Help Net Security - Information Security News

Don't miss:

New Spectre-like flaw found in CPUs using speculative execution

America’s most cyber insecure cities exposed

Certain types of content make for irresistible phishes

Hot stuff

analyst

The ethical and legal dilemmas of threat researchers

Threat intelligence is mainstreaming into a de-facto everyday tool of cyber-defense. But all that intelligence must be collected, analyzed, and prepared by someone. Enter threat researchers, the advanced scouts of cybersecurity. They are becoming more numerous and conspicuous as more intelligence on illicit hacker activity is demanded. Threat …

business happy

Are security pros happy with their jobs and salaries?

Do security professionals like their jobs and would they recommend a career in cyber security to those looking into one? What do they like about their jobs and what motivates them in their work? Are they satisfied with their pay? What emerging technologies are they most excited about, and do they feel threatened by the increased use of AI and …

analyst

Threat analytics: Keeping companies ahead of emerging application threats

Every application that is downloaded via an app store runs in a zero-trust environment. When a protected app is published to an official app store, an open loop of protection is created, leaving the app without a way of communicating its current threat status. With more than 5 million apps available for download, this opens up a whole host of …

analysis

Combating fraud and money laundering with graph analytics

Dirty money and money laundering have been around since the existence of currency itself. On a global level, as much as $2 trillion is washed annually, estimates the United Nations. Today’s criminals are sophisticated, using ever-adapting tactics to bypass traditional anti-fraud solutions. Even in cases where enterprises do have enough data to …

business happy

Spotlight

Are security pros happy with their jobs and salaries?

red

Fighting ransomware with network segmentation as a path to resiliency

Recent cybersecurity events involving the use of ransomware (WannaCry and similar variants) …

GDPR

Are you ready for the GDPR deadline?

The General Data Protection Regulation (GDPR) compliance deadline looms four days away, but …

PCI DSS

PCI Security Standards Council publishes PCI DSS 3.2.1

evil

Internet of Things: Who is watching you?

Expert corner

Combating fraud and money laundering with graph analytics

Yu Xu CEO at TigerGraph

Combating fraud and money laundering with graph analytics

Social media: The zero-trust game

Raj Samani Chief Scientist at McAfee

Social media: The zero-trust game

Are SMBs driving the adoption of security automation by enterprises?

Corey Nachreiner CTO at WatchGuard Technologies

Are SMBs driving the adoption of security automation by enterprises?

Why good security foundations are better than the best security mitigation

Netanel Davidi co-CEO at VDOO

Why good security foundations are better than the best security mitigation

Wi-Fi honeypots: Alive and well at RSAC 2018

Ryan Orsi Director of Strategic Alliances at WatchGuard Technologies

Wi-Fi honeypots: Alive and well at RSAC 2018

How many threats hit the mainframe? No one really knows

Ray Overby President at Key Resources

How many threats hit the mainframe? No one really knows

GDPR: It’s an issue of transparency

Robert Rutherford CEO at QuoStar

GDPR: It’s an issue of transparency

What’s your security story? How to use security as a sales tool

Sabino Marquez CSO at Allocadia

What’s your security story? How to use security as a sales tool

Information security can enable business as soon as we change the conversation

Raj Samani Chief Scientist at McAfee

Information security can enable business as soon as we change the conversation

Are there too many cybersecurity companies?

Ken Elefant Managing Director at Sorenson Capital

Are there too many cybersecurity companies?

