News

The surge in cyber insurance and what it means for your business

Arctic Wolf Networks, Coalition, CyberCube, Don't miss, Hornetsecurity, News, Optiv Security, Proofpoint, report, survey, Veeam Software /

The surge in cyber insurance and what it means for your business 2024-09-23 at 06:01 By Help Net Security The cyber insurance market is set for explosive growth as organizations increasingly seek financial protection against rising cyber threats. This surge in demand reflects a broader shift in how businesses approach risk management, viewing cyber insurance […]

React to this headline:

Loading spinner

The surge in cyber insurance and what it means for your business Read More »

Week in review: Critical VMware vCenter Server bugs fixed, Apple releases iOS 18

News, Week in review /

Week in review: Critical VMware vCenter Server bugs fixed, Apple releases iOS 18 2024-09-22 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Critical VMware vCenter Server bugs fixed (CVE-2024-38812) Broadcom has released fixes for two vulnerabilities affecting VMware vCenter Server that can

React to this headline:

Loading spinner

Week in review: Critical VMware vCenter Server bugs fixed, Apple releases iOS 18 Read More »

How to detect and stop bot activity

access management, authentication, bot, cybersecurity, device fingerprinting, Don't miss, Expert analysis, Expert corner, Fingerprint, Hot stuff, News, opinion, strategy /

How to detect and stop bot activity 2024-09-20 at 07:46 By Help Net Security Bad bot traffic continues to rise year-over-year, accounting for nearly a third of all internet traffic in 2023. Bad bots access sensitive data, perpetrate fraud, steal proprietary information, and degrade site performance. New technologies are enabling fraudsters to strike faster and

React to this headline:

Loading spinner

How to detect and stop bot activity Read More »

Striking the balance between cybersecurity and operational efficiency

CISO, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, strategy /

Striking the balance between cybersecurity and operational efficiency 2024-09-20 at 07:31 By Mirko Zorz In this Help, Net Security interview, Michael Oberlaender, ex-CISO, and book author, discusses how to strike the right balance between security and operational efficiency. Oberlaender advises companies starting their cybersecurity journey and stresses the importance of aligning with various frameworks. He

React to this headline:

Loading spinner

Striking the balance between cybersecurity and operational efficiency Read More »

Rising identity security risks: Why organizations must act now

ConductorOne, CyberArk, Don't miss, Expel, identity, IDSA, Jumio, News, Ping Identity, Regula, report, survey /

Rising identity security risks: Why organizations must act now 2024-09-20 at 07:01 By Help Net Security As the priority for managing digital identities intensifies, organizations are encountering severe identity security risks. Recent findings indicate that many businesses are struggling with frequent breaches and inadequate security measures, particularly concerning machine identities. Despite increased efforts and awareness,

React to this headline:

Loading spinner

Rising identity security risks: Why organizations must act now Read More »

New infosec products of the week: September 20, 2024

anecdotes, F5 Networks, Gcore, News, Rapid7, Strivacity, Veritas Technologies /

New infosec products of the week: September 20, 2024 2024-09-20 at 06:31 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from anecdotes, F5 Networks, Gcore, Rapid7, Strivacity, and Veritas Technologies. Veritas unveils AI-driven features to simplify cyber recovery Veritas Technologies unveiled new AI-driven capabilities to

React to this headline:

Loading spinner

New infosec products of the week: September 20, 2024 Read More »

Nextcloud Hub 9 released: New features, more security, updated performance

Cloud, cloud computing, News, open source /

Nextcloud Hub 9 released: New features, more security, updated performance 2024-09-20 at 06:01 By Help Net Security Nextcloud has launched Nextcloud Hub 9, a significant update to its open-source cloud-based collaboration platform. It introduces several new features to improve user experience, performance, and security. Enhanced security in Nextcloud Hub 9 Nextcloud Hub 9 lets you

React to this headline:

Loading spinner

Nextcloud Hub 9 released: New features, more security, updated performance Read More »

