News

New infosec products of the week: December 1, 2023

Amazon, Datadog, Entrust, Fortanix, GitHub, News, Nitrokey, Paladin Cloud /

New infosec products of the week: December 1, 2023 01/12/2023 at 08:47 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Amazon, Datadog, Entrust, Fortanix, GitHub, Nitrokey, and Paladin Cloud. Amazon One Enterprise palm-based identity service improves security of physical spaces, digital assets Amazon One […]

React to this headline:

Loading spinner

New infosec products of the week: December 1, 2023 Read More »

Bridging the gap between cloud vs on-premise security

Cato Networks, Cloud, cloud security, cybersecurity, Don't miss, Expert analysis, Expert corner, firewall, Hot stuff, News, opinion, policy /

Bridging the gap between cloud vs on-premise security 01/12/2023 at 08:03 By Help Net Security With the proliferation of SaaS applications, remote work and shadow IT, organizations feel obliged to embrace cloud-based cybersecurity. And rightly so, because the corporate resources, traffic, and threats are no longer confined within the office premises. Cloud-based security initiatives, such

React to this headline:

Loading spinner

Bridging the gap between cloud vs on-premise security Read More »

Unhappy network professionals juggling more with less

CIO, cybersecurity, News, Opengear, report, survey, threat /

Unhappy network professionals juggling more with less 01/12/2023 at 07:04 By Help Net Security 97% of US-based CIOs expressed serious concerns about at least one cybersecurity threat, according to Opengear. Failing to have the correct human oversight over the network can open up opportunities for cybercriminals to find vulnerabilities in underserved setups. It’s perhaps this

React to this headline:

Loading spinner

Unhappy network professionals juggling more with less Read More »

CISA urges water facilities to secure their Unitronics PLCs

critical infrastructure, Don't miss, Hot stuff, News, PLC, Ransomware, tips, USA /

CISA urges water facilities to secure their Unitronics PLCs 30/11/2023 at 18:02 By Zeljka Zorz News that Iran-affiliated attackers have taken over a programmable logic controller (PLC) at a water system facility in Pennsylvania has been followed by a public alert urging other water authorities to immediately secure their own PLCs. “The cyber threat actors

React to this headline:

Loading spinner

CISA urges water facilities to secure their Unitronics PLCs Read More »

Nitrokey releases NetHSM, a fully open-source hardware security module

Encryption, Industry news, News, Nitrokey, open source, public-key cryptography /

Nitrokey releases NetHSM, a fully open-source hardware security module 30/11/2023 at 16:32 By Help Net Security German company Nitrokey has released NetHSM 1.0, an open-source hardware security module (HSM). Nitrokey NetHSM 1.0 features The module can be used for storing and managing a variety of cryptographic keys (e.g., keys to enable HTTPS, DNSSEC, secure blockchain

React to this headline:

Loading spinner

Nitrokey releases NetHSM, a fully open-source hardware security module Read More »

Mosint: Open-source automated email OSINT tool

Don't miss, Email, GitHub, Hot stuff, News, open source, OSINT /

Mosint: Open-source automated email OSINT tool 30/11/2023 at 08:31 By Mirko Zorz Mosint is an automated email OSINT tool written in Go designed to facilitate quick and efficient investigations of target emails. It integrates multiple services, providing security researchers with rapid access to a broad range of information. “In my previous job, I actively worked

React to this headline:

Loading spinner

Mosint: Open-source automated email OSINT tool Read More »

Bridging the risk exposure gap with strategies for internal auditors

AuditBoard, auditing, Compliance, cybersecurity, data security, Don't miss, Features, Hot stuff, News, opinion, Risk Management, strategy, tips /

Bridging the risk exposure gap with strategies for internal auditors 30/11/2023 at 07:31 By Mirko Zorz In this Help Net Security interview, Richard Chambers, Senior Internal Audit Advisor at AuditBoard, discusses the transformational role of the internal audit function and risk management in helping organizations bridge the gap in risk exposure. He talks about how

React to this headline:

Loading spinner

Bridging the risk exposure gap with strategies for internal auditors Read More »

Organizations can’t ignore the surge in malicious web links

attacks, cybercriminals, cybersecurity, Email, Hornetsecurity, News, phishing, Ransomware, report /

