News

Enhancing visibility for better security in multi-cloud and hybrid environments

cloud security, Compliance, cybersecurity, data loss prevention, Don't miss, Features, Hot stuff, News, opinion, RAD Security, standards, strategy, threats /

Enhancing visibility for better security in multi-cloud and hybrid environments 2024-11-21 at 07:03 By Mirko Zorz In this Help Net Security interview, Brooke Motta, CEO of RAD Security, talks about how cloud-specific threats have evolved and what companies should be watching out for. She discusses the growing complexity of cloud environments and the importance of […]

React to this headline:

Loading spinner

Enhancing visibility for better security in multi-cloud and hybrid environments Read More »

Full recovery from breaches takes longer than expected

cybersecurity, disaster recovery, Fastly, News, report, software, survey /

Full recovery from breaches takes longer than expected 2024-11-21 at 06:03 By Help Net Security In 2024, businesses reported taking an average of 7.3 months to recover from cybersecurity breaches – 25% longer than expected and over a month past the anticipated timeline of 5.9 months, according to Fastly. Cybersecurity leaders feel unprepared for future

React to this headline:

Loading spinner

Full recovery from breaches takes longer than expected Read More »

GitHub Secure Open Source Fund: Project maintainers, apply now!

Don't miss, education, GitHub, Hot stuff, News, open source, software development /

GitHub Secure Open Source Fund: Project maintainers, apply now! 2024-11-20 at 15:42 By Zeljka Zorz GitHub is calling on maintainers of open source projects to apply for the newly opened Secure Open Source Fund, to get funding and knowledge to improve the security and sustainability of their software. The program is funded by companies (AmEx

React to this headline:

Loading spinner

GitHub Secure Open Source Fund: Project maintainers, apply now! Read More »

Oracle Linux 9 Update 5 brings security updates, OpenJDK 17, .NET 9.0

Linux, News, Oracle /

Oracle Linux 9 Update 5 brings security updates, OpenJDK 17, .NET 9.0 2024-11-20 at 15:42 By Help Net Security Oracle Linux offers a secure, streamlined platform for deploying and managing applications across on-premises, cloud, and edge environments. Designed for demanding workloads, it includes tools for automation, virtualization, high availability, cloud-native development, Kubernetes, and more. Oracle

React to this headline:

Loading spinner

Oracle Linux 9 Update 5 brings security updates, OpenJDK 17, .NET 9.0 Read More »

Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308)

0-day, apple, Don't miss, Google, Hot stuff, iOS, iPad, macOS, News /

Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308) 2024-11-20 at 12:50 By Zeljka Zorz Apple has released emergency security updates for macOS Sequoia that fix two zero-day vulnerabilities (CVE-2024-44309, CVE-2024-44308) that “may have been actively exploited on Intel-based Mac systems”. About CVE-2024-44309 and CVE-2024-44308 CVE-2024-44309 affects WebKit, the browser engine used in

React to this headline:

Loading spinner

Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308) Read More »

Five backup lessons learned from the UnitedHealth ransomware attack

backup, Continuity, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, strategy, tips /

Five backup lessons learned from the UnitedHealth ransomware attack 2024-11-20 at 08:19 By Help Net Security The ransomware attack on UnitedHealth earlier this year is quickly becoming the healthcare industry’s version of Colonial Pipeline, prompting congressional testimony, lawmaker scrutiny and potential legislation.  Over the past few months, there have been two congressional hearings on the attack

React to this headline:

Loading spinner

Five backup lessons learned from the UnitedHealth ransomware attack Read More »

Debunking myths about open-source security

Artificial Intelligence, Canonical, CISO, cybersecurity, Don't miss, Features, Hot stuff, News, open source, opinion /

Debunking myths about open-source security 2024-11-20 at 07:31 By Mirko Zorz In this Help Net Security interview, Stephanie Domas, CISO at Canonical, discusses common misconceptions about open-source security and how the community can work to dispel them. She explains how open-source solutions, contrary to myths, offer enterprise-grade maturity, reliability, and transparency. Domas also shares key

