tips

What is multi-factor authentication (MFA), and why is it important?

access management, authentication, BARR Advisory, cybersecurity, Don't miss, Hot stuff, MFA, password manager, passwords, Privacy, tips, Video /

What is multi-factor authentication (MFA), and why is it important? 2024-04-23 at 06:31 By Help Net Security Setting up MFA can seem daunting for consumers just beginning to clean up their security postures. In this Help Net Security video, Larry Kinkaid, Manager, Cybersecurity Consulting at BARR Advisory, shares tips for consumers who need simple, accessible […]

React to this headline:

Loading spinner

What is multi-factor authentication (MFA), and why is it important? Read More »

How to optimize your bug bounty programs

Artificial Intelligence, bug bounty, cybersecurity, Don't miss, Features, hacker, Hot stuff, machine learning, News, opinion, policy, regulation, risk assessment, Risk Management, strategy, tips, Zoom /

How to optimize your bug bounty programs 2024-04-22 at 08:02 By Mirko Zorz In this Help Net Security interview, Roy Davis, Manager – Vulnerability Management & Bug Bounty at Zoom, discusses the role bug bounty programs play in identifying security vulnerabilities and facilitating collaboration with researchers. He offers advice to organizations, stressing the importance of

React to this headline:

Loading spinner

How to optimize your bug bounty programs Read More »

Thinking outside the code: How the hacker mindset drives innovation

bug bounty, cybersecurity, Don't miss, education, Features, hacker, hacking, Hot stuff, Innovation, News, opinion, skill development, strategy, tips /

Thinking outside the code: How the hacker mindset drives innovation 2024-04-17 at 08:01 By Mirko Zorz Keren Elazari is an internationally recognized security analyst, author, and researcher. Since 2000, Keren has worked with leading Israeli security firms, government organizations, innovative start-ups, and Fortune 500 companies. She is the founder of BSidesTLV and Leading Cyber Ladies

React to this headline:

Loading spinner

Thinking outside the code: How the hacker mindset drives innovation Read More »

New open-source project takeover attacks spotted, stymied

backdoor, CISA, Don't miss, Endor Labs, Hot stuff, News, O'Reilly, open source, OpenJS Foundation, OpenSSF, social engineering, supply chain attacks, tips /

New open-source project takeover attacks spotted, stymied 2024-04-16 at 16:16 By Zeljka Zorz The OpenJS Foundation has headed off a “credible takeover attempt” similar to the one that resulted in a backdoor getting included in the open-source XZ Utils package by someone who called themselves “Jia Tan”. This malicious maintainer achieved that coveted position after

React to this headline:

Loading spinner

New open-source project takeover attacks spotted, stymied Read More »

5 free red teaming resources to get you started

cybersecurity, Don't miss, GitHub, Hot stuff, how-to, News, red team, strategy, tips /

5 free red teaming resources to get you started 2024-04-16 at 07:32 By Help Net Security Red teaming is evaluating the effectiveness of your cybersecurity by eliminating defender bias and adopting an adversarial perspective within your organization. Tactics may include anything from social engineering to physical security breaches to simulate a real-world advanced persistent threat.

React to this headline:

Loading spinner

5 free red teaming resources to get you started Read More »

Ransomware group maturity should influence ransom payment decision

cybercriminals, Don't miss, extortion, GuidePoint Security, Hot stuff, News, Ransomware, SMBs, tips /

Ransomware group maturity should influence ransom payment decision 2024-04-11 at 16:16 By Zeljka Zorz Your organization has been hit by ransomware and a decision has to be made on whether or not to make the ransom payment to get your data decrypted, deleted from attackers’ servers, and/or not leaked online. The decision will depend on

React to this headline:

Loading spinner

Ransomware group maturity should influence ransom payment decision Read More »

Cyber attacks on critical infrastructure show advanced tactics and new capabilities

CISO, critical infrastructure, cyberattacks, cybersecurity, Don't miss, Features, Government, Hot stuff, News, opinion, Ransomware, strategy, Tenable, tips /

