Category: Help Net Security

Anomali announced new capabilities for Anomali Copilot to help security, and now also IT departments, use the latest innovations in AI to successfully defend, protect, and propel their organizations forward. Anomali Copilot empowers security or IT analysts at any skill…

Read more →

A critical vulnerability (CVE-2024-6800) affecting all currently supported versions of GitHub Enterprise Server (GHES) may allow attackers to gain unrestricted access to the instance’s contents. The issue, reported via the GitHub Bug Bounty program, has been addressed and administrators are…

Read more →

Wallarm announced its latest innovation: API Attack Surface Management (AASM). This agentless technology transforms how organizations identify, analyze, and secure their entire API attack surface. Designed for effortless deployment, Wallarm AASM empowers organizations to discover all of their externally-facing APIs…

Read more →

ESET researchers uncovered NGate malware, which can relay data from victims’ payment cards via a malicious app installed on their Android devices to the attacker’s rooted Android phone. Attack overview (Source: ESET) Unauthorized ATM withdrawals The campaign’s primary goal in…

Read more →

A new Chrome zero-day vulnerability (CVE-2024-7971) exploited by attackers in the wild has been fixed by Google. About CVE-2024-7971 CVE-2024-7971 is a high-severity vulnerability caused by a type confusion weakness in V8, the open-source JavaScript and WebAssembly engine developed by…

Read more →

LibreOffice 24.8, the new major release of the free Windows, macOS, and Linux office suite, is now available. This is the first to provide an official package for Windows PCs based on ARM processors. The LibreOffice advantage LibreOffice is the…

Read more →

Things change fast in the world of data privacy. Just earlier this year, the question I was being asked most frequently was, “How similar will the proposed federal privacy law (APRA) be to the EU’s GDPR?” Now that APRA is…

Read more →

Senior executives are prime targets for cybercriminals, with 72% of surveyed cybersecurity professionals in the US reporting that cyberattacks have targeted this group in the past 18 months. This trend, highlighted in GetApp’s 2024 Executive Cybersecurity Report, underscores the growing…

Read more →

There’s been an alarming increase in ransomware attacks over the past year, alongside significant shifts in the tactics and strategies employed by cybercriminals that underscore the necessity for organizations to implement around-the-clock monitoring and investigation of suspicious behaviors, according to…

Read more →

95% of cybersecurity experts express low confidence in GenAI security measures while red team data shows anyone can easily hack GenAI models, according to Lakera. Attack methods specific to GenAI, or prompt attacks, are easily used by anyone to manipulate…

Read more →

Entrust unveiled KeyControl as a Service (KCaaS), providing organizations with control of their cryptographic keys while leveraging the benefits of the cloud. Existing key management solutions can lack advanced features required to meet evolving compliance mandates and security policy requirements.…

Read more →

HITRUST launched its AI Risk Management (AI RM) Assessment, a comprehensive assessment approach for AI risk management processes in an organization. The HITRUST AI Risk Management Assessment ensures that governance associated with implementing AI solutions is in place and can…

Read more →

Poorly protected PostgreSQL databases running on Linux machines are being compromised by cryptojacking attackers. The attack – observed by Aqua Security researchers on a honeypot system – starts with the threat actors brute-forcing access credentials. Once access is achieved, the…

Read more →

RightCrowd introduced Mobile Credential Management feature for RightCrowd SmartAccess. This solution transforms how organizations manage and control access, replacing traditional methods with a more secure, efficient, and cost-effective approach. As the physical and digital worlds continue to converge, the management…

Read more →

American semiconductor manufacturer Microchip Technology Incorporated has had some of its business operations disrupted by a cyberattack. “As a result of the incident, certain of the Company’s manufacturing facilities are operating at less than normal levels, and the Company’s ability…

Read more →

McAfee launched McAfee Deepfake Detector, the latest addition to the company’s suite of AI-powered products. With AI-created videos, or deepfakes, flooding the internet and circulating across social media, we now live in a world where seeing and hearing are no…

Read more →

OpenCTI is an open-source platform designed to help organizations manage their cyber threat intelligence (CTI) data and observables. The platform structures its data using a knowledge schema built on the STIX2 standards. It features a modern web application architecture with…

Read more →

In this Help Net Security video, Mike Lexa, CISO and Global VP of IT Infrastructure and Operations at CNH, discusses how the federal government is taking food security more seriously and what steps must be taken to prioritize security measures.…

Read more →

Associate Cybersecurity Operations Officer UNICC | USA | On-site – View job details The Center aims to provide trusted ICT services and digital business solutions. You will work under the direct supervision and guidance of the Head of Cybersecurity Operations…

Read more →

2023 saw a surge in the frequency and duration of DDoS attacks, and in the first half of 2024, it’s clear that surge has become the new normal, according to Zayo. DDoS attack duration increases DDoS attacks surged 106% from…

Read more →