supply chain attacks

Top 5 threats keeping CISOs up at night in 2025

Artificial Intelligence, CISO, cybersecurity, Don't miss, Hot stuff, News, Ransomware, regulation, strategy, supply chain attacks, threats, tips /

Top 5 threats keeping CISOs up at night in 2025 2025-03-14 at 08:05 By Help Net Security Cyber threats in 2025 require a proactive, adaptive approach. To stay ahead, CISOs must balance technical defenses, regulatory expectations, and human factors. By prioritizing AI-driven security, ransomware resilience, supply chain risk management, insider threat mitigation, and compliance preparedness, […]

React to this headline:

Loading spinner

Top 5 threats keeping CISOs up at night in 2025 Read More »

Malicious ML models found on Hugging Face Hub

Artificial Intelligence, Don't miss, Hot stuff, Hugging Face, JFrog, machine learning, News, ReversingLabs, software development, supply chain attacks /

Malicious ML models found on Hugging Face Hub 2025-02-10 at 15:52 By Zeljka Zorz Researchers have spotted two machine learning (ML) models containing malicious code on Hugging Face Hub, the popular online repository for datasets and pre-trained models. Once one of them is downloaded and executed on the developer’s machine, the malicious payload checks if

React to this headline:

Loading spinner

Malicious ML models found on Hugging Face Hub Read More »

Middle East Cybersecurity in 2024: From Zero-Day Exploits to Supply Chain Attacks 

Cyble Blogs, exploit, Middle East, Middle East Cybersecurity, supply chain attacks /

Middle East Cybersecurity in 2024: From Zero-Day Exploits to Supply Chain Attacks  2024-11-19 at 15:49 By Cyble Overview  In 2024, the Middle East faces an escalating wave of cyberattacks amid its rapid digital transformation, with zero-day exploits and advanced attack techniques targeting critical infrastructure, government entities, and supply chains. Cybercriminals are increasingly exploiting vulnerabilities like

React to this headline:

Loading spinner

Middle East Cybersecurity in 2024: From Zero-Day Exploits to Supply Chain Attacks  Read More »

Observations from Black Hat USA 2024, BSidesLV, and DEF CON 32

Artificial Intelligence, conferences, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, IoT, Microsoft, News, opinion, Privacy, SANS, Signal, software development, SonicWall, supply chain attacks /

Observations from Black Hat USA 2024, BSidesLV, and DEF CON 32 2024-08-16 at 12:46 By Help Net Security I recently spent six days in Las Vegas attending DEF CON, BsidesLV, and Black Hat USA 2024, where I had the opportunity to engage with and learn from some of the top security experts in the world.

React to this headline:

Loading spinner

Observations from Black Hat USA 2024, BSidesLV, and DEF CON 32 Read More »

Key metrics for monitoring and improving ZTNA implementations

Artificial Intelligence, cybersecurity, Don't miss, Features, Hot stuff, human error, News, opinion, policy, strategy, supply chain attacks, Wilson Perumal & Company, zero trust /

Key metrics for monitoring and improving ZTNA implementations 2024-08-13 at 07:01 By Mirko Zorz In this Help Net Security interview, Dean Hamilton, CTO at Wilson Perumal & Company, discusses the complexities of zero trust network access (ZTNA) implementation, focusing on balancing security with operational efficiency. Hamilton highlights strategic planning, collaboration between IT and business leaders,

React to this headline:

Loading spinner

Key metrics for monitoring and improving ZTNA implementations Read More »

New open-source project takeover attacks spotted, stymied

backdoor, CISA, Don't miss, Endor Labs, Hot stuff, News, O'Reilly, open source, OpenJS Foundation, OpenSSF, social engineering, supply chain attacks, tips /

New open-source project takeover attacks spotted, stymied 2024-04-16 at 16:16 By Zeljka Zorz The OpenJS Foundation has headed off a “credible takeover attempt” similar to the one that resulted in a backdoor getting included in the open-source XZ Utils package by someone who called themselves “Jia Tan”. This malicious maintainer achieved that coveted position after

React to this headline:

Loading spinner

New open-source project takeover attacks spotted, stymied Read More »

XZ Utils backdoor update: Which Linux distros are affected and what can you do?

