To the estimated 3 billion active users of the Google Chrome browser worldwide, the United States Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent security update. Users are now under a strict deadline of 72 hours to update…
Securing Data from Espionage: The Role of Confidential Computing
In an era where data breaches and cyber espionage are increasingly prevalent, protecting sensitive information has never been more crucial. Confidential computing emerges as a groundbreaking technology that enhances data security and privacy, offering a robust shield against unauthorized access…
Chinese Hackers Charged for Multi-Year Spear-Phishing Attacks
Song Wu, a Chinese national, has been indicted on charges of wire fraud and aggravated identity theft. The charges stem from his alleged involvement in a sophisticated spear-phishing campaign targeting sensitive U.S. research and technology. This case highlights ongoing concerns…
Unlocking Secure Communications 101: The Fundamentals
Ensuring the protection of data and communications is of utmost importance for organisations adapting to the intricacies of the digital era. Are you knowledgeable about secure communications? Whether you’re new… The post Unlocking Secure Communications 101: The Fundamentals appeared first…
China claims Starlink signals can reveal stealth aircraft – and what that really means
If this really was that useful, they wouldn’t be telling us According to a Chinese state-sanctioned study, signals from SpaceX Starlink broadband internet satellites could be used to track US stealth fighters, such as the F-22.… This article has been…
Gateways to havoc: Overprivileged dormant service accounts
Service accounts are non-human identities used to automate machine-to-machine interactions. They support critical functions – such as running scripts, services, and applications like websites, APIs, and databases – and facilitate integrations, operating as a proxy to humans and supporting business…
SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks
SolarWinds has released fixes to address two security flaws in its Access Rights Manager (ARM) software, including a critical vulnerability that could result in remote code execution. The vulnerability, tracked as CVE-2024-28991, is rated 9.0 out of a maximum of…
The Day the IT World Stood Still
Lessons from CrowdStrike on Safeguarding Your Data with Compliance, Continuity and Disaster Recovery Strategies Where were you when the CrowdStrike outage hit? Many of us were stuck in our tracks when the recent global IT outage, triggered by a faulty…
How to Prepare Your Organization for the Future with Continuous Security Testing
You wouldn’t brush your teeth once a year — it just wouldn’t be frequent enough to maintain proper care and hygiene of a body part you use every day. Similarly, it’s just not sufficient to perform a security test once…
The Human Element in Non-Human Identity Security: Bridging the Gap in Modern Cybersecurity
In today’s cybersecurity landscape, Non-Human identities (NHIs) are exploding in number. For every human user, there may be hundreds or even thousands of NHIs running in the background. Traditional access management tools were designed primarily for human users, and they…
Beyond human IAM: The rising tide of machine identities
Remember when managing user accounts was your biggest headache? Those were simpler times. Today, we’re drowning in a sea of machine identities, and it’s time to learn how to swim – or risk going under. In the ever-expanding universe of…
The growing danger of visual hacking and how to protect against it
In this Help Net Security interview, Robert Ramsey, CEO at Rain Technology, discusses the growing threat of visual hacking, how it bypasses traditional cybersecurity measures, and the importance of physical barriers like switchable privacy screens. Could you explain visual hacking…