3 ways to combat rising OAuth SaaS attacks 2024-01-16 at 07:31 By Help Net Security OAuth attacks are on the rise. In December, the Microsoft Threat Intelligence team observed threat actors misusing OAuth apps to take over a cloud server and mine cryptocurrency, establish persistence following business email compromise and launch spam activity using the […]
React to this headline:
3 ways to combat rising OAuth SaaS attacks Read More »
Flipping the BEC funnel: Phishing in the age of GenAI 2024-01-15 at 08:02 By Help Net Security For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic (and usually poorly-written) email and fire it out to thousands of recipients in the hope that a few might take the
React to this headline:
Flipping the BEC funnel: Phishing in the age of GenAI Read More »
Key elements for a successful cyber risk management strategy 2024-01-15 at 06:32 By Mirko Zorz In this Help Net Security interview, Yoav Nathaniel, CEO at Silk Security, discusses the evolution of cyber risk management strategies and practices, uncovering common mistakes and highlighting key components for successful risk resolution. Nathaniel anticipates a growing pressure on organizations
React to this headline:
Key elements for a successful cyber risk management strategy Read More »
Cloud security predictions for 2024 2024-01-12 at 07:31 By Help Net Security As we reflect on the cybersecurity landscape and the trajectories of threat vectors, it’s evident that we’re on the cusp of a paradigm shift in cloud security. Businesses and cybersecurity professionals must stay abreast of these changes, adapting their strategies to ensure a
React to this headline:
Cloud security predictions for 2024 Read More »
Purple teaming and the role of threat categorization 2024-01-11 at 07:31 By Help Net Security Organizations constantly work to ensure optimal threat detection and prevention across their systems. One question gets asked repeatedly: “Can we detect the threats we’re supposed to be able to detect?” Red team assessment, penetration testing, and even purple team assessments
React to this headline:
Purple teaming and the role of threat categorization Read More »
Embracing offensive cybersecurity tactics for defense against dynamic threats 2024-01-11 at 07:02 By Mirko Zorz In this Help Net Security, Alexander Hagenah, Head of Cyber Controls at SIX, discusses the critical steps in creating effective offensive security operations and their impact on organizational security strategies. What are the critical steps in creating effective offensive security
React to this headline:
Embracing offensive cybersecurity tactics for defense against dynamic threats Read More »
Top LLM vulnerabilities and how to mitigate the associated risk 2024-01-10 at 07:31 By Help Net Security As large language models (LLMs) become more prevalent, a comprehensive understanding of the LLM threat landscape remains elusive. But this uncertainty doesn’t mean progress should grind to a halt: Exploring AI is essential to staying competitive, meaning CISOs
React to this headline:
Top LLM vulnerabilities and how to mitigate the associated risk Read More »
If you prepare, a data security incident will not cause an existential crisis 2024-01-09 at 08:02 By Help Net Security Why is it that when a company becomes aware of a potential data security incident, the team working on it (and others who are made aware that “something” is going on) have an immediate and
React to this headline:
If you prepare, a data security incident will not cause an existential crisis Read More »
Understanding zero-trust design philosophy and principles 2024-01-09 at 07:32 By Mirko Zorz In this Help Net Security interview, Phil Vachon, Head of Infrastructure in the Office of the CTO at Bloomberg, discusses the varying definitions of zero trust among security professionals and companies, emphasizing its broad design philosophy. Vachon explores challenges in implementing zero trust,
React to this headline:
Understanding zero-trust design philosophy and principles Read More »
Social engineer reveals effective tricks for real-world intrusions 2024-01-08 at 08:31 By Mirko Zorz In this Help Net Security interview, Jayson E. Street, Chief Adversarial Officer at Secure Yeti, discusses intriguing aspects of social engineering and unconventional methods for gathering target information. Street explores the overlooked threat of physical security and the human tendency to
React to this headline:
Social engineer reveals effective tricks for real-world intrusions Read More »