Alpine, backdoor, Debian, Don't miss, Fedora, Hot stuff, Kali Linux, Linux, Linux Mint, News, open source, Orca Security, Red Hat, supply chain attacks, Ubuntu, vulnerability /

XZ Utils backdoor update: Which Linux distros are affected and what can you do? 2024-03-31 at 21:01 By Zeljka Zorz The news that XZ Utils, a compression utility present in most Linux distributions, has been backdoored by a supposedly trusted maintainer has rattled the open-source software community on Friday, mere hours until the beginning of

React to this headline:

Loading spinner

XZ Utils backdoor update: Which Linux distros are affected and what can you do? Read More »

Outsmarting cybercriminal innovation with strategies for enterprise resilience

Artificial Intelligence, cybercriminals, cybersecurity, Don't miss, Features, GISEC, Hot stuff, machine learning, News, Nokia, opinion, regulation, strategy, supply chain attacks, Threat Intelligence, threats, UAE /

Outsmarting cybercriminal innovation with strategies for enterprise resilience 2024-03-19 at 07:19 By Mirko Zorz In this Help Net Security interview, Pedro Cameirão, Head of Cyber Defense Center at Nokia, discusses emerging cybersecurity trends for 2024 and advises enterprises on preparation strategies. Cameirão will speak at GISEC Global 2024 in Dubai, a conference and exhibition bringing

React to this headline:

Loading spinner

Outsmarting cybercriminal innovation with strategies for enterprise resilience Read More »

Ransomware recap 2023 highlights cybersecurity crisis

CyberInt, cybersecurity, Don't miss, extortion, Hot stuff, Ransomware, supply chain attacks, Video /

Ransomware recap 2023 highlights cybersecurity crisis 2024-01-30 at 07:02 By Help Net Security In this Help Net Security video, Yochai Corem, CEO of Cyberint, explores the ransomware environment’s development, effects, and emerging patterns throughout the previous year. 2023 marked a historic high for ransomware groups, with a 55.5% increase in attacks, reaching 4,368 victims globally,

React to this headline:

Loading spinner

Ransomware recap 2023 highlights cybersecurity crisis Read More »

Cybercriminals embrace smarter strategies, less effort

cybercriminals, cybersecurity, data breach, Experian, hacker, News, report, supply chain attacks, third party compromise, threats /

Cybercriminals embrace smarter strategies, less effort 2024-01-29 at 06:33 By Help Net Security 2024 is shaping up to be a record-breaking year for data breaches, according to Experian. Despite 2023 being labeled as a ‘successful’ year for malicious actors, the upcoming months may bring forth developments that could further disrupt the cybersecurity landscape. Supply chain

React to this headline:

Loading spinner

Cybercriminals embrace smarter strategies, less effort Read More »

Software supply chain attacks are getting easier

cybercrime, cybersecurity, Don't miss, News, open source, report, ReversingLabs, software, supply chain attacks, survey /

Software supply chain attacks are getting easier 2024-01-24 at 06:03 By Help Net Security ReversingLabs identified close to 11,200 unique malicious packages across three major open-source software platforms in 2023: npm, PyPI, and RubyGems. These findings mark an astounding 1,300% increase in malicious packages from 2020 and an increase of 28% over 2022 when a

React to this headline:

Loading spinner

Software supply chain attacks are getting easier Read More »

Public exposure of data breaches is becoming inevitable

Allianz, Artificial Intelligence, cybercrime, cybersecurity, data breach, extortion, News, Ransomware, report, supply chain attacks, survey /

Public exposure of data breaches is becoming inevitable 01/11/2023 at 09:01 By Help Net Security Ransomware incidents rising again as criminals use data exfiltration and supply chain attacks to maximize their leverage, according to Allianz. Allianz Commercial analysis of large cyber losses shows the number of cases in which data is exfiltrated is soaring, as

React to this headline:

Loading spinner

Public exposure of data breaches is becoming inevitable Read More »

