May 2024
Consumers continue to overestimate their ability to spot deepfakes
The Jumio 2024 Online Identity Study reveals significant consumer concerns about the risks posed by generative AI and deepfakes, including the potential for increased …
Understanding cyber risks beyond data breaches
While some may associate cyber risks primarily with technology and data breaches, they can also lead to brand or reputational harm, reduced productivity, and financial losses. …
Week in review: New Black Basta’s social engineering campaign, passing the CISSP exam in 6 weeks
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Black Basta target orgs with new social engineering campaign Black Basta, one …
US exposes scheme enabling North Korean IT workers to bypass sanctions
The US Justice Department had unsealed charges against a US woman and an Ukranian man who, along with three unidentified foreign nationals, have allegedly helped North Korean …
The importance of access controls in incident response
The worst time to find out your company doesn’t have adequate access controls is when everything is on fire. The worst thing that can happen during an incident is that your …
Kroll expands its document review capabilities to accelerate incident response
Kroll expands its document review capabilities with DataminerAI to immediately pinpoint where sensitive data is located, providing faster, more efficient and affordable data …
GitLab unveils AI capabilities to help organizations better secure their software
GitLab announced new innovations across the platform to streamline how organizations build, test, secure, and deploy software. Introducing GitLab Duo Enterprise GitLab Duo …
The IT skills shortage situation is not expected to get any better
A growing IT skills shortage is impacting organizations in all industries and across all regions, according to IDC. In a recent IDC survey of North American IT leaders, nearly …
Organizations struggle to defend against ransomware
In this Help Net Security video, Jeremy Nichols, Director, Global Threat Intelligence Center at NTT Security Holdings, discusses a recent surge in ransomware incidents. After …
Too many ICS assets are exposed to the public internet
The enterprise attack surface is expanding in multiple ways, becoming more numerous and more specific, according to runZero. “Our research reveals alarming gaps and unexpected …
New infosec products of the week: May 17, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Calix, FireMon, ManageEngine, and OWASP Foundation. Calix strengthens SmartBiz …
Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002)
New versions of Git are out, with fixes for five vulnerabilities, the most critical (CVE-2024-32002) of which can be used by attackers to remotely execute code during a …
Featured news
Resources
Don't miss
- Attackers are exploiting critical SAP S/4HANA vulnerability (CVE-2025-42957)
- Stealthy attack serves poisoned web pages only to AI agents
- September 2025 Patch Tuesday forecast: The CVE matrix
- Google fixes actively exploited Android vulnerabilities (CVE-2025-48543, CVE-2025-38352)
- CyberFlex: Flexible Pen testing as a Service with EASM