In today’s fast-paced technological landscape, the adoption of Infrastructure as Code (IaC) has revolutionized the way organizations manage and deploy their IT infrastructure. IaC allows teams to define and provision infrastructure through code, enabling automation, scalability, and consistency. However, with…
Category: EN
Hackers Exploiting Vulnerabilities 50% Faster, Within 4.76 Days
Cybersecurity researchers are sounding the alarm that hackers are exploiting software vulnerabilities faster than ever before. A new report from Fortinet found that in the second half of 2023, the average time between a vulnerability being disclosed and actively exploited…
BlackBasta Ransomware targeted nearly 500 firms till May 2024
The BlackBasta Ransomware gang has been causing havoc across a spectrum of organizations, targeting nearly 500 entities from April 2022 to May 2024, as per a report jointly released by the Department of Health and Human Services (HHS) and the…
Red teaming: The key ingredient for responsible AI
Developing responsible AI isn’t a straightforward proposition. On one side, organizations are striving to stay at the forefront of technological advancement. On the other hand, they must ensure strict compliance with ethical standards and regulatory requirements. Organizations attempting to balance…
Establishing a security baseline for open source projects
In this Help Net Security interview, Dana Wang, Chief Architect at OpenSSF, discusses the most significant barriers to improving open-source software security (OSS security) and opportunities for overcoming these challenges. The OpenSSF community has developed open-source security tools and projects,…
How AI affects vulnerability management in open-source software
In this Help Net Security video, Itamar Sher, CEO of Seal Security, discusses how AI affects the risk and operational aspects of managing vulnerabilities in open-source software. One of the core issues around open-source vulnerability patch management has been the…
AI’s rapid growth puts pressure on CISOs to adapt to new security risks
The increased use of AI further complicates CISO role as industries begin to realize the full potential of GenAI and its impact on cybersecurity, according to Trellix. GenAI’s impact on CISO responsibility GenAI has rolled out at an immense speed,…
Critical vulnerabilities take 4.5 months on average to remediate
Over a third of organizations had at least one known vulnerability in 2023, with nearly a quarter of those facing five or more, and 60% of vulnerabilities remained unaddressed past CISA’s deadlines, according to Bitsight. Organizations struggle to remediate critical…
Securing the future through cybersecurity education
In this Help Net Security round-up, we present excerpts from previously recorded videos in which security experts talk about the cybersecurity talent shortage and the role STEM education can play in solving that problem. They also discuss actions needed to…
ISC Stormcast For Monday, May 13th, 2024 https://isc.sans.edu/podcastdetail/8978, (Mon, May 13th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, May 13th, 2024…
ASEAN organizations dealing with growing cyber menace
Cloudflare’s Everywhere Security platform offers unified protection for on and off-premise applications Sponsored Post Organizations across the Asia Pacific need to urgently ramp up their IT security infrastructures in response to a significantly increasing level of cyber threats, security experts…
Download: The Ultimate Guide to the CISSP
The Ultimate Guide to the CISSP covers everything you need about the world’s premier cybersecurity leadership certification. Learn how CISSP and ISC2 will help you navigate your training path, succeed in certification, and advance your career so you’re ready to…
Encrypted mail service Proton confirmed handing PII to cops again
PLUS: More data leaks at the US Patent Office; LockBit still tough enough for Wichita; and some critical vulnerabilities in brief Encrypted email service Proton Mail is in hot water again, and for the same thing that earned it flack…
The Importance of Data Categorization In A Threat-Filled Landscape
By Dr. Pragyansmita Nayak, Chief Data Scientist, Hitachi Vantara Federal National security is amid a transformative journey driven by technological progress in more ways than one. One of those ways […] The post The Importance of Data Categorization In A…
Ransomware negotiator weighs in on the extortion payment debate with El Reg
As gang tactics get nastier while attacks hit all-time highs Interview Ransomware hit an all-time high last year, with more than 60 criminal gangs listing at least 4,500 victims – and these infections don’t show any signs of slowing.… This…
Dell API Abused to Steal 49 Million Customer Records in Data Breach
The threat actor responsible for the recent Dell data breach stated that he scraped information from 49 million customer records via a partner portal API that he accessed as a phony organization. Dell had begun sending alerts to customers informing…
Pro-Russia hackers targeted Kosovo’s government websites
Pro-Russia hackers targeted government websites in Kosovo in retaliation for the government’s support to Ukraine with military equipment. Pro-Russia hackers targeted Kosovo government websites, including the websites of the president and prime minister, with DDoS attacks. The attacks are a…
USENIX Security ’23 – GigaDORAM: Breaking the Billion Address Barrier
Authors/Presenters: Brett Falk, Rafail Ostrovsky, Matan Shtepel, Jacob Zhang Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott;…
Key Takeaways from RSA Conference 2024: AI and Data Security in Focus | Eureka Security
The 2024 RSA Conference focused on how AI is changing cybersecurity. AI can improve security but also introduces new risks. Data security is critical for safe and effective AI, and organizations need | Eureka Security The post Key Takeaways from…
Understanding the Complexities of VPNs: Balancing Privacy and Security in the Digital Age
Virtual private networks (VPNs) are crafted to safeguard online privacy through the encryption of internet traffic and concealment of IP addresses, thereby preventing the determination of user locations. This functionality becomes apparent when users attempt to access websites or…