Windows users targeted with fake human verification pages delivering malware

CloudSEK, Don't miss, Hot stuff, Malware, News, Palo Alto Networks, Proofpoint, trojan, Windows /

Windows users targeted with fake human verification pages delivering malware 2024-09-19 at 17:01 By Zeljka Zorz For a while now, security researchers have been warning about fake human verification pages tricking Windows users into inadvertently installing malware. A recently exposed campaign showed how some users end up on these pages. Beware of fake human verification

React to this headline:

Loading spinner

Windows users targeted with fake human verification pages delivering malware Read More »

Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488)

access management, AmberWolf, CVE, Don't miss, enterprise, Hot stuff, News, One Identity, vulnerability /

Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488) 2024-09-19 at 15:31 By Zeljka Zorz Researchers have released technical details about CVE-2024-45488, a critical authentication bypass vulnerability affecting One Identity’s Safeguard for Privileged Passwords (SPP), which could allow attackers to gain full administrative access to the virtual appliance. “Once an attacker has gained

React to this headline:

Loading spinner

Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488) Read More »

FBI forced Flax Typhoon to abandon its botnet

botnet, China, consumer, Don't miss, DVR, enterprise, FBI, government-backed attacks, Hot stuff, IoT, Justice Department, Lumen, NAS, News, router, security cameras, SMBs /

FBI forced Flax Typhoon to abandon its botnet 2024-09-19 at 14:16 By Zeljka Zorz A botnet operated by the Chinese state-sponsored threat actor known as Flax Typhoon has been disrupted by the law enforcement agency and abandoned by the group, FBI Director Chris Wray confirmed on Wednesday. “We executed court-authorized operations to take control of

React to this headline:

Loading spinner

FBI forced Flax Typhoon to abandon its botnet Read More »

Differential privacy in AI: A solution creating more problems for developers?

Artificial Intelligence, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, Privacy, Synopsys /

Differential privacy in AI: A solution creating more problems for developers? 2024-09-19 at 08:01 By Help Net Security In the push for secure AI models, many organizations have turned to differential privacy. But is the very tool meant to protect user data holding back innovation? Developers face a tough choice: balance data privacy or prioritize

React to this headline:

Loading spinner

Differential privacy in AI: A solution creating more problems for developers? Read More »

How digital wallets work, and best practices to use them safely

cybersecurity, digital wallet, Don't miss, Hot stuff, how-to, IEEE, News, strategy, tips, Video /

How digital wallets work, and best practices to use them safely 2024-09-19 at 07:31 By Help Net Security With the adoption of digital wallets and the increasing embedding of consumer digital payments into daily life, ensuring security measures is essential. According to a McKinsey report, digital payments are now mainstream and continually evolving, bringing advancements

React to this headline:

Loading spinner

How digital wallets work, and best practices to use them safely Read More »

Essential metrics for effective security program assessment

Compliance, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, penetration testing, Pentera, security controls, security testing, SOC /

Essential metrics for effective security program assessment 2024-09-19 at 07:02 By Mirko Zorz In this Help Net Security interview, Alex Spivakovsky, VP of Research & Cybersecurity at Pentera, discusses essential metrics for evaluating the success of security programs. Spivakovsky explains how automation and proactive testing can reveal vulnerabilities and improve overall security posture. What are

React to this headline:

Loading spinner

Essential metrics for effective security program assessment Read More »

Data disposal and cyber hygiene: Building a culture of security within your organization

cyber hygiene, cybersecurity, Don't miss, Expert analysis, Expert corner, News, opinion, Stellar, strategy /

Data disposal and cyber hygiene: Building a culture of security within your organization 2024-09-19 at 06:31 By Help Net Security Data breach episodes have been constantly rising with the number of data breach victims crossing 1 billion in the first half of 2024. A recent Data Breach Report 2023 by Verizon confirms that 74% of

React to this headline:

