Help Net Security

Don't miss:

MacOS malware used to spy on home users in the US

Google Groups misconfiguration leads to sensitive data leaks

Custom code accounts for 93% of application vulnerabilities

Hot stuff

Pwn Pulse

Review: Pwnie Express Pulse

Pwnie Express Pulse is a SaaS offering that uses custom hardware sensors to provide continuous network discovery, threat detection, risk assessment, and critical information about all security issues that should be resolved. After seeing Pulse in action, I can say that Pwnie Express came a long way from being a crowd pleaser at security …

Siemplify

Creating the security operations center of the future with Siemplify

Security operations teams are engaged in a constant struggle to keep up with the volume of security alerts, maintain the right skills, and manage incident response processes. They want quality information, presented in a way that makes it easy to grasp and react to quickly. They want not to be bogged down in security alerts, and not to spend …

macOS High Sierra

The future of macOS security: Baked-in protection and third-party tools

Anyone in the information security industry who’s interested in Mac security probably knows who Patrick Wardle is. Apart from being Chief Security Researcher at Synack, he’s also the creator of a number of security tools for macOS, which he makes available for free on his Objective-See project site. He has recently scaled back at …

fight

BEC scams: How to avoid them and how to fight back

Phishing and spear-phishing emails are a constant threat to all users, but enterprises are positively inundated with them. “Most businesses will use a spam filter and anti-virus solutions, but unfortunately these cannot prevent all forms of email identity deception or stop social engineering attacks. The spam filter will stop malicious …

Siemplify

Spotlight

Creating the security operations center of the future with Siemplify

Circle eye

MacOS malware used to spy on home users in the US

A new variant of the macOS malware Fruitfly has been found by security researcher Patrick …

architecture

The future of AppSec: Stop fighting the last war

It’s a cornerstone of military doctrine: when you focus too much on the last battle you faced, …

people

Addressing the deficit in cyber security workforce and national policy

DEF CON 25

Decrypting DEF CON badge challenges

Expert corner

Decrypting DEF CON badge challenges

Marc Laliberte Information Security Threat Analyst at WatchGuard Technologies

Decrypting DEF CON badge challenges

Could e-discovery pros fill the insatiable demand for cybersecurity talent?

Jared Coseglia CEO at TRU Staffing Partners

Could e-discovery pros fill the insatiable demand for cybersecurity talent?

Don’t let cybercrime hold your innovation to ransom

Geoff Webb VP of Strategy at Micro Focus

Don’t let cybercrime hold your innovation to ransom

What will it take to improve the ICS patch process?

Nir Giller CTO/CISO at CyberX

What will it take to improve the ICS patch process?

Getting the most out of your SIEM investment

Kumar Saurabh CEO at LogicHub

Getting the most out of your SIEM investment

Five crucial ways to help keep a system safe from harm

Rush Taggart CSO at CardConnect

Five crucial ways to help keep a system safe from harm

What makes a good security analyst: The character traits you need

Anton Goncharov CTO at Gemini Data

What makes a good security analyst: The character traits you need

With ransomware, pay up if you want to keep paying

Carl Herberger VP of Security at Radware

With ransomware, pay up if you want to keep paying

Security startup confessions: Attending industry events

Kai Roer CEO of CLTRe

Security startup confessions: Attending industry events

DLP APIs: The next frontier for Data Loss Prevention

Roman Foeckl CEO at CoSoSys

DLP APIs: The next frontier for Data Loss Prevention

Where does the cyber security buck stop?

Corey Nachreiner CTO at WatchGuard Technologies

Where does the cyber security buck stop?

How to build a better SOC team

Reggie Best Chief Product Officer at Lumeta

How to build a better SOC team

What's New

Users lock

Google Groups misconfiguration leads to sensitive data leaks

If your employees are using Google Groups to discuss issues and ideas, you might want to check whether the sharing setting for these groups is set to “Private”. According to RedLock researchers, many companies fail to do so, most …

Facepalm

6+ billion records exposed in data breaches in first half of 2017

There have been 2,227 publicly disclosed data compromise events since the beginning of the year through June 30th, according to Risk Based Security. While this is in keeping with the number of breaches disclosed mid-way through 2015 and 2016, …

Magnify

Custom code accounts for 93% of application vulnerabilities

Although third-party software libraries represent a majority of an application’s code, they account for less than seven percent of application vulnerabilities. Typically, applications contain both custom code – the code developed by an …

Circle eye

MacOS malware used to spy on home users in the US

A new variant of the macOS malware Fruitfly has been found by security researcher Patrick Wardle on some 400 machines of (mostly) home users located in the US. Fruitfly: The first variant The malware was first flagged earlier this year, and …

hand

UK govt urges teenagers to apply for cyber security training programme

UK teenagers are being encouraged to register in a cyber security training programme rolled out to help the nation address the risk of a future skills shortage. The Department for Digital, Culture, Media and Sport (DCMS)’s Cyber Schools …

Reviews

Review: Pwnie Express Pulse

Review: Pwnie Express Pulse

Review: Acunetix 11

Review: Acunetix 11

Review: Advanced Persistent Security

Review: Advanced Persistent Security

Review: Data Breach Preparation and Response

Review: Data Breach Preparation and Response

Review: The Internet of Risky Things

Review: The Internet of Risky Things

Review: DNS Security

Review: DNS Security

Review: iStorage diskAshur Pro SSD

Review: iStorage diskAshur Pro SSD

Review: The Basics of Cyber Safety

Review: The Basics of Cyber Safety

Review: IS Decisions UserLock

Review: IS Decisions UserLock

Review: Threat Forecasting

Review: Threat Forecasting

Review: FourV Systems GreySpark

Review: FourV Systems GreySpark

Review: Boxcryptor

Review: Boxcryptor

Don't miss

Circle eye

MacOS malware used to spy on home users in the US

Users lock

Google Groups misconfiguration leads to sensitive data leaks

Magnify

Custom code accounts for 93% of application vulnerabilities

architecture

The future of AppSec: Stop fighting the last war

Pwn Pulse

Review: Pwnie Express Pulse

people

Addressing the deficit in cyber security workforce and national policy

Google Chrome biohazard

Surprisingly stealthy botnet has been targeting users for years

bridge

New infosec products of the week: July 21, 2017

earth

Destruction of Service attacks could shut down organizations for good

Siemplify

Creating the security operations center of the future with Siemplify

Hand

Hacker grabs $30 million in ether through Parity multisig wallet flaw

eye

Assessing the habits and tactics of organized credit card fraud gangs

Malware news

MacOS malware used to spy on home users in the US

A new variant of the macOS malware Fruitfly has been found by security researcher Patrick Wardle on some 400 machines of (mostly) home users located in the US. Fruitfly: The first variant The malware was first flagged earlier this year, and …

Surprisingly stealthy botnet has been targeting users for years

Attackers are taking over NAS devices via SambaCry flaw

Android backdoor GhostCtrl can do many unusual things

751 domains hijacked to redirect visitors to exploit kit

Black Hat USA 2017

6+ billion records exposed in data breaches in first half of 2017

There have been 2,227 publicly disclosed data compromise events since the beginning of the year through June 30th, according to Risk Based Security. While this is in keeping with the number of breaches disclosed mid-way through 2015 and 2016, …

MacOS malware used to spy on home users in the US

Testing the security of connected cars and IOT devices

Manage SSL/TLS certificates across IT environments with Qualys CertView

Qualys at Black Hat USA 2017: Best practices and case study presentations