News

Trustwave Government Solutions Achieves “FedRAMP In Process – PMO Review” Designation

News /

Trustwave Government Solutions Achieves “FedRAMP In Process – PMO Review” Designation 2024-01-18 at 16:02 By Trustwave Government Solutions (TGS) is proud to announce its designation as “In Process Program Management Office (PMO) Review” by the Federal Risk and Authorization Management Program (FedRAMP) for its Government Fusion platform. TGS expects to receive full authorization in early […]

React to this headline:

Loading spinner

Trustwave Government Solutions Achieves “FedRAMP In Process – PMO Review” Designation Read More »

VMware: Plug critical Aria Automation hole immediately! (CVE-2023-34063)

Cloud, CSIRO, Don't miss, News, security update, VMWare, vulnerability /

VMware: Plug critical Aria Automation hole immediately! (CVE-2023-34063) 2024-01-18 at 12:16 By Zeljka Zorz A critical vulnerability (CVE-2023-34063) affecting VMware Aria Automation and VMware Cloud Foundation can be exploited by attackers to gain access to remote organizations and workflows, VMware has warned. The company is not aware of any “in the wild” exploitation of this

React to this headline:

Loading spinner

VMware: Plug critical Aria Automation hole immediately! (CVE-2023-34063) Read More »

Attribute-based encryption could spell the end of data compromise

cybersecurity, data, Don't miss, Encryption, Expert analysis, Expert corner, hacking contest, Hot stuff, News, NTT Research, opinion, Privacy, surveillance /

Attribute-based encryption could spell the end of data compromise 2024-01-18 at 08:02 By Help Net Security The future of data privacy is the end of compromise. With the world producing data at astounding rates, we need ways to put data to the best use while protecting against breaches and ensuring privacy, data protection and access

React to this headline:

Loading spinner

Attribute-based encryption could spell the end of data compromise Read More »

Skytrack: Open-source aircraft reconnaissance tool

Don't miss, GitHub, News, open source, OSINT, software /

Skytrack: Open-source aircraft reconnaissance tool 2024-01-18 at 07:31 By Mirko Zorz Skytrack is an open-source command-line tool for plane spotting and aircraft OSINT reconnaissance. The tool utilizes multiple data sources to collect information on aircraft, can produce a PDF report for a specific aircraft, and offers conversion between ICAO and Tail Number designations. Suitable for

React to this headline:

Loading spinner

Skytrack: Open-source aircraft reconnaissance tool Read More »

Ransomware negotiation: When cybersecurity meets crisis management

attacks, cyber insurance, cybersecurity, Don't miss, Features, Hot stuff, Incident Response, News, opinion, Ransomware, regulation, strategy, Tanium /

Ransomware negotiation: When cybersecurity meets crisis management 2024-01-18 at 07:01 By Mirko Zorz In this Help Net Security interview, Tim Morris, Chief Security Advisor at Tanium, discusses ransomware negotiation, how it typically unfolds, and how organizations should have a playbook that clearly outlines what to do, when to do it, who is notified, who will

React to this headline:

Loading spinner

Ransomware negotiation: When cybersecurity meets crisis management Read More »

The power of AI in cybersecurity

Artificial Intelligence, cyber risk, cybersecurity, Don't miss, generative AI, Hot stuff, machine learning, News, threat detection /

The power of AI in cybersecurity 2024-01-18 at 06:31 By Helga Labus The widespread adoption of artificial intelligence (AI), particularly generative AI (GenAI), has revolutionized organizational landscapes and transformed both the cyber threat landscape and cybersecurity. AI as a powerful cybersecurity tool As organizations handle increasing amounts of data daily, AI offers advanced capabilities that

React to this headline:

Loading spinner

The power of AI in cybersecurity Read More »

Adversaries exploit trends, target popular GenAI apps

Artificial Intelligence, ChatGPT, cybercrime, cybersecurity, generative AI, Netskope, News, report, survey, threat /

Adversaries exploit trends, target popular GenAI apps 2024-01-18 at 06:01 By Help Net Security More than 10% of enterprise employees access at least one generative AI application every month, compared to just 2% a year ago, according to Netskope. In 2023, ChatGPT was the most popular generative AI application, accounting for 7% of enterprise usage.

