March 2024
NHS Scotland confirms ransomware attackers leaked patients’ data
NHS Dumfries and Galloway (part of NHS Scotland) has confirmed that a “recognised ransomware group” was able to “access a significant amount of data …
Patch actively exploited Microsoft SharePoint bug, CISA orders federal agencies (CVE-2023-24955)
The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2023-24955 – a code injection vulnerability that allows authenticated attackers to execute code …
Debunking compliance myths in the digital era
Despite recent economic fluctuations, the software-as-a-service (SaaS) market isn’t letting up. The industry is set to grow annually by over 18% and be valued at $908.21 …
Enterprises increasingly block AI transactions over security concerns
Enterprises must secure a transformation driven by generative AI (GenAI) bidirectionally: by securely adopting GenAI tools in the enterprise with zero trust while leveraging …
How CISOs tackle business payment fraud
In this Help Net Security video, Shai Gabay, CEO of Trustmi, discusses why payments are a source of cyber worry for CISOs. CISOs are worried about Business Email Compromise …
AI weaponization becomes a hot topic on underground forums
The majority of cyberattacks against organizations are perpetrated via social engineering of employees, and criminals are using new methods including AI to supercharge their …
Cybercriminals use cheap and simple infostealers to exfiltrate data
The rise in identity-based attacks can be attributed to a rapid increase in malware, according to SpyCloud. Researchers found that 61% of data breaches in 2023, involving over …
CyberArk Secure Browser helps prevent breaches resulting from cookie theft
CyberArk launched CyberArk Secure Browser, an identity-centric secure browser, providing enhanced security and privacy alongside a familiar, productive user experience. Backed …
AU10TIX’s Digital ID suite identifies potentially fraudulent activities
AU10TIX announced the expansion of its Digital ID solution, which enables businesses to securely verify IDs of all types, including physical, digital, eID, verifiable …
AI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022)
Attackers are leveraging a vulnerability (CVE-2023-48022) in Anyscale’s Ray AI software to compromise enterprise servers and saddle them with cryptominers and reverse …
Malwarebytes adds AI functionality to ThreatDown Security Advisor
Malwarebytes has added AI functionality to its Security Advisor, available in every ThreatDown Bundle. Leveraging generative AI technology, the new capabilities will transform …
Attackers leverage weaponized iMessages, new phishing-as-a-service platform
Scammers are leveraging the Darcula phishing-as-a-service platform, iMessages and Google Messages to great effect. The platform allows them to impersonate a variety of brands …
Featured news
Resources
Don't miss
- Building the missing layers for an internet of agents
- What security leaders should watch for when companies buy or sell a business
- Malicious Rust packages targeted Web3 developers
- Max-severity vulnerability in React, Node.js patched, update ASAP (CVE-2025-55182)
- Smart grids are trying to modernize and attackers are treating it like an invitation