Cyber attacks on critical infrastructure show advanced tactics and new capabilities 2024-04-03 at 07:01 By Mirko Zorz In this Help Net Security interview, Marty Edwards, Deputy CTO OT/IoT at Tenable, discusses the impact of geopolitical tensions on cyber attacks targeting critical infrastructure. Edwards highlights the need for collaborative efforts between policymakers, government agencies, and the

React to this headline:

Loading spinner

Cyber attacks on critical infrastructure show advanced tactics and new capabilities Read More »

6 keys to navigating security and app development team tensions

Application Security, cybersecurity, data security, DevSecOps, Don't miss, Hot stuff, News, Probely, tips /

6 keys to navigating security and app development team tensions 2024-04-02 at 06:01 By Help Net Security There will always be a natural tension between cybersecurity teams and developers. After all, it’s the developer’s role to “develop.” They want and are paid to create and ship new applications and features that help move the organization

React to this headline:

Loading spinner

6 keys to navigating security and app development team tensions Read More »

The most prevalent malware behaviors and techniques

Don't miss, Elastic, malware analysis, malware detection, News, research, tips /

The most prevalent malware behaviors and techniques 2024-03-20 at 12:46 By Zeljka Zorz An analysis of 100,000+ Windows malware samples has revealed the most prevalent techniques used by malware developers to successfully evade defenses, escalate privileges, execute the malware, and assure its persistence. Malware tactics and techniques The analyzed malware samples were most often delivered

React to this headline:

Loading spinner

The most prevalent malware behaviors and techniques Read More »

LastPass’ CIO vision for driving business strategy, innovation

Artificial Intelligence, CIO, cybersecurity, data management, digital transformation, Don't miss, Features, Hot stuff, LastPass, News, opinion, Privacy, regulation, strategy, tips /

LastPass’ CIO vision for driving business strategy, innovation 2024-03-13 at 08:39 By Mirko Zorz Recently, LastPass appointed Asad Siddiqui as its CIO. He brings over two decades of experience leading startups and large technology organizations. It was the perfect time for Help Net Security to find out what’s next for Siddiqui in his new role

React to this headline:

Loading spinner

LastPass’ CIO vision for driving business strategy, innovation Read More »

10 free cybersecurity guides you might have missed

CISA, CISO, critical infrastructure, cyber resilience, Department of Defense, Don't miss, Government, guide, Hot stuff, how-to, News, phishing, Ransomware, skill development, SMBs, strategy, tips, USA /

10 free cybersecurity guides you might have missed 2024-03-11 at 09:07 By Help Net Security This collection of free cybersecurity guides covers a broad range of topics, from resources for developing cybersecurity programs to specific guides for various sectors and organizations. Whether you work for a small business, a large corporation, or a specific industry,

React to this headline:

Loading spinner

10 free cybersecurity guides you might have missed Read More »

How to create an efficient governance control program

Center for Internet Security, CISO, Don't miss, Hot stuff, how-to, News, strategy, tips /

How to create an efficient governance control program 2024-03-06 at 06:31 By Help Net Security Your success as an organization, especially in the cyber realm, depends on your security posture. To account for the ongoing evolution of digital threats, you need to implement robust governance control programs that address the current control environment and help

React to this headline:

Loading spinner

How to create an efficient governance control program Read More »

How organizations can navigate identity security risks in 2024

access management, authentication, CISO, cloud security, cybersecurity, Don't miss, Features, Hot stuff, hybrid IT, identity management, News, opinion, SaaS, strategy, tips, Zilla Security /

How organizations can navigate identity security risks in 2024 2024-02-29 at 07:34 By Mirko Zorz Managing IAM challenges in hybrid IT environments requires a holistic approach, integrating solutions and automating processes to ensure effective access controls and operational efficiency. In this Help Net Security interview, Deepak Taneja, CEO of Zilla Security, discusses identity security risks

React to this headline:

Loading spinner

How organizations can navigate identity security risks in 2024 Read More »

Why we fall for fake news and how can we change that?