React to this headline:

Loading spinner

Adversaries exploit trends, target popular GenAI apps Read More »

Kaspersky releases utility to detect iOS spyware infections

apple, Don't miss, Hot stuff, how-to, iOS, iPhone, Kaspersky, mobile devices, News, smartphones, spyware, threat detection, tips /

Kaspersky releases utility to detect iOS spyware infections 2024-01-17 at 13:46 By Help Net Security Kaspersky’s researchers have developed a lightweight method to detect indicators of infection from sophisticated iOS spyware such as NSO Group’s Pegasus, QuaDream’s Reign, and Intellexa’s Predator through analyzing a log file created on iOS devices. Analyzing the Shutdown.log The company’s

React to this headline:

Loading spinner

Kaspersky releases utility to detect iOS spyware infections Read More »

Google fixes actively exploited Chrome zero-day (CVE-2024-0519)

0-day, Chrome, Don't miss, Hot stuff, Microsoft Edge, News, security update /

Google fixes actively exploited Chrome zero-day (CVE-2024-0519) 2024-01-17 at 12:01 By Zeljka Zorz In the new stable release of the Chrome browser, Google has fixed three security vulnerabilities affecting the V8 engine, including one zero-day (CVE-2024-0519) with an existing exploit. About CVE-2024-0519 V8 is an open-source JavaScript and WebAssembly engine developed by the Chromium Project

React to this headline:

Loading spinner

Google fixes actively exploited Chrome zero-day (CVE-2024-0519) Read More »

Security considerations during layoffs: Advice from an MSSP

access management, authentication, cybersecurity, data security, DirectDefense, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, tips /

Security considerations during layoffs: Advice from an MSSP 2024-01-17 at 08:01 By Help Net Security Navigating layoffs is complex and difficult for many reasons. Not only do human resources and direct managers bear the onus of responsibility when conducting exit conversations, but security teams should also make the necessary preparations for monitoring anomalies in employee

React to this headline:

Loading spinner

Security considerations during layoffs: Advice from an MSSP Read More »

The right strategy for effective cybersecurity awareness

cyber resilience, cybersecurity, Don't miss, education, Hot stuff, News, phishing, security awareness, skill development /

The right strategy for effective cybersecurity awareness 2024-01-17 at 07:31 By Helga Labus Employees play a significant role in safeguarding organizational assets. With a constantly evolving threat landscape, cybersecurity awareness training is an essential component in creating a good security culture. Why cybersecurity awareness training? 81% of organizations were hit by malware, phishing, and password

React to this headline:

Loading spinner

The right strategy for effective cybersecurity awareness Read More »

CISOs’ crucial role in aligning security goals with enterprise expectations

access management, CISO, cybersecurity, Don't miss, Features, Gartner, generative AI, Hot stuff, identity management, News, opinion, Privacy, strategy, tips /

CISOs’ crucial role in aligning security goals with enterprise expectations 2024-01-17 at 07:01 By Mirko Zorz In this Help Net Security interview, Chris Mixter, Vice President, Analyst at Gartner, discusses the dynamic world of CISOs and how their roles have evolved significantly over the years. He outlines the critical skills for CISOs in 2024, addresses

React to this headline:

Loading spinner

CISOs’ crucial role in aligning security goals with enterprise expectations Read More »

IT teams unable to deliver data fast enough to match the speed of business

CData Software, data, data collection, News, report, survey /

IT teams unable to deliver data fast enough to match the speed of business 2024-01-17 at 06:01 By Help Net Security Increasing data requests overwhelm IT teams, but security concerns hinder their ability to provide employees with access to timely data, according to CData Software. The majority of Ops professionals feel that they are prohibited

React to this headline:

Loading spinner

IT teams unable to deliver data fast enough to match the speed of business Read More »

Atlassian reveals critical Confluence RCE flaw, urges “immediate action” (CVE-2023-22527)

Atlassian, Atlassian Confluence, CVE, Don't miss, enterprise, Hot stuff, News, security update, vulnerability /

Atlassian reveals critical Confluence RCE flaw, urges “immediate action” (CVE-2023-22527) 2024-01-16 at 19:46 By Zeljka Zorz Atlassian has patched a critical vulnerability (CVE-2023-22527) in Confluence Data Center and Confluence Server that could lead to remote code execution. The good news is that the flaw was fixed in early December 2023 with the release of versions

React to this headline:

Loading spinner

Atlassian reveals critical Confluence RCE flaw, urges “immediate action” (CVE-2023-22527) Read More »

1,700 Ivanti VPN devices compromised. Are yours among them?

