Product showcase: New ESET Home Security 28/11/2023 at 07:32 By Help Net Security ESET is thrilled to announce our new cutting-edge consumer solutions. Our consumer offering is more than just security – it is a comprehensive portfolio designed to keep our customers safe in today’s digital landscape. We are dedicated to advancing technology without compromising […]
React to this headline:
Product showcase: New ESET Home Security Read More »
Generative AI security: Preventing Microsoft Copilot data exposure 28/11/2023 at 07:01 By Help Net Security Microsoft Copilot has been called one of the most powerful productivity tools on the planet. Copilot is an AI assistant that lives inside each of your Microsoft 365 apps — Word, Excel, PowerPoint, Teams, Outlook, and so on. Microsoft’s dream
React to this headline:
Generative AI security: Preventing Microsoft Copilot data exposure Read More »
Report: The state of authentication security 2023 28/11/2023 at 06:48 By Help Net Security This survey set out to explore these challenges, to identify common practices, and to provide insight into how organizations can bolster their defenses. Key findings from the survey include: Current authentication practices Authentication-related cyberattacks Security incidents and impact Password management Security
React to this headline:
Report: The state of authentication security 2023 Read More »
Fortanix Key Insight discovers and remediates data security risks in hybrid multicloud environments 27/11/2023 at 19:02 By Industry News Fortanix announced Key Insight, a new capability in the Fortanix Data Security Manager TM (DSM) platform designed to help enterprises discover, assess, and remediate risk and compliance gaps across hybrid multicloud environments. Data breaches lead to
React to this headline:
Released: AI security guidelines backed by 18 countries 27/11/2023 at 17:32 By Zeljka Zorz The UK National Cyber Security Centre (NCSC) has published new guidelines that can help developers and providers of AI-powered systems “build AI systems that function as intended, are available when needed, and work without revealing sensitive data to unauthorised parties.” How
React to this headline:
Released: AI security guidelines backed by 18 countries Read More »
PoC for Splunk Enterprise RCE flaw released (CVE-2023-46214) 27/11/2023 at 13:47 By Zeljka Zorz A proof-of-concept (PoC) exploit for a high-severity flaw in Splunk Enterprise (CVE-2023-46214) that can lead to remote code execution has been made public. Users are advised to implement the provided patches or workarounds quickly. About CVE-2023-46214 Splunk Enterprise is a solution
React to this headline:
PoC for Splunk Enterprise RCE flaw released (CVE-2023-46214) Read More »
OpenSSL 3.2.0 released: New cryptographic algorithms, support for TCP fast open, and more! 27/11/2023 at 10:32 By Help Net Security OpenSSL is a full-featured toolkit for general-purpose cryptography and secure communication. The final version of OpenSSL 3.2.0 is now available. Major changes in OpenSSL 3.2.0 This release incorporates the following potentially significant or incompatible changes:
React to this headline:
AWS Kill Switch: Open-source incident response tool 27/11/2023 at 09:01 By Mirko Zorz AWS Kill Switch is an open-source incident response tool for quickly locking down AWS accounts and IAM roles during a security incident. The solution includes a Lambda function and proof of concept client. You can either adopt this client or build your
React to this headline:
AWS Kill Switch: Open-source incident response tool Read More »
Why it’s the perfect time to reflect on your software update policy 27/11/2023 at 08:04 By Help Net Security The threat landscape is evolving by the minute, with both malicious actors and well-intentioned researchers constantly on the hunt for new attack vectors that bypass security controls and gain control of systems and applications. In fact,
React to this headline:
Why it’s the perfect time to reflect on your software update policy Read More »
Vulnerability disclosure: Legal risks and ethical considerations for researchers 27/11/2023 at 07:32 By Mirko Zorz In this Help Net Security interview, Eddie Zhang, Principal Consultant at Project Black, explores the complex and often controversial world of vulnerability disclosure in cybersecurity. Zhang explores the intricate balancing act that researchers must perform when navigating the interests of
React to this headline:
Vulnerability disclosure: Legal risks and ethical considerations for researchers Read More »
