News

PostgreSQL 16: Where enhanced security meets high performance

database management, database security, News, open source, PostgreSQL /

PostgreSQL 16: Where enhanced security meets high performance 18/09/2023 at 06:03 By Help Net Security PostgreSQL is an open-source object-relational database platform with a track record of over 25 years of ongoing development. Its reputation is solid for its reliability, extensive features, and high performance. PostgreSQL 16 enhances its performance through significant upgrades in query […]

PostgreSQL 16: Where enhanced security meets high performance Read More »

Week in review: 17 free AWS cybersecurity courses, exploited Chrome zero-day

News, Week in review /

Week in review: 17 free AWS cybersecurity courses, exploited Chrome zero-day 17/09/2023 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: The blueprint for a highly effective EASM solution In this Help Net Security interview, Adrien Petit, CEO at Uncovery, discusses the benefits

Week in review: 17 free AWS cybersecurity courses, exploited Chrome zero-day Read More »

Modernizing fraud prevention with machine learning

authentication, biometrics, cybersecurity, Don't miss, Experian, Expert analysis, Expert corner, fraud, Hot stuff, identity, identity theft, machine learning, News, opinion, Privacy /

Modernizing fraud prevention with machine learning 15/09/2023 at 08:33 By Help Net Security The number of digital transactions has skyrocketed. As consumers continue to spend and interact online, they have growing expectations for security and identity verification. As fraudsters become savvier and more opportunistic, there’s an increased need for businesses to protect customers from fraud

Modernizing fraud prevention with machine learning Read More »

New infosec products of the week: September 15, 2023

Armis, Cisco, CTERA, Kingston Digital, News, Purism, Swissbit /

New infosec products of the week: September 15, 2023 15/09/2023 at 08:02 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Armis, Cisco, CTERA, Kingston Digital, Purism, and Swissbit. Librem 11 tablet sets new standard for privacy and security with Linux-based PureOS Purism introduced the

New infosec products of the week: September 15, 2023 Read More »

Enterprises persist with outdated authentication strategies

attacks, authentication, cybercriminals, cybersecurity, dark web, Don't miss, Enzoic, MFA, News, password management, passwordless, passwords, policy, report, strategy, vulnerability assessment /

Enterprises persist with outdated authentication strategies 15/09/2023 at 07:33 By Help Net Security Despite authentication being a cornerstone of cybersecurity, risk mitigation strategies remain outdated, according to new research from Enzoic. With the attack surface expanding and the increasing sophistication of cyber threats, organizations are struggling to deliver secure and user-friendly authentication. The research uncovered

Enterprises persist with outdated authentication strategies Read More »

Cybersecurity risks dampen corporate enthusiasm for tech investments

5G, access control, Artificial Intelligence, cybersecurity, generative AI, HPE, hybrid cloud, Innovation, machine learning, network, News, remote working, report, SASE /

Cybersecurity risks dampen corporate enthusiasm for tech investments 15/09/2023 at 07:02 By Help Net Security 64% of IT leaders believe that cybersecurity concerns are negatively impacting their organization’s willingness to invest in innovative tech, according to a report by HPE Aruba Networking. This is perhaps unsurprising as 91% either consider emerging tech a danger or

Cybersecurity risks dampen corporate enthusiasm for tech investments Read More »

Generative AI lures DevOps and SecOps into risky territory

Application Security, Artificial Intelligence, cybersecurity, DevOps, generative AI, Government, News, open source, regulation, report, Sonatype, survey /

Generative AI lures DevOps and SecOps into risky territory 15/09/2023 at 06:36 By Help Net Security Application security leaders are more optimistic than developer leaders on generative AI, though both agree it will lead to more pervasive security vulnerabilities in software development, according to Sonatype. According to the surveyed DevOps and SecOps leaders, 97% are

Generative AI lures DevOps and SecOps into risky territory Read More »

Securing OTA with Harman International’s Michal Geva

automotive security, connected cars, Cybellum, cybersecurity, News, OTA, podcast, software, update /

Securing OTA with Harman International’s Michal Geva 15/09/2023 at 06:02 By Help Net Security The once far-off vision of remotely updating software without needing to bring it into a service center was initially designed for bug fixes and cybersecurity updates. Today, over-the-air updates (OTA) are used to activate new functionality and upgrade a vehicle– all

Securing OTA with Harman International’s Michal Geva Read More »

Attackers hit software firm Retool to get to crypto companies and assets

Cryptocurrency, cybercrime, Don't miss, Hot stuff, MFA, News, Okta, Retool, social engineering, spear-phishing, supply chain compromise /

Attackers hit software firm Retool to get to crypto companies and assets 14/09/2023 at 18:17 By Zeljka Zorz Retool, the company behind the popular development platform for building internal business software, has suffered a breach that allowed attackers to access and take over accounts of 27 cloud customers, all in the crypto industry. According to

Attackers hit software firm Retool to get to crypto companies and assets Read More »

Attackers use fallback ransomware if LockBit gets blocked

Don't miss, enterprise, Hot stuff, News, Ransomware, Symantec /

Attackers use fallback ransomware if LockBit gets blocked 14/09/2023 at 13:15 By Zeljka Zorz Your security solutions might stave off a LockBit infection, but you might still end up with encrypted files: according to Symantec’s threat researchers, some affiliates are using the 3AM ransomware as a fallback option in case LockBit gets flagged and blocked.