Artificial Intelligence, Don't miss, Fake News, Hot stuff, News, social media, tips /

Why we fall for fake news and how can we change that? 2024-02-09 at 08:32 By Helga Labus Have you ever been swept away by an enticing headline and didn’t bother to probe the news in-depth? You might have shared an eye-catching news story or engaged with a compelling post, only to realize later that

React to this headline:

Loading spinner

Why we fall for fake news and how can we change that? Read More »

Key strategies for ISO 27001 compliance adoption

auditing, certification, Compliance, cybersecurity, Don't miss, Features, Hot stuff, how-to, ISO 27001, Kiowa Security, News, opinion, regulation, risk assessment, standards, strategy, tips /

Key strategies for ISO 27001 compliance adoption 2024-02-09 at 07:32 By Mirko Zorz In this Help Net Security interview, Robin Long, founder of Kiowa Security, shares insights on how best to approach the implementation of the ISO/IEC 27001 information security standard. Long advises organizations to establish a detailed project roadmap and to book certification audits

React to this headline:

Loading spinner

Key strategies for ISO 27001 compliance adoption Read More »

10 tips for creating your security hackathon playbook

cybersecurity, Don't miss, Expert analysis, Expert corner, hacking contest, Hot stuff, Intel, News, opinion, product testing, security testing, tips /

10 tips for creating your security hackathon playbook 2024-02-08 at 08:01 By Help Net Security For more than 12 years, I’ve been organizing and running hackathons with the goal of finding security vulnerabilities and fixing them before a product hits the market. These events can play a pivotal role in the product development lifecycle, increasing

React to this headline:

Loading spinner

10 tips for creating your security hackathon playbook Read More »

Common cloud security mistakes and how to avoid them

cloud security, cyber risk, Data Protection, Don't miss, Hot stuff, misconfiguration, News, strategy, threats, tips /

Common cloud security mistakes and how to avoid them 2024-02-07 at 08:01 By Helga Labus According to recent surveys, 98% of organizations keep their financial, business, customer and/or employee information in the cloud but, at the same time, 95% of cloud security professionals are not sure their security protections and their team would manage to

React to this headline:

Loading spinner

Common cloud security mistakes and how to avoid them Read More »

10 must-read cybersecurity books for 2024

books, cybersecurity, Don't miss, Hot stuff, how-to, Learning Tree, News, No Starch Press, skill development, strategy, tips /

10 must-read cybersecurity books for 2024 2024-02-06 at 07:01 By Help Net Security Our list of cybersecurity books has been curated to steer your professional growth in 2024. This selection aims to provide comprehensive information security insights and knowledge, ensuring you stay ahead in your career learning journey throughout the year. Cyber for Builders: The

React to this headline:

Loading spinner

10 must-read cybersecurity books for 2024 Read More »

Zero trust implementation: Plan, then execute, one step at a time

access management, authentication, Don't miss, Hot stuff, News, strategy, tips, zero trust /

Zero trust implementation: Plan, then execute, one step at a time 2024-02-01 at 08:02 By Helga Labus 82% of cybersecurity professionals have been working on implementing zero trust last year, and 16% should be on it by the end of this year. The challenges of zero trust implementation You’ve probably heard it before: zero trust

React to this headline:

Loading spinner

Zero trust implementation: Plan, then execute, one step at a time Read More »

Custom rules in security tools can be a game changer for vulnerability detection

cybersecurity, Don't miss, Features, Hot stuff, News, opinion, scanning, Semgrep, software development, strategy, tips /

Custom rules in security tools can be a game changer for vulnerability detection 2024-02-01 at 07:32 By Mirko Zorz In this Help Net interview, Isaac Evans, CEO at Semgrep, discusses the balance between speed and thoroughness in CI/CD pipeline security scanning. Stressing the need to avoid slowing down the process, he recommends a nuanced approach,

React to this headline:

Loading spinner

Custom rules in security tools can be a game changer for vulnerability detection Read More »

Scroll to Top