Help Net Security
AI-generated voices in robocalls now illegal
The FCC has revealed the unanimous adoption of a Declaratory Ruling that recognizes calls made with AI-generated voices are “artificial” under the Telephone Consumer …
New infosec products of the week: February 9, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Cisco, Metomic, OPSWAT, Qualys, and Varonis. Varonis MDDR helps organizations …
Cybersecurity teams recognized as key enablers of business goals
97% of office workers across the UK and US trust their cybersecurity team’s ability to prevent or minimize damage from cyberattacks, according to CybSafe. The study examining …
How companies are misjudging their data privacy preparedness
In this Help Net Security video, Karen Schuler, Global Privacy & Data Protection Chair at BDO, discusses overconfidence in data privacy and data protection practices. …
How AI is revolutionizing identity fraud
Nearly half of businesses reported a growth in synthetic identity fraud, while biometric spoofs and counterfeit ID fraud attempts also increased, according to AuthenticID. …
10 tips for creating your security hackathon playbook
For more than 12 years, I’ve been organizing and running hackathons with the goal of finding security vulnerabilities and fixing them before a product hits the market. These …
How threat actors abuse OAuth apps
OAuth apps have become prominent in several attack groups’ TTPs in recent years. OAuth apps are used for every part of the attack process. In this Help Net Security …
As-a-Service tools empower criminals with limited tech skills
As-a-service attacks continue to dominate the threat landscape, with Malware-as-a-Service (MaaS) and Ransomware-as-a-Service (RaaS) tools making up the majority of malicious …
Demystifying SOC-as-a-Service (SOCaaS)
Threat actors aren’t looking for companies of specific sizes or industries, they are looking for opportunities. Given that many companies operate in the dark and overlook …
Cybersecurity teams hesitate to use automation in TDIR workflows
Despite reported threat detection, investigation, and response (TDIR) improvements in security operations, more than half of organizations still experienced significant …
Whitepaper: Why Microsoft’s password protection is not enough
Microsoft’s Azure AD Password Protection, now rebranded as Microsoft Entra ID helps users create a password policy they hope will protect their systems from account takeover …
ResumeLooters target job search sites in extensive data heist
Group-IB identified a large-scale malicious campaign primarily targeting job search and retail websites of companies in the Asia-Pacific region. The group, dubbed …