Organizations can’t ignore the surge in malicious web links 30/11/2023 at 07:02 By Help Net Security Despite the rising adoption of collaboration and instant messaging software, email remains a significant area of concern regarding cyber attacks, particularly the increasing threat of cybercriminals employing harmful web links in emails, according to Hornetsecurity. Attack techniques used in

React to this headline:

Loading spinner

Organizations can’t ignore the surge in malicious web links Read More »

Infosec products of the month: November 2023

Action1, Amazon, Aqua Security, ARMO, Datadog, Devo Technology, Druva, Entrust, Enzoic, Fortanix, GitHub, Illumio, Immuta, Ironscales, Kasada, Lacework, Malwarebytes, News, OneSpan, Paladin Cloud, Snappt, ThreatModeler, Varonis /

Infosec products of the month: November 2023 30/11/2023 at 06:46 By Help Net Security Here’s a look at the most interesting products from the past month, featuring releases from: Action1, Amazon, Aqua Security, ARMO, Datadog, Devo Technology, Druva, Entrust, Enzoic, Fortanix, GitHub, Illumio, Immuta, IRONSCALES, Kasada, Lacework, Malwarebytes, OneSpan, Paladin Cloud, Snappt, ThreatModeler, and Varonis.

React to this headline:

Loading spinner

Infosec products of the month: November 2023 Read More »

PoCs for critical Arcserve UDP vulnerabilities released

Arcserve, Data Protection, disaster recovery, Don't miss, enterprise, News, PoC, Tenable, vulnerability /

PoCs for critical Arcserve UDP vulnerabilities released 29/11/2023 at 17:46 By Zeljka Zorz Arcserve has fixed critical security vulnerabilities (CVE-2023-41998, CVE-2023-41999, CVE-2023-42000) in its Unified Data Protection (UDP) solution, PoCs for which have been published by Tenable researchers on Monday. The vulnerabilities Arcserve UDP is a popular enterprise data protection, backup and disaster recovery solution

React to this headline:

Loading spinner

PoCs for critical Arcserve UDP vulnerabilities released Read More »

Google fixes Chrome zero day exploited in the wild (CVE-2023-6345)

Chrome, Don't miss, exploit, Google, Hot stuff, News, security update, vulnerability /

Google fixes Chrome zero day exploited in the wild (CVE-2023-6345) 29/11/2023 at 14:46 By Helga Labus Google has released an urgent security update to fix a number of vulnerabilities in Chrome browser, including a zero-day vulnerability (CVE-2023-6345) that is being actively exploited in the wild. About CVE-2023-6345 CVE-2023-6345, reported by Benoît Sevens and Clément Lecigne

React to this headline:

Loading spinner

Google fixes Chrome zero day exploited in the wild (CVE-2023-6345) Read More »

Okta breach: Hackers stole info on ALL customer support users

authentication, data breach, Don't miss, Hot stuff, News, Okta, phishing, privileged identity, social engineering /

Okta breach: Hackers stole info on ALL customer support users 29/11/2023 at 14:16 By Zeljka Zorz The scope of the recent breach of the Okta customer support system is much wider than initially established, the company has admitted on Tuesday: the attackers downloaded a report that contained the names and email addresses of all Okta

React to this headline:

Loading spinner

Okta breach: Hackers stole info on ALL customer support users Read More »

Tails 5.2.0 comes with several improvements, updated Tor Browser

News, open source, operating system, Privacy, software, Tails /

Tails 5.2.0 comes with several improvements, updated Tor Browser 29/11/2023 at 13:33 By Help Net Security Tails is a portable operating system that protects against surveillance and censorship. Tails can be installed on any USB stick with a minimum of 8 GB. Tails works on most computers under ten years old. You can start again

React to this headline:

Loading spinner

Tails 5.2.0 comes with several improvements, updated Tor Browser Read More »

Strategies for cultivating a supportive culture in zero-trust adoption

authentication, automation, CIO, CISA, Cisco, CISO, cybersecurity, Don't miss, Features, Hot stuff, identity, News, NIST, opinion, SOAR, strategy, zero trust /

