News

Securing AI’s new frontier: Visibility, governance, and mitigating compliance risks

Artificial Intelligence, Compliance, cybersecurity, data, Don't miss, Features, Hot stuff, News, Noma Security, open source, opinion /

Securing AI’s new frontier: Visibility, governance, and mitigating compliance risks 2024-12-04 at 07:21 By Mirko Zorz In this Help Net Security interview, Niv Braun, CEO at Noma Security, discusses the difficulties security teams face due to the fragmented nature of AI processes, tools, and teams across the data and AI lifecycle. Braun also shares insights […]

React to this headline:

Loading spinner

Securing AI’s new frontier: Visibility, governance, and mitigating compliance risks Read More »

70% of open-source components are poorly or no longer maintained

code, cyber risk, cybersecurity, Lineaje, News, open source, report, software, survey /

70% of open-source components are poorly or no longer maintained 2024-12-04 at 06:35 By Help Net Security The geographic distribution of open-source contributions introduces geopolitical risks that organizations must urgently consider, especially with rising nation-state attacks, according to Lineaje. Open-source code risks rise with anonymous contributions Microsoft estimates that its customers face 600 million cyberattacks

React to this headline:

Loading spinner

70% of open-source components are poorly or no longer maintained Read More »

65% of office workers bypass cybersecurity to boost productivity

cyber risk, CyberArk, cybersecurity, News, report, survey /

65% of office workers bypass cybersecurity to boost productivity 2024-12-04 at 06:04 By Help Net Security High-risk access exists throughout the workplace, in almost every job role, proving that the time has come for organizations to re-think the way they protect their workforce, according to CyberArk. CyberArk surveyed 14,003 employees in the UK, USA, France,

React to this headline:

Loading spinner

65% of office workers bypass cybersecurity to boost productivity Read More »

Veeam plugs serious holes in Service Provider Console (CVE-2024-42448, CVE-2024-42449)

backup, CVE, Don't miss, enterprise, Hot stuff, MSP, News, Veeam Software, vulnerability /

Veeam plugs serious holes in Service Provider Console (CVE-2024-42448, CVE-2024-42449) 2024-12-03 at 19:48 By Zeljka Zorz Veeam has fixed two vulnerabilities in Veeam Service Provider Console (VSPC), one of which (CVE-2024-42448) may allow remote attackers to achieve code exection on the VSPC server machine. The vulnerabilities Veeam Service Provider Console is a cloud-enabled platform that

React to this headline:

Loading spinner

Veeam plugs serious holes in Service Provider Console (CVE-2024-42448, CVE-2024-42449) Read More »

Police takes down Matrix encrypted chat service used by criminals

arrest, crime, Encryption, Europe, Europol, France, Hot stuff, law enforcement, News, secure communications /

Police takes down Matrix encrypted chat service used by criminals 2024-12-03 at 17:18 By Zeljka Zorz A joint investigation team involving French and Dutch authorities has taken down Matrix, yet another end-to-end encrypted chat service created by criminals. Matrix (Source: Dutch Police) The Matrix encrypted chat service Matrix – also know as Mactrix, Totalsec, X-quantum,

React to this headline:

Loading spinner

Police takes down Matrix encrypted chat service used by criminals Read More »

Whitepaper: 9 traits of effective security leaders of tomorrow

Don't miss, ISC2, News, whitepapper /

Whitepaper: 9 traits of effective security leaders of tomorrow 2024-12-03 at 16:15 By Help Net Security The cyber world needs your expertise. But the security leaders of tomorrow require a broad set of skills that job experience alone does not arm you with. What do today’s organizations demand? And how can you acquire the technical

React to this headline:

Loading spinner

Whitepaper: 9 traits of effective security leaders of tomorrow Read More »

Phishers send corrupted documents to bypass email security

Any.Run, Don't miss, email security, Hot stuff, MS Office, News, phishing /

Phishers send corrupted documents to bypass email security 2024-12-03 at 14:18 By Zeljka Zorz Phishers have come up with a new trick for bypassing email security systems: corrupted MS Office documents. The spam campaign Malware hunting service Any.Run has warned last week about email campaigns luring users with promises of payments, benefits and end-of-the-year bonuses.