Loading spinner

Data disposal and cyber hygiene: Building a culture of security within your organization Read More »

Security leaders consider banning AI coding due to security risks

Artificial Intelligence, code, cybersecurity, generative AI, News, open source, report, survey, Venafi /

Security leaders consider banning AI coding due to security risks 2024-09-19 at 06:02 By Help Net Security 92% of security leaders have concerns about the use of AI-generated code within their organization, according to Venafi. Tension between security and developer teams 83% of security leaders say their developers currently use AI to generate code, with

React to this headline:

Loading spinner

Security leaders consider banning AI coding due to security risks Read More »

Hackers breaching construction firms via specialized accounting software

brute-force, credentials, Don't miss, enterprise, Hot stuff, Huntress, News, privileged accounts, SMBs /

Hackers breaching construction firms via specialized accounting software 2024-09-18 at 17:16 By Zeljka Zorz Firms in the construction industry are getting breached by hackers via internet-exposed servers running Foundation accounting software, Huntress researchers are warning. “We’re seeing active intrusions among plumbing, HVAC, concrete, and similar sub-industries,” they noted. A way into corporate networks Ohio-based Foundation

React to this headline:

Loading spinner

Hackers breaching construction firms via specialized accounting software Read More »

Ghost: Criminal communication platform compromised, dismantled by international law enforcement

arrest, Australia, crime, cybercrime, Don't miss, Encryption, Europol, Government, Hot stuff, law enforcement, News, secure communications, supply chain compromise /

Ghost: Criminal communication platform compromised, dismantled by international law enforcement 2024-09-18 at 15:16 By Zeljka Zorz Another encrypted communication platform used by criminals has been dismantled and its alleged mastermind arrested, the Australian Federal Police has announced on Tuesday. “AFP Operation Kraken charged a NSW man, aged 32, for creating and administering Ghost, a dedicated

React to this headline:

Loading spinner

Ghost: Criminal communication platform compromised, dismantled by international law enforcement Read More »

Critical VMware vCenter Server bugs fixed (CVE-2024-38812)

Don't miss, Hot stuff, News /

Critical VMware vCenter Server bugs fixed (CVE-2024-38812) 2024-09-18 at 13:46 By Zeljka Zorz Broadcom has released fixes for two vulnerabilities affecting VMware vCenter Server that can be triggered by sending a specially crafted network packet, and could lead to remote code execution (CVE-2024-38812) or privilege escalation (CVE-2024-38813). “Broadcom is not currently aware of exploitation ‘in

React to this headline:

Loading spinner

Critical VMware vCenter Server bugs fixed (CVE-2024-38812) Read More »

CrowdSec: Open-source security solution offering crowdsourced protection

crowdsourced security, Don't miss, GitHub, Hot stuff, News, open source, software /

CrowdSec: Open-source security solution offering crowdsourced protection 2024-09-18 at 08:01 By Mirko Zorz Crowdsec is an open-source solution that offers crowdsourced protection against malicious IPs. CrowdSec features For this project, the developers have two objectives: Provide free top-quality intrusion detection and protection software. There’s community participation in creating new detection rules as new vulnerabilities are

React to this headline:

Loading spinner

CrowdSec: Open-source security solution offering crowdsourced protection Read More »

Detecting vulnerable code in software dependencies is more complex than it seems

code, code analysis, cybersecurity, Don't miss, Endor Labs, Features, Hot stuff, News, open source, opinion, remediation, SCA, software, vulnerability management /

Detecting vulnerable code in software dependencies is more complex than it seems 2024-09-18 at 07:31 By Mirko Zorz In this Help Net Security interview, Henrik Plate, CISSP, security researcher, Endor Labs, discusses the complexities AppSec teams face in identifying vulnerabilities within software dependencies. Plate also discusses the limitations of traditional software composition analysis (SCA) solutions

React to this headline:

Loading spinner

Detecting vulnerable code in software dependencies is more complex than it seems Read More »

Scroll to Top