0-day, APT, Don't miss, enterprise, Hot stuff, Ivanti, Mandiant, News, SMBs, threat hunting, Volexity, VPN, web shell /

1,700 Ivanti VPN devices compromised. Are yours among them? 2024-01-16 at 17:16 By Zeljka Zorz Over 1,700 Ivanti Connect Secure VPN devices worldwide have been compromised by attackers exploiting two zero-days with no patches currently available. “Additional threat actors beyond UTA0178 appear to now have access to the exploit and are actively trying to exploit

React to this headline:

Loading spinner

1,700 Ivanti VPN devices compromised. Are yours among them? Read More »

3 ways to combat rising OAuth SaaS attacks

access control, Adaptive Shield, attacks, authentication, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, monitoring, News, OAuth, opinion, SaaS /

3 ways to combat rising OAuth SaaS attacks 2024-01-16 at 07:31 By Help Net Security OAuth attacks are on the rise. In December, the Microsoft Threat Intelligence team observed threat actors misusing OAuth apps to take over a cloud server and mine cryptocurrency, establish persistence following business email compromise and launch spam activity using the

React to this headline:

Loading spinner

3 ways to combat rising OAuth SaaS attacks Read More »

10 cybersecurity frameworks you need to know about

CISO, cybersecurity, Don't miss, framework, Hot stuff, ISO 27001, News, security standard, standards, strategy, tips /

10 cybersecurity frameworks you need to know about 2024-01-16 at 07:01 By Help Net Security As cyber threats grow more sophisticated, understanding and implementing robust cybersecurity frameworks is crucial for organizations of all sizes. This article lists the most essential cybersecurity frameworks developed to guide businesses and governments in safeguarding their digital assets. From the

React to this headline:

Loading spinner

10 cybersecurity frameworks you need to know about Read More »

Tsurugi Linux: Tailoring user experience for digital forensics and OSINT investigations

cybersecurity, DFIR, Linux, News, open source, software /

Tsurugi Linux: Tailoring user experience for digital forensics and OSINT investigations 2024-01-16 at 06:31 By Mirko Zorz Tsurugi Linux is a heavily customized open-source distribution focused on supporting DFIR investigations. The project focuses mainly on live forensics analysis, post-mortem analysis, and digital evidence acquisition. Users can also perform malware analysis, OSINT and computer vision activities.

React to this headline:

Loading spinner

Tsurugi Linux: Tailoring user experience for digital forensics and OSINT investigations Read More »

Geopolitical tensions combined with technology will drive new security risks

Artificial Intelligence, Fake News, News, report, risk, survey, Tenable, World Economic Forum /

Geopolitical tensions combined with technology will drive new security risks 2024-01-16 at 06:02 By Help Net Security Misinformation and disinformation are biggest short-term risks, while extreme weather and critical change to Earth systems are greatest long-term concern, according to the Global Risks 2024 Report from the World Economic Forum. Against a backdrop of systemic shifts

React to this headline:

Loading spinner

Geopolitical tensions combined with technology will drive new security risks Read More »

Windows SmartScreen bug exploited to deliver powerful info-stealer (CVE-2023-36025)

Don't miss, Hot stuff, Malware, News, Trend Micro, Windows /

Windows SmartScreen bug exploited to deliver powerful info-stealer (CVE-2023-36025) 2024-01-15 at 15:31 By Zeljka Zorz A vulnerability (CVE-2023-36025) that Microsoft fixed in November 2023 continues to be exploited by malware peddlers: this time around, the delivered threat is a variant of the Phemedrone Stealer. About the malware Phemedrone Stealer is a piece of malware written

React to this headline:

Loading spinner

Windows SmartScreen bug exploited to deliver powerful info-stealer (CVE-2023-36025) Read More »

Scroll to Top