Tag: Help Net Security

While every organization across every vertical is at risk of advanced email attacks, certain industries periodically become the go-to target for threat actors. In this Help Net Security video, Mick Leach, Field CISO at Abnormal Security, discusses why the automotive…

Read more →

Security industry leaders believe that AI and automation technologies are critical to addressing the complexities of modern security operations, according to Anomali. AI expected to boost threat detection In fact, security analysts maintain that up to 57% of their daily…

Read more →

Any password under seven characters can be cracked within a matter of hours, according to Hive Systems. The time it takes to crack passwords increases Due to the widespread use of stronger password hashing algorithms to protect data, the time…

Read more →

Organizations worldwide need talented, experienced, and knowledgeable cybersecurity teams who understand the advantages and risks of emerging technologies. Aspiring leaders in the cybersecurity field need more than just job experience. They need a diverse and robust set of skills that…

Read more →

The Product Security and Telecommunications Infrastructure (PSTI) Act has come into effect today, requiring manufacturers of consumer-grade IoT products sold in the UK to stop using guessable default passwords and have a vulnerability disclosure policy. “Most smart devices are manufactured…

Read more →

Silobreaker announced the addition of automatic collection, AI-enhanced analysis, and alerting on 8-K cybersecurity incident filings made to the US Securities and Exchange Commission (SEC). This enhancement to the Silobreaker platform empowers organizations to stay informed about critical cybersecurity incidents…

Read more →

Researchers have found two novel types of attacks that target the conditional branch predictor found in high-end Intel processors, which could be exploited to compromise billions of processors currently in use. The multi-university and industry research team led by computer…

Read more →

Credential stuffing attacks have exploded this April, Okta warns, and advises its customers to use available tools to block access requests originating from residential proxies before authentication takes place. Abuse of proxy networks “In credential stuffing attacks, adversaries attempt to…

Read more →

The Department of Homeland Security announced the establishment of the Artificial Intelligence Safety and Security Board (the Board). The Board will advise the Secretary, the critical infrastructure community, other private sector stakeholders, and the broader public on the safe and…

Read more →

Prompt Fuzzer is an open-source tool that evaluates the security of your GenAI application’s system prompt against dynamic LLM-based threats. Prompt Fuzzer features Simulation of over a dozen types of GenAI attacks The tool contextualizes itself automatically based on the…

Read more →

Insider threats are a prominent issue and can lead to serious security breaches. Just because someone is a colleague or employee does not grant inherent trust. In this Help Net Security video, Tara Lemieux, CMMC Consultant for Redspin, discusses insider…

Read more →

Most businesses see offensive AI fast becoming a standard tool for cybercriminals, with 93% of security leaders expecting to face daily AI-driven attacks, according to Netacea. Offensive AI in cyberattacks The research, “Cyber security in the age of offensive AI”,…

Read more →

The list of skills technologists and organizations need to succeed grows with each new tech advancement, according to Pluralsight. But for many organizations, budgets and staff continue to shrink. This survey asked 1,400 executives and IT professionals how organizations can…

Read more →

In this Help Net Security round-up, we present excerpts from previously recorded videos in which security experts talk about how increased adoption of cloud technology, remote work, and the proliferation of IoT devices present significant challenges for organizations. To tackle…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359) A state-sponsored threat actor has managed to compromise Cisco Adaptive Security Appliances (ASA) used on…

Read more →

LSA Whisperer consists of open-source tools designed to interact with authentication packages through their unique messaging protocols. Support is currently provided for the cloudap, kerberos, msv1_0, negotiate, pku2u, schannel packages and cloudap’s AzureAD plugin. Partial or unstable support is provided…

Read more →

Bitwarden surveyed 2,400 individuals from the US, UK, Australia, France, Germany, and Japan to investigate current user password practices. The survey shows that 25% of respondents globally reuse passwords across 11-20+ accounts, and 36% admit to using personal information in…

Read more →

Following the past few years of economic turbulence, merger and acquisition (M&A) activity is on the rise in 2024, with several acquisition deals being announced in the first few months of the year valued at billions of dollars. With the…

Read more →

Here’s a list of interesting cybersecurity companies that received funding so far in 2024. Aim Security January | $10 million Aim Security raised $10 million in seed funding, led by YL Ventures, with participation from CCL (Cyber Club London), the…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Cyberint, Forcepoint, Invicti Security, Netwrix, Trend Micro, Zero Networks, and WhyLabs. Trend Micro launches AI-driven cyber risk management capabilities Trend Micro unveiled AI-driven cyber risk…

Read more →