Attackers use fallback ransomware if LockBit gets blocked Read More »

Access control in cloud-native applications in multi-location environments (NIST SP 800-207)

Cloud, cloud computing, cloud security, News, NIST, strategy, tips, zero trust /

Access control in cloud-native applications in multi-location environments (NIST SP 800-207) 14/09/2023 at 11:47 By Help Net Security NIST released Special Publication (SP) 800-207A – “A Zero Trust Architecture Model for Access Control in Cloud-Native Applications in Multi-Location Environments.” Enterprise application environments consist of geographically distributed and loosely coupled microservices that span multiple cloud and

Access control in cloud-native applications in multi-location environments (NIST SP 800-207) Read More »

Great security training is a real challenge

CISO, Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, PagerDuty, passwords, physical security, security awareness, social engineering, training /

Great security training is a real challenge 14/09/2023 at 07:31 By Help Net Security All employees need security training, yet it’s generally a resented afterthought. A variety of studies over years show that human error is generally felt to be the largest vulnerability in organizations. For technology companies like SaaS providers, who also need to

Great security training is a real challenge Read More »

Mobile Verification Toolkit: Forensic analysis of Android and iOS devices to identify compromise

Android, computer forensics, Don't miss, iOS, mobile devices, News, smartphones /

Mobile Verification Toolkit: Forensic analysis of Android and iOS devices to identify compromise 14/09/2023 at 06:32 By Help Net Security Mobile Verification Toolkit (MVT) is a collection of utilities to simplify and automate the process of gathering forensic traces helpful to identify a potential compromise of Android and iOS devices. MVT supports using public indicators

Mobile Verification Toolkit: Forensic analysis of Android and iOS devices to identify compromise Read More »

Rising OT/ICS cybersecurity incidents reveal alarming trend

critical infrastructure, cybercrime, cybersecurity, firewall, network, News, phishing, regulation, report, Rockwell Automation, standards, strategy, supply chain attacks, survey /

Rising OT/ICS cybersecurity incidents reveal alarming trend 14/09/2023 at 06:01 By Help Net Security 60% of cyberattacks against the industrial sector are led by state-affiliated actors and often unintentionally enabled by internal personnel (about 33% of the time), according to Rockwell Automation. This corroborates other industry research showing OT/ICS (Industrial Control Systems) cybersecurity incidents are

Rising OT/ICS cybersecurity incidents reveal alarming trend Read More »

Download: Ultimate guide to Certified in Cybersecurity

ISC2, News, Whitepapers and webinars /

Download: Ultimate guide to Certified in Cybersecurity 14/09/2023 at 05:46 By Help Net Security The ultimate guide covers everything you need to know about the entry-level Certified in Cybersecurity certification and how to get started with FREE training and exam through ISC2’s 1MCC program! No experience is required, just a passion for cybersecurity. It’s all

Download: Ultimate guide to Certified in Cybersecurity Read More »

MetaStealer malware is targeting enterprise macOS users

apple, Don't miss, enterprise, Hot stuff, macOS, Malware, News /

MetaStealer malware is targeting enterprise macOS users 13/09/2023 at 14:32 By Helga Labus Enterprise macOS users are being targeted by attackers slinging new information-stealing malware dubbed MetaStealer. The MetaStealer malware MetaStealer is delivered within malicious disk image format (.dmg) files. The names of the files – such as Advertising terms of reference (MacOS presentation).dmg and

MetaStealer malware is targeting enterprise macOS users Read More »

Microsoft Teams phishing: Enterprises targeted by ransomware access broker

Don't miss, Hot stuff, initial access broker, Microsoft, Microsoft Teams, News, phishing, Ransomware /

Microsoft Teams phishing: Enterprises targeted by ransomware access broker 13/09/2023 at 12:16 By Zeljka Zorz A threat actor known for providing ransomware gangs with initial access to enterprise systems has began phishing employees via Microsoft Teams. “For this activity, Storm-0324 most likely relies on a publicly available tool called TeamsPhisher,” Microsoft threat researchers noted. About

Microsoft Teams phishing: Enterprises targeted by ransomware access broker Read More »

How should SMBs navigate the phishing minefield?

CISO, cybercrime, Don't miss, Features, News, phishing, scams, SMBs, threats, tips, Wursta /

How should SMBs navigate the phishing minefield? 13/09/2023 at 07:47 By Zeljka Zorz In this Help Net Security interview, Pete Hoff, CISO at Wursta, offers advice to SMB security leaders and professionals on how to minimize the threat phishing presents to their organization’s operations and long-term success. What makes phishing attacks particularly challenging for small

How should SMBs navigate the phishing minefield? Read More »

Serial cybersecurity founders get back in the game

CEO, cybersecurity, Don't miss, Expert analysis, Expert corner, Honeywell, Hot stuff, Microsoft, News, opinion, Palo Alto Networks, Valence Security, YL Ventures /

Serial cybersecurity founders get back in the game 13/09/2023 at 07:32 By Help Net Security “I didn’t really have a choice,” says Ben Bernstein, the former CEO and co-founder of Twistlock (acquired by Palo Alto Networks in 2019) and the CEO and co-founder of a new cybersecurity startup that is still in stealth. “Building a

Serial cybersecurity founders get back in the game Read More »

Latest fraud schemes targeting the payments ecosystem

Cryptocurrency, cybercrime, cybercriminals, cybersecurity, fraud, News, Online, Ransomware, report, survey, Visa /

Latest fraud schemes targeting the payments ecosystem 13/09/2023 at 06:33 By Help Net Security Threat actors continued to exploit technical misconfigurations through various fraud schemes, according to a new report from Visa. These include the use of malvertising and search engine optimization (SEO) techniques to cultivate compelling and effective phishing and social engineering campaigns, the

Latest fraud schemes targeting the payments ecosystem Read More »

Scroll to Top