React to this headline:

Loading spinner

Debunking myths about open-source security Read More »

Cybersecurity jobs available right now: November 20, 2024

cybersecurity jobs, News /

Cybersecurity jobs available right now: November 20, 2024 2024-11-20 at 06:37 By Anamarija Pogorelec Application Security Engineer ENOC | UAE | On-site – View job details As an Application Security Engineer, you will establish and maintain DLP policies to prevent unauthorized access, transmission, or disclosure of sensitive data, focusing on both on-premises and cloud environments.

React to this headline:

Loading spinner

Cybersecurity jobs available right now: November 20, 2024 Read More »

Overreliance on GenAI to develop software compromises security

automation, generative AI, Legit Security, News, report, software development, survey /

Overreliance on GenAI to develop software compromises security 2024-11-20 at 06:07 By Help Net Security GenAI is quickly changing the software development process by automating tasks that once took developers hours, if not days, to complete, bolstering efficiency and productivity, according to Legit Security. “As GenAI transforms software development and becomes increasingly embedded in the

React to this headline:

Loading spinner

Overreliance on GenAI to develop software compromises security Read More »

Microsoft announces Zero Day Quest hacking event with big rewards

bug bounty, bug hunting, Don't miss, Microsoft, News /

Microsoft announces Zero Day Quest hacking event with big rewards 2024-11-19 at 21:19 By Mirko Zorz Microsoft is enhancing its bug bounty initiatives with the launch of the Zero Day Quest hacking event. With $4 million in potential rewards, it focuses on driving research in critical areas such as cloud computing and AI. Event focus

React to this headline:

Loading spinner

Microsoft announces Zero Day Quest hacking event with big rewards Read More »

Microsoft announces new and improved Windows 11 security features

Application Security, Data Protection, Don't miss, Hot stuff, Microsoft, News, privileged accounts, Windows /

Microsoft announces new and improved Windows 11 security features 2024-11-19 at 21:04 By Zeljka Zorz Microsoft has implemented some and is working on delivering several other security-related features and improvements for Windows 11. Administrator protection will allow users to make system changes on their PCs without having administrator rights (that can be abused by attackers

React to this headline:

Loading spinner

Microsoft announces new and improved Windows 11 security features Read More »

Microsoft plans to boot security vendors out of the Windows kernel

antivirus, cyber resilience, Don't miss, Hot stuff, News, security testing, Windows /

Microsoft plans to boot security vendors out of the Windows kernel 2024-11-19 at 20:48 By Zeljka Zorz Microsoft has announced the Windows Resiliency Initiative, aimed at avoiding a repeat of the prolonged worldwide IT outage caused by a buggy CrowdStrike update that took down millions of Windows machines and rendered them remotely unfixable. As part

React to this headline:

Loading spinner

Microsoft plans to boot security vendors out of the Windows kernel Read More »

Windows 365 Link: Connect securely to Windows 365

Cloud, hardware, Microsoft, News /

Windows 365 Link: Connect securely to Windows 365 2024-11-19 at 18:55 By Mirko Zorz Microsoft unveiled Windows 365 Link, their first purpose-built Cloud PC device for instant, secure connection to Windows 365. Sign-in screen with USB security key option (Source: Microsoft) Windows 365 Link prioritizes security “We have heard concerns from IT pros about the

React to this headline:

Loading spinner

Windows 365 Link: Connect securely to Windows 365 Read More »

Cross-IdP impersonation bypasses SSO protections

Don't miss, identity, News, Push Security, SaaS, SSO /

Cross-IdP impersonation bypasses SSO protections 2024-11-19 at 18:22 By Help Net Security Cross-IdP impersonation – a technique that enables attackers to hijack the single sign-on (SSO) process to gain unauthorized access to downstream software-as-a-service (SaaS) applications without compromising a company’s primary identity provider (IdP) – is expected to gain popularity with attackers, according to Push

React to this headline:

Loading spinner

Cross-IdP impersonation bypasses SSO protections Read More »

Space tech giant Maxar confirms attackers accessed employee data

data breach, News, Privacy /

Space tech giant Maxar confirms attackers accessed employee data 2024-11-19 at 13:19 By Mirko Zorz Satellite and space technology leader Maxar Space Systems has suffered a data breach. “Our information security team discovered that a hacker using a Hong Kong-based IP address targeted and accessed a Maxar system containing certain files with employee personal data,”

React to this headline:

Loading spinner

Space tech giant Maxar confirms attackers accessed employee data Read More »

Oracle patches exploited Agile PLM vulnerability (CVE-2024-21287)

CrowdStrike, Don't miss, enterprise, Hot stuff, News, Oracle, product development, Tenable /

Oracle patches exploited Agile PLM vulnerability (CVE-2024-21287) 2024-11-19 at 12:48 By Zeljka Zorz Oracle has released a security patch for CVE-2024-21287, a remotely exploitable vulnerability in the Oracle Agile PLM Framework that is, according to Tenable researchers, being actively exploited by attackers. About CVE-2024-21287 Oracle Agile PLM Framework is an enterprise product lifecycle management solution

React to this headline:

Loading spinner

Oracle patches exploited Agile PLM vulnerability (CVE-2024-21287) Read More »

Phobos ransomware administrator faces US cybercrime charges

cybercrime, FBI, News, Ransomware, USA /

Phobos ransomware administrator faces US cybercrime charges 2024-11-19 at 12:33 By Help Net Security The Justice Department unsealed criminal charges against Evgenii Ptitsyn, 42, a Russian national, for allegedly administering the sale, distribution, and operation of Phobos ransomware. Ptitsyn made his initial appearance in the US District Court for the District of Maryland on Nov.

React to this headline:

Loading spinner

Phobos ransomware administrator faces US cybercrime charges Read More »

AlmaLinux 9.5 released: Security updates, new packages, and more!

AlmaLinux OS Foundation, Linux, News, open source /

AlmaLinux 9.5 released: Security updates, new packages, and more! 2024-11-19 at 11:01 By Help Net Security AlmaLinux is a free, open-source, enterprise-grade Linux distribution. Governed and owned by the community, it offers a production-ready platform with binary compatibility to Red Hat Enterprise Linux. AlmaLinux 9.5, codenamed Teal Serval, is now available. Security updates: The OpenSSL

React to this headline:

Loading spinner

AlmaLinux 9.5 released: Security updates, new packages, and more! Read More »

Dev + Sec: A collaborative approach to cybersecurity

collaboration, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, YL Ventures /

Dev + Sec: A collaborative approach to cybersecurity 2024-11-19 at 07:31 By Help Net Security The age-old tension between development and security teams has long been a source of friction in organizations. Developers prioritize speed and efficiency, aiming to deliver features and products quickly with a fast-paced, iterative development cycle and move on efficiently. On

React to this headline:

Loading spinner

Dev + Sec: A collaborative approach to cybersecurity Read More »

Why AI alone can’t protect you from sophisticated email threats

Artificial Intelligence, Barracuda Networks, CISO, cybersecurity, Don't miss, email security, Features, Hot stuff, News, opinion, social engineering /

Why AI alone can’t protect you from sophisticated email threats 2024-11-19 at 07:03 By Mirko Zorz In this Help Net Security interview, Riaz Lakhani, CISO at Barracuda Networks, discusses the effectiveness of AI-based behavioural analysis in combating sophisticated email threats like BEC and VEC. Lakhani also explains how AI tools help detect malicious email activity

React to this headline:

Loading spinner

Why AI alone can’t protect you from sophisticated email threats Read More »

Scroll to Top