Strategies for cultivating a supportive culture in zero-trust adoption 29/11/2023 at 08:01 By Mirko Zorz In this Help Net Security interview, Wolfgang Goerlich, Advisory CISO at Cisco, discusses the benefits of implementing a mature zero-trust model for both security and business outcomes, revealing a decrease in reported security incidents and enhanced adaptability. Goerlich emphasizes the

React to this headline:

Loading spinner

Strategies for cultivating a supportive culture in zero-trust adoption Read More »

Vigil: Open-source LLM security scanner

Artificial Intelligence, Don't miss, GitHub, Hot stuff, News, Python, scanning /

Vigil: Open-source LLM security scanner 29/11/2023 at 07:01 By Mirko Zorz Vigil is an open-source security scanner that detects prompt injections, jailbreaks, and other potential threats to Large Language Models (LLMs). Prompt injection arises when an attacker successfully influences an LLM using specially designed inputs. This leads to the LLM unintentionally carrying out the objectives

React to this headline:

Loading spinner

Vigil: Open-source LLM security scanner Read More »

Design flaw leaves Google Workspace vulnerable for takeover

Google, Google Workspace, Hunters, News, vulnerability /

Design flaw leaves Google Workspace vulnerable for takeover 28/11/2023 at 18:31 By Help Net Security A design flaw in Google Workspace’s domain-wide delegation feature, discovered by Hunters’ Team Axon, can allow attackers to misuse existing delegations, enabling privilege escalation and unauthorized access to Workspace APIs without Super Admin privileges. Such exploitation could result in the

React to this headline:

Loading spinner

Design flaw leaves Google Workspace vulnerable for takeover Read More »

Slovenian power company hit by ransomware

Barrier Networks, critical infrastructure, Don't miss, energy sector, EU, Hot stuff, News, Ransomware /

Slovenian power company hit by ransomware 28/11/2023 at 18:17 By Helga Labus Slovenian power generation company Holding Slovenske Elektrarne (HSE) has been hit by ransomware and has had some of its data encrypted. The attack HSE is a state-owned company that controls numerous hydroelectric, thermal and coal-fired power plants. The company has declined to share

React to this headline:

Loading spinner

Slovenian power company hit by ransomware Read More »

Critical ownCloud flaw under attack (CVE-2023-49103)

Don't miss, GreyNoise, Hot stuff, News, ownCloud, SANS ISC, vulnerability /

Critical ownCloud flaw under attack (CVE-2023-49103) 28/11/2023 at 14:17 By Zeljka Zorz Attackers are trying to exploit a critical information disclosure vulnerability (CVE-2023-49103) in ownCloud, a popular file sharing and collaboration platform used in enterprise settings. Greynoise and SANS ISC say attemps have been first spotted over the weekend, though Dr. Johannes Ullrich, Dean of

React to this headline:

Loading spinner

Critical ownCloud flaw under attack (CVE-2023-49103) Read More »

Ukrainian ransomware gang behind high-profile attacks dismantled

cybercrime, cybercriminals, EU, Europe, Europol, Government, law enforcement, News, Ransomware, Ukraine /

Ukrainian ransomware gang behind high-profile attacks dismantled 28/11/2023 at 13:46 By Help Net Security Law enforcement and judicial authorities from seven countries have joined forces with Europol and Eurojust to dismantle and apprehend in Ukraine key figures behind significant ransomware operations. On 21 November, 30 properties were searched in the regions of Kyiv, Cherkasy, Rivne

React to this headline:

Loading spinner

Ukrainian ransomware gang behind high-profile attacks dismantled Read More »

SMBs face surge in “malware free” attacks

BEC scams, Don't miss, Hot stuff, Huntress, Malware, News, Ransomware, remote management, SMBs, trends /

SMBs face surge in “malware free” attacks 28/11/2023 at 12:51 By Helga Labus “Malware free” attacks, attackers’ increased reliance on legitimate tools and scripting frameworks, and BEC scams were the most prominent threats small and medium businesses (SMBs) faced in Q3 2023, says the inaugural SMB Threat Report by Huntress, a company that provides a

React to this headline:

Loading spinner

SMBs face surge in “malware free” attacks Read More »

Scroll to Top