January 2024 Patch Tuesday forecast: A Focus on Printing 2024-01-05 at 08:16 By Help Net Security Happy 2024 Everyone! I hope everyone is looking forward to another exciting year in the ever-changing world of IT operations and software security. This article aims to provide a quick summary of some of the latest trends, announcements, and
React to this headline:
January 2024 Patch Tuesday forecast: A Focus on Printing Read More »
Cybersecurity challenges emerge in the wake of API expansion 2024-01-03 at 08:01 By Mirko Zorz In this Help Net Security interview, Vedran Cindric, CEO at Treblle, discusses the exponential growth of AI-related APIs, citing a 96% increase in 2023. He sheds light on the integral role APIs play in powering AI interactions, revealing the invisible
React to this headline:
Cybersecurity challenges emerge in the wake of API expansion Read More »
Wi-Fi 7’s mission-critical role in enterprise, industrial networking 2024-01-02 at 06:31 By Mirko Zorz As we transition from Wi-Fi 6 to the more advanced Wi-Fi 7, we uncover the significant enhancements in speed, efficiency, and spectrum usage that set it apart from its predecessors. In this Help Net Security interview, Tiago Rodrigues, CEO at Wireless
React to this headline:
Wi-Fi 7’s mission-critical role in enterprise, industrial networking Read More »
Why you need to extend enterprise IT security to the mainframe 2023-12-29 at 07:32 By Help Net Security Organizations with mainframes face a unique challenge: extending consistency across the entire enterprise, including mainframe environments. The ongoing issue lies in the incompatibility of tools designed for both mainframes and enterprise settings, resulting in disparate solutions, training
React to this headline:
Why you need to extend enterprise IT security to the mainframe Read More »
API security in 2024: Predictions and trends 2023-12-29 at 07:02 By Help Net Security As technology continues to advance at an unprecedented pace, so does the complexity of API (application programming interface) security. With the proliferation of APIs in modern applications and services, organizations will need to develop a better understanding of their API environments
React to this headline:
API security in 2024: Predictions and trends Read More »
How to turn shadow IT into a culture of grassroots innovation 2023-12-28 at 07:32 By Help Net Security The proliferation of generative AI tools has been compared to the dawn of the internet, the spread of smartphones and laptops, and the mass transition to cloud computing. All these advancements make it easier for individuals to
React to this headline:
How to turn shadow IT into a culture of grassroots innovation Read More »
5 pivotal cybersecurity trends for 2024 2023-12-28 at 07:01 By Help Net Security In 2023, cyberattacks surged both in terms of frequency and sophistication. The proliferation of cutting-edge hacking tools and technologies – now more accessible than ever thanks to advances in generative AI – created an environment conducive for cyber threats to flourish, forcing
React to this headline:
5 pivotal cybersecurity trends for 2024 Read More »
How to incorporate human-centric security 2023-12-27 at 07:32 By Help Net Security Cybersecurity is awash in threat detection and mitigation solutions: SIEM, DLP, SOAR, MDR, EDR, XDR, and more. Threat detection is essential, as it serves to locate and minimize the threat as quickly and effectively as possible. However, some companies are starting to embrace
React to this headline:
How to incorporate human-centric security Read More »
Why data, AI, and regulations top the threat list for 2024 21/12/2023 at 09:02 By Help Net Security The new year finds us confronted by a landscape characterized by political uncertainty, social fragmentation, escalating geopolitical tensions, and a turbulent macro-economic backdrop, making it crucial for security leaders to strategically prepare for the forthcoming challenges. Let’s
React to this headline:
Why data, AI, and regulations top the threat list for 2024 Read More »
AI’s efficacy is constrained in cybersecurity, but limitless in cybercrime 20/12/2023 at 09:47 By Help Net Security Bringing artificial intelligence into the cybersecurity field has created a vicious cycle. Cyber professionals now employ AI to enhance their tools and boost their detection and protection capabilities, but cybercriminals are also harnessing AI for their attacks. Security
React to this headline:
AI’s efficacy is constrained in cybersecurity, but limitless in cybercrime Read More »