Cyberattacks on healthcare organizations affect patient care

BEC scams, cyberattack, cybercrime, cybersecurity, healthcare, News, Ponemon Institute, Proofpoint, Ransomware, report, supply chain attacks, survey /

Cyberattacks on healthcare organizations affect patient care 17/10/2023 at 06:32 By Help Net Security 88% of organizations experienced an average of 40 attacks in the past 12 months, according to a survey conducted by the Proofpoint and Ponemon Institute. Supply chain attacks: Leading patient care risk The average total cost of a cyberattack experienced by

React to this headline:

Loading spinner

Cyberattacks on healthcare organizations affect patient care Read More »

Rising OT/ICS cybersecurity incidents reveal alarming trend

critical infrastructure, cybercrime, cybersecurity, firewall, network, News, phishing, regulation, report, Rockwell Automation, standards, strategy, supply chain attacks, survey /

Rising OT/ICS cybersecurity incidents reveal alarming trend 14/09/2023 at 06:01 By Help Net Security 60% of cyberattacks against the industrial sector are led by state-affiliated actors and often unintentionally enabled by internal personnel (about 33% of the time), according to Rockwell Automation. This corroborates other industry research showing OT/ICS (Industrial Control Systems) cybersecurity incidents are

React to this headline:

Loading spinner

Rising OT/ICS cybersecurity incidents reveal alarming trend Read More »

The rise and evolution of supply chain attacks

backdoor, Broadcom, cybersecurity, Don't miss, Hot stuff, Malware, software, supply chain attacks, Symantec, trojan, Video /

The rise and evolution of supply chain attacks 13/09/2023 at 07:03 By Help Net Security A supply chain attack is a cyberattack that focuses on a third-party supplier providing essential services or software to the supply chain. In this Help Net Security video, Dick O’Brien, Principal Intelligence Analyst in the Symantec Threat Hunter team, discusses

React to this headline:

Loading spinner

The rise and evolution of supply chain attacks Read More »

CISOs under pressure: Protecting sensitive information in the age of high employee turnover

access management, Artificial Intelligence, burnout, CISO, cybersecurity, Don't miss, Features, Gartner, Hot stuff, how-to, identity management, machine learning, News, NIST, opinion, remote working, security ROI, strategy, supply chain attacks, threats, tips, zero trust /

CISOs under pressure: Protecting sensitive information in the age of high employee turnover 17/07/2023 at 07:31 By Mirko Zorz In this Help Net Security interview, Charles Brooks, Adjunct Professor at Georgetown University’s Applied Intelligence Program and graduate Cybersecurity Programs, talks about how zero trust principles, identity access management, and managed security services are crucial for

React to this headline:

Loading spinner

CISOs under pressure: Protecting sensitive information in the age of high employee turnover Read More »

MOVEit Transfer hack fallout: BBC, Aer Lingus, Boots among the victims

0-day, British Airways, cybercrime, data theft, Don't miss, enterprise, extortion, Hot stuff, News, Orange Cyberdefense, Progress, Rapid7, SMBs, supply chain attacks /

MOVEit Transfer hack fallout: BBC, Aer Lingus, Boots among the victims 06/06/2023 at 13:50 By Zeljka Zorz The fallout of the MOVEit Transfer hack via CVE-2023-34362 by the Cl0p gang is expanding, as several UK-based companies have now confirmed that some of their data has been stolen. Victimized organizations The confirmed victims so far are

React to this headline:

Loading spinner

MOVEit Transfer hack fallout: BBC, Aer Lingus, Boots among the victims Read More »

How APTs target SMBs

APT, Don't miss, Hot stuff, MSP, News, phishing, Proofpoint, SMBs, supply chain attacks, trends /

How APTs target SMBs 31/05/2023 at 13:47 By Helga Labus Small and medium businesses (SMBs) are not exempt from being targeted by advanced persistent threat (APT) actors, according to Proofpoint researchers. By analyzing a year’s worth of APT campaign data they collected from the 200,000+ SMBs that have their security solution deployed, they pinpointed three

React to this headline:

Loading spinner

How APTs target SMBs Read More »

Scroll to Top