React to this headline:

Loading spinner

Phishers send corrupted documents to bypass email security Read More »

US government, energy sector contractor hit by ransomware

energy sector, Government, Hot stuff, News, Ransomware, USA /

US government, energy sector contractor hit by ransomware 2024-12-03 at 12:15 By Zeljka Zorz ENGlobal, a Texas-based engineering and automation contractor for companies in the energy sector, has had its data encrypted by attackers. “On November 25, 2024, ENGlobal Corporation (the “Company”) became aware of a cybersecurity incident. The preliminary investigation has revealed that a

React to this headline:

Loading spinner

US government, energy sector contractor hit by ransomware Read More »

Nextcloud Talk: Open-source, GDPR-compliant alternative to Microsoft Teams

Microsoft Teams, News, open source, software /

Nextcloud Talk: Open-source, GDPR-compliant alternative to Microsoft Teams 2024-12-03 at 11:18 By Mirko Zorz Nextcloud has unveiled Nextcloud Talk, an open-source alternative to Microsoft Teams. It’s a privacy-compliant collaboration platform for hybrid teams that gives companies complete control over their data. Nextcloud Talk collaboration software delivers highly secure, GDPR-compliant communication while providing all the essential

React to this headline:

Loading spinner

Nextcloud Talk: Open-source, GDPR-compliant alternative to Microsoft Teams Read More »

Treat AI like a human: Redefining cybersecurity

Appfire, Artificial Intelligence, Compliance, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, risk assessment, security controls /

Treat AI like a human: Redefining cybersecurity 2024-12-03 at 07:31 By Mirko Zorz In this Help Net Security interview, Doug Kersten, CISO of Appfire, explains how treating AI like a human can change the way cybersecurity professionals use AI tools. He discusses how this shift encourages a more collaborative approach while acknowledging AI’s limitations. Kersten

React to this headline:

Loading spinner

Treat AI like a human: Redefining cybersecurity Read More »

Cybersecurity jobs available right now: December 3, 2024

cybersecurity jobs, News /

Cybersecurity jobs available right now: December 3, 2024 2024-12-03 at 06:39 By Anamarija Pogorelec Application Security Engineer TE Connectivity | USA | Remote – View job details As an Application Security Engineer, you will design, develop, and implement a robust Application Security program. Create and maintain application security policies, standards, and procedures. Participate in the

React to this headline:

Loading spinner

Cybersecurity jobs available right now: December 3, 2024 Read More »

The shocking speed of AWS key exploitation

automation, AWS, Clutch Security, credentials, Don't miss, GitHub, Hot stuff, News, security practices /

The shocking speed of AWS key exploitation 2024-12-02 at 21:19 By Zeljka Zorz It’s no secret that developers often inadvertently expose AWS access keys online and we know that these keys are being scraped and misused by attackers before organizations get a chance to revoke them. Clutch Security researchers performed a test to see just

React to this headline:

Loading spinner

The shocking speed of AWS key exploitation Read More »

AWS offers incident response service

AWS, enterprise, Hot stuff, Incident Response, News /

AWS offers incident response service 2024-12-02 at 14:15 By Zeljka Zorz Amazon Web Services (AWS) has launched a new service to help organizations prepare for and recover from ransomware attacks, account takeovers, data breaches, and other security events: AWS Security Incident Response (SIR). Creating a case (Source: AWS) AWS Security Incident Response explained “Security events

React to this headline:

Loading spinner

AWS offers incident response service Read More »