Week in review: LockBit exploits Citrix Bleed, Apache ActiveMQ bug exploited for cryptojacking 26/11/2023 at 12:33 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: PolarDNS: Open-source DNS server tailored for security evaluations PolarDNS is a specialized authoritative DNS server that allows the operator to
React to this headline:
NIS2 and its global ramifications 24/11/2023 at 08:31 By Help Net Security The Network and Information Systems Directive (NIS2), due to come into effect in October 2024, seeks to improve cyber resilience in the European Union (EU). Its effects are likely to be wider reaching, though, bringing in more stringent processes and controls and redefining
React to this headline:
NIS2 and its global ramifications Read More »
Network security tops infrastructure investments 24/11/2023 at 07:33 By Help Net Security Network security is both the top challenge and the top investment priority for enterprise IT leaders, according to ISG. Network security challenges 60% of respondents to the ISG survey on network modernization ranked network security among their top five challenges, with 21% ranking
React to this headline:
Network security tops infrastructure investments Read More »
AI and contextual threat intelligence reshape defense strategies 24/11/2023 at 07:01 By Help Net Security AI continues to evolve to improve both cyber defense and cyber criminal activities, while regulatory pressures, continued consolidation, and geopolitical concerns will drive more proactive cybersecurity efforts with contextual threat intelligence, according to Cybersixgill. As organizations increasingly adopt Threat Exposure
React to this headline:
AI and contextual threat intelligence reshape defense strategies Read More »
Cybercriminals turn to ready-made bots for quick attacks 23/11/2023 at 08:31 By Help Net Security Bots and human fraud farms were responsible for billions of attacks in the H1 of 2023 and into Q3, according to Arkose Labs. These attacks comprised 73% of all website and app traffic measured. In other words, almost three-quarters of
React to this headline:
Cybercriminals turn to ready-made bots for quick attacks Read More »
Consumers plan to be more consistent with their security in 2024 23/11/2023 at 07:31 By Help Net Security The vast majority of consumers are concerned that cyberattacks will increase or remain consistent over the coming year (97%) and become more sophisticated (69%), outpacing the ability of cyber defenses to protect against these threats, according to
React to this headline:
Consumers plan to be more consistent with their security in 2024 Read More »
Online stores may not be as secure as you think 23/11/2023 at 07:01 By Help Net Security Credit card skimming is on the rise for the holiday shopping season, according to Malwarebytes. Online stores are not always as secure as you might think they are, and yet you need to hand over your valuable credit
React to this headline:
Online stores may not be as secure as you think Read More »
How LockBit used Citrix Bleed to breach Boeing and other targets 22/11/2023 at 16:47 By Zeljka Zorz CVE-2023-4966, aka “Citrix Bleed”, has been exploited by LockBit 3.0 affiliates to breach Boeing’s parts and distribution business, and “other trusted third parties have observed similar activity impacting their organization,” cybersecurity and law enforcement officials have confirmed on
React to this headline:
How LockBit used Citrix Bleed to breach Boeing and other targets Read More »
Microsoft announces Defender bug bounty program 22/11/2023 at 14:47 By Helga Labus Microsoft has announced a new bug bounty program aimed at unearthing vulnerabilities in Defender-related products and services, and is offering participants the possibility to earn up to $20,000 for the most critical bugs. The Microsoft Defender bug bounty program Microsoft Defender includes various
React to this headline:
Microsoft announces Defender bug bounty program Read More »
CISA offers cybersecurity services to non-federal orgs in critical infrastructure sector 22/11/2023 at 12:47 By Helga Labus The Cybersecurity and Infrastructure Security Agency (CISA) has announced a pilot program that aims to offer cybersecurity services to critical infrastructure entities as they have become a common target in cyberattacks. “In alignment with CISA’s ‘Target Rich, Resource
React to this headline:
CISA offers cybersecurity services to non-federal orgs in critical infrastructure sector Read More »