The great attribution debate: Why we should focus on HOW not WHO

Joep Gommers CEO at EclecticIQ

The great attribution debate: Why we should focus on HOW not WHO

Cryptojacking is the new malware

Joshua Behar CEO at Ericom Software

Cryptojacking is the new malware

What's New

Intel inside

New Spectre-like flaw found in CPUs using speculative execution

A new flaw that can allow an attacker to obtain access to sensitive information on affected systems has been discovered in modern CPUs. CVE-2018-3639, discovered by independently by Google Project Zero and Microsoft Security Response Center …

fish phishing

Certain types of content make for irresistible phishes

A mature anti-phishing program keeps organizations safer, claims Cofense, and offers as proof the decreasing susceptibility of their customers’ employees to mock phishing emails as well as rising reporting rates of the same. Overall, the …

editor

The percentage of open source code in proprietary apps is rising

The number of open source components in the codebase of proprietary applications keeps rising and with it the risk of those apps being compromised by attackers leveraging vulnerabilities in them, a recent report has shown. Compiled after …

Las Vegas

America’s most cyber insecure cities exposed

Coronet researchers identified Las Vegas, Memphis and Charlotte as America’s most cyber insecure cities. “While big companies may have the budgets, personnel and resources to protect their assets reasonably well, mid-market and small …

email

The operations and economics of organized criminal email groups

Nine of the 10 captured organized criminal email groups operate out of Nigeria, they all leverage a multitude of attack methods, and business email compromise (BEC) is far more lucrative than any other attack, according to Agari. BEC is the most …

red

Fighting ransomware with network segmentation as a path to resiliency

Recent cybersecurity events involving the use of ransomware (WannaCry and similar variants) represent the latest examples highlighting the need for organizations to not only take an initial hit, but survive, adapt, and endure. In other words, be …

Reviews

Review: EU GDPR Documentation Toolkit

Review: EU GDPR Documentation Toolkit

Review: Cato Cloud

Review: Cato Cloud

Review: Securing the Internet of Things

Review: Securing the Internet of Things

Review: Pwnie Express Pulse

Review: Pwnie Express Pulse

Review: Acunetix 11

Review: Acunetix 11

Review: Advanced Persistent Security

Review: Advanced Persistent Security

Review: Data Breach Preparation and Response

Review: Data Breach Preparation and Response

Review: The Internet of Risky Things

Review: The Internet of Risky Things

Review: DNS Security

Review: DNS Security

Review: iStorage diskAshur Pro SSD

Review: iStorage diskAshur Pro SSD

Review: The Basics of Cyber Safety

Review: The Basics of Cyber Safety

Review: IS Decisions UserLock

Review: IS Decisions UserLock

Don't miss

Intel inside

New Spectre-like flaw found in CPUs using speculative execution

Las Vegas

America’s most cyber insecure cities exposed

fish phishing

Certain types of content make for irresistible phishes

red

Fighting ransomware with network segmentation as a path to resiliency

editor

The percentage of open source code in proprietary apps is rising

Fortnite

Fortnite is coming to Android, but malicious fake apps are already there

Google Chrome

Chrome to dynamically point out “Not secure” HTTP sites

analyst

The ethical and legal dilemmas of threat researchers

GDPR

Are you ready for the GDPR deadline?

Android

Google will force Android OEMs to push out security patches regularly

evil

Internet of Things: Who is watching you?

Europe

Europe continues to be a cybercrime hub

Malware news

Fortnite is coming to Android, but malicious fake apps are already there

Android users eager to play the increasingly popular Fortnite survival game on their mobile devices are being targeted left and right with malicious apps masquerading as the game or apps related to it. What is Fortnite? Fortnite is a co-op …

Telegrab: Russian malware hijacks Telegram sessions

Organisations across the UK are still struggling with ransomware

Not all malware is created equal

New targeted surveillance spyware found on Google Play

GDPR

Are you ready for the GDPR deadline?

The General Data Protection Regulation (GDPR) compliance deadline looms four days away, but only 29 percent of companies will be ready, according to a new global survey by ISACA. Not only are most unprepared for the deadline, but only around …

Most firms struggle to comply with GDPR deadline

Most businesses believe stronger data protection policies will lead to fewer breaches

Companies ditch data as GDPR deadline approaches

GDPR compliance: Identifying an organization’s unique profile