Tag: Help Net Security

A new phishing campaign is using fake Okta single sign-on (SSO) pages for the Federal Communications Commission (FCC) and for various cryptocurrency platforms to target users and employees, Lookout researchers have discovered. The phishing campaign By pretending to be customer…

Read more →

Malicious software packages are found on public software repositories such as GitHub, PyPI and the npm registry seemingly every day. Attackers use a number of tricks to fool developers or systems into downloading them, or they simply compromise the package…

Read more →

Silobreaker announced an integration with MITRE ATT&CK Matrix for Enterprise, Industrial Control Systems (ICS) and Mobile, to help organizations better understand threats associated with malware, threat actors and industries. This latest enhancement enables organizations using the Silobreaker platform to leverage…

Read more →

Python Risk Identification Tool (PyRIT) is Microsoft’s open-source automation framework that enables security professionals and machine learning engineers to find risks in generative AI systems. PyRIT has been battle-tested by Microsoft’s AI red team. It started as a collection of…

Read more →

NIST released its final guidelines for integrating software supply chain security in DevSecOps CI/CD pipelines (SP 800-204D). In this Help Net Security video, Henrik Plate, Security Researcher at Endor Labs, talks about this report, which provides actionable measures to integrate…

Read more →

More than 95% of responding IT and security professionals believe social engineering attacks have become more sophisticated in the last year, according to LastPass. Recent AI advancements, particularly generative AI, have empowered cybercriminals to coordinate social engineering assaults with unprecedented…

Read more →

For several years, cybersecurity leaders have grappled with talent shortages in crucial cyber roles. In the face of escalating financial requirements and expanding responsibilities, these leaders are under heightened pressure to achieve more with fewer resources, creating roles encompassing multiple…

Read more →

BSidesZagreb is a complimentary, non-profit conference driven by community participation, designed for information security professionals and enthusiasts to gather, exchange ideas, and collaborate. Help Net Security sponsored the 2024 edition that took place on March 1, and here are photos…

Read more →

Despite its importance, patching can be challenging for organizations due to factors such as the sheer volume of patches released by software vendors, compatibility issues with existing systems, and the need to balance security with operational continuity. To ensure effective…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Overcoming the pressures of cybersecurity startup leadership In this Help Net Security interview, Kunal Agarwal, CEO at Dope Security, offers a look into the CEO’s…

Read more →

Collibra introduced Collibra AI Governance, a new product that enables organizations to deliver trusted AI safely and effectively. Built on top of the Collibra Data Intelligence Platform, Collibra AI Governance helps data, AI and legal teams collaborate to ensure compliance…

Read more →

The alliance between ransomware groups and initial access brokers (IABs) is still the powerful engine for cybercriminal industry, as evidenced by the 74% year-on-year increase in the number of companies that had their data uploaded on dedicated leak sites (DLS),…

Read more →

In this Help Net Security interview, Geoffrey Mattson, CEO of Xage Security, discusses the evolution of the Joint Cyber Defense Collaborative (JCDC) since its 2021 inception and tackles its 2024 strategic priorities in response to escalating cyber threats. He elaborates…

Read more →

Eficode research indicates that 96% of developers use AI tools, with most coders bypassing security policies to use them. With no standardized AI tool regulations, researchers advocate for stronger governance frameworks and AI security policies in organizations’ DevOps strategies to…

Read more →

According to the updated SEC regulations on cybersecurity incident disclosure, findings by SecurityScorecard reveal that 98% of companies are associated with a third party that has experienced a breach. It often takes months or longer for breaches to become public…

Read more →

While 98% of security professionals and executives have started working to comply with the new U.S. Securities and Exchange Commission (SEC) cybersecurity disclosure ruling, over one-third are still in the early phases of their efforts, according to AuditBoard. 81% of…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Legato Security, Exabeam, Spin.AI, and Viavi Solutions. Legato Security Ensemble helps organizations prevent breaches Ensemble addresses the challenges businesses face in securing their networks and…

Read more →

Scammers on Airbnb are faking technical issues and citing higher fees to get users to a spoofed Tripadvisor website and steal their money. The Airbnb scam Malwarebytes researchers came across the Airbnb scam when trying to book an apartment through…

Read more →

Veeam Software has unveiled the new Veeam Data Cloud, which is built on Microsoft Azure and delivers the confidence and reliability of the platform with the ease and accessibility of a cloud service. Veeam Data Cloud provides backup-as-a-service (BaaS) for…

Read more →

The ALPHV/BlackCat ransomware group has claimed responsibility for the cyberattack that targeted Optum, a subsidiary of UnitedHealth Group (UHG), causing disruption to the Change Healthcare platform and affecting pharmacy transactions across the US. ALPHV/BlackCat is back Last December, US law…

Read more →