeljka Zorz Microsoft is offering up to $15,000 to bug hunters that pinpoint vulnerabilities of Critical or Important severity in its AI-powered “Bing experience”. “The new Microsoft AI bounty program comes as a result of key investments and learnings over the last few months, including
Microsoft announces AI bug bounty program Read More »
DIY attack surface management: Simple, cost-effective and actionable perimeter insights 16/10/2023 at 11:46 By Help Net Security Modern-day attack surface management (ASM) can be an intimidating task for most organizations, with assets constantly changing due to new deployments, assets being decommissioned, and ongoing migrations to cloud providers. Assets can be created and forgotten about, only
DIY attack surface management: Simple, cost-effective and actionable perimeter insights Read More »
CISOs and board members are finding a common language 16/10/2023 at 07:39 By Help Net Security 86% of CISOs believe generative AI will alleviate skills gaps and talent shortages on the security team, filling labor-intensive and time-consuming security functions and freeing up security professionals to be more strategic, according to Splunk. 35% report using generative
CISOs and board members are finding a common language Read More »
Inadequate IoT protection can be a costly mistake 16/10/2023 at 06:34 By Help Net Security 97% of organizations are struggling to secure their IoT and connected products to some degree, according to Keyfactor. The research survey also found that 98% of organizations experienced certificate outages in the last 12 months, costing an average of over
Inadequate IoT protection can be a costly mistake Read More »
Week in review: Patched curl and libcurl vulnerability, 15 free M365 security training modules 15/10/2023 at 11:06 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Turning military veterans into cybersecurity experts In this Help Net Security interview, James Murphy, the Director of the TechVets
New infosec products of the week: October 13, 2023 13/10/2023 at 07:46 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Appdome, Flexxon, Fortanix, Fortinet, SailPoint, and Vanta. Flexxon Xsign protects sensitive data reserved only for authorized personnel With the use of the Xsign hardware
New infosec products of the week: October 13, 2023 Read More »