VMware is urging users to uninstall the deprecated Enhanced Authentication Plugin (EAP) following the discovery of a critical security flaw. Tracked as CVE-2024-22245 (CVSS score: 9.6), the vulnerability has been described as an arbitrary authentication relay bug. “A malicious actor could trick…
Category: EN
Russian Hackers Target Ukraine with Disinformation and Credential-Harvesting Attacks
Cybersecurity researchers have unearthed a new influence operation targeting Ukraine that leverages spam emails to propagate war-related disinformation. The activity has been linked to Russia-aligned threat actors by Slovak cybersecurity company ESET, which also identified a spear-phishing campaign aimed at…
TruffleHog: Open-source solution for scanning secrets
TruffleHog is an open-source scanner that identifies and addresses exposed secrets throughout your entire technology stack. “TruffleHog was originally a research tool I independently authored in 2016. When I published it, no tools were scanning Git revision history for secrets.…
10 cybersecurity startups to watch in 2024
At Help Net Security, we’ve been following the cybersecurity business landscape closely for the past 25 years. Through our Industry News section, we’ve been tracking the pulse of the cybersecurity world, bringing you product news from companies worldwide. Certain vendors…
Ransomware Declines as InfoStealers and AI Threats Gain Ground: IBM X-Force
The ransomware threat is declining as actors pivot to infostealing, according to IBM, which says that attacks on cloud services and critical infrastructures are growing. The post Ransomware Declines as InfoStealers and AI Threats Gain Ground: IBM X-Force appeared first…
Unveiling Mandiant’s Cyber Threat Intelligence Program Maturity Assessment
As part of Google Cloud’s continuing commitment to improving the overall state of cybersecurity for society, today Mandiant is publicly releasing a web-based Intelligence Capability Discovery (ICD) to help commercial and governmental organizations evaluate the maturity of their cyber threat…
China could be doing better at censorship, think tank finds
Complex overlapping bureaucracy sometimes lacks the funds and skills to do it right China’s censorship regime remains pervasive and far reaching, but the bureaucratic apparatus implementing it is unevenly developed and is not always well funded, according to a report…
10 steps to effective board leadership on cyber security
Boards and non executive directors can lead from the front on cyber security and reduce risk for your organisation. Yet sometimes it is not easy to find a path forward to engage in a technical area. Here are 10 practice…
A closer look at Israeli cybersecurity funding and M&A activity in 2023
Last year was challenging for the global market, and the market downturn greatly affected even the historically resilient cybersecurity ecosystem. In this Help Net Security video, Merav Ben Avi, Content Manager at YL Ventures, talks about how the Israeli cybersecurity…
The importance of a good API security strategy
In 2024, API requests accounted for 57% of dynamic internet traffic around the globe, according to the Cloudflare 2024 API Security & Management Report, confirming that APIs are a crucial component of modern software development. But with their increased adoption…
Alleged Raccoon Infostealer operator extradited, verification site set up for victims
A Ukrainian national was extradited to the United States from the Netherlands after being indicted for crimes related to fraud, money laundering, and aggravated identity theft. According to court documents, Mark Sokolovsky conspired to operate the Raccoon Infostealer as a…
Active Directory outages can cost organizations $100,000 per day
Nearly every organization has core systems services tied to Active Directory that will go down during an outage, according to Cayosoft. Consequences of system downtime for business operations The impact of just one system being down can devastate business operations…
True Alliance Mitigates Online Retail Bot Threats and Improves Website Uptime by 99% with Kasada and AWS
See how this retailer and distributor of iconic brands stopped automated threats and bot attacks that were impacting business revenue, increasing its site uptime and conversion rate. The post True Alliance Mitigates Online Retail Bot Threats and Improves Website Uptime…
Early adopters’ fast-tracking gen AI into production, according to new report
Healthcare, manufacturing and education industries see the greatest potential for gen AI and lead all others in their interest to become early adopters. This article has been indexed from Security News | VentureBeat Read the original article: Early adopters’ fast-tracking…
The world according to Hinton: Slowing AI down is not the answer
Eight months ago, Geoffrey Hinton, the esteemed professor emeritus at the University of Toronto who resigned his post at Google over concerns about artificial intelligence (AI) advances, stated in a speech at Collision 2023 that the world is “entering a…
Decoding Digital Transformation: AI, ML, and RPA in the Modern Era
Explore the first article in this series about AI, ML, and RPA, which aims to demystify and explore the full spectrum of these core technologies. This article has been indexed from Trend Micro Research, News and Perspectives Read the original…
Singapore’s monetary authority advises banks to get busy protecting against quantum decryption
No time like the present, says central bank The Monetary Authority of Singapore (MAS) advised on Monday that financial institutions need to stay agile enough to adopt post-quantum cryptography (PQC) and quantum key distribution (QKD) technology, without significantly impacting systems…
It’s time to bolster defenses for an AI / Quantum Future
[By Paul Fuegner – QuSecure] The rapid advances we are seeing in emerging technologies like AI, ML and quantum computing will have a devastating impact on organizations not prepared and who have not considered updating existing modes of asymmetric data…
Beware of OpenAI and ChatGPT-4 Turbo in Financial Services Organizations’ Growing API Attack Surface
[By Doug Dooley, COO, Data Theorem] The rise of OpenAI and new changes with ChatGPT-4 Turbo will help to revolutionize the way financial services organizations take advantage of their data, enabling them to scale their analysis rapidly and stay agile…
API Security in 2024: Navigating New Threats and Trends
[By Tyler Shields, Vice President at Traceable AI] As we step into 2024, the landscape of API security is at a critical juncture. The previous year witnessed a significant escalation in API-related breaches, impacting diverse organizations and bringing to light…