$400M seized, 5,500 arrested in global operation targeting cyber fraud

arrest, cybercrime, fraud, Interpol, law enforcement, News /

$400M seized, 5,500 arrested in global operation targeting cyber fraud 2024-12-02 at 12:44 By Mirko Zorz A coordinated international operation involving law enforcement agencies from 40 countries led to the arrest of over 5,500 individuals linked to financial crimes and the confiscation of more than $400 million in virtual assets and government-backed currencies. Officers in

React to this headline:

Loading spinner

$400M seized, 5,500 arrested in global operation targeting cyber fraud Read More »

5 reasons to double down on network security

cloud computing, cybersecurity, Don't miss, Endpoint Security, Expert analysis, Expert corner, Hot stuff, network, News, opinion, Stamus Networks, threat detection /

5 reasons to double down on network security 2024-12-02 at 07:33 By Help Net Security Cybersecurity programs have evolved significantly over the past few decades. The advent of cloud computing shattered the conventional corporate perimeter, forcing organizations to update their defense strategies. Today, with the rise of work-from-anywhere and bring-your-own-device (BYOD) policies as well as

React to this headline:

Loading spinner

5 reasons to double down on network security Read More »

Inside the 2024 CWE Top 25: Trends, surprises, and persistent challenges

Artificial Intelligence, CNA, CVE, cybersecurity, Don't miss, Features, Hot stuff, MITRE, News, opinion, vulnerability management /

Inside the 2024 CWE Top 25: Trends, surprises, and persistent challenges 2024-12-02 at 07:12 By Mirko Zorz In this Help Net Security interview, Alec Summers, Project Leader for the CVE Program at MITRE, shares his insights on the 2024 CWE top 25 most dangerous software weaknesses. He discusses the impact of the new methodology that

React to this headline:

Loading spinner

Inside the 2024 CWE Top 25: Trends, surprises, and persistent challenges Read More »

How AI is transforming human risk management

Artificial Intelligence, Don't miss, human error, InfoSec Institute, News, Risk Management, Video /

How AI is transforming human risk management 2024-12-02 at 06:33 By Help Net Security While human error has always posed a cybersecurity risk, AI and emerging tech are playing an evolving role in Human Risk Management – uncovering new needs, challenges, and pain points. In this Help Net Security video, Bret Fund, SVP and General

React to this headline:

Loading spinner

How AI is transforming human risk management Read More »

Data scientists create tool to spot fake images

GitHub, News, research, software /

Data scientists create tool to spot fake images 2024-12-02 at 06:02 By Help Net Security Pixelator v2 is a tool to spot fake images. It uses a new combination of image veracity techniques with capability beyond what can be seen by the human eye. It can identify subtle differences in images with greater accuracy than

React to this headline:

Loading spinner

Data scientists create tool to spot fake images Read More »

Week in review: Exploitable flaws in corporate VPN clients, malware loader created with gaming engine

News, Week in review /

Week in review: Exploitable flaws in corporate VPN clients, malware loader created with gaming engine 2024-12-01 at 11:03 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Researchers reveal exploitable flaws in corporate VPN clients Researchers have discovered vulnerabilities in the update process of Palo

React to this headline:

Loading spinner

Week in review: Exploitable flaws in corporate VPN clients, malware loader created with gaming engine Read More »

The effect of compliance requirements on vulnerability management strategies

automation, Compliance, cybersecurity, Don't miss, Features, Hot stuff, News, Nucleus Security, opinion, patching, vulnerability management /

The effect of compliance requirements on vulnerability management strategies 2024-11-29 at 07:34 By Mirko Zorz In this Help Net Security interview, Steve Carter, CEO of Nucleus Security, discusses the ongoing challenges in vulnerability management, including prioritizing vulnerabilities and addressing patching delays. Carter also covers compliance requirements and how automation can streamline vulnerability management processes. Why

React to this headline:

Loading spinner

The effect of compliance requirements on vulnerability management strategies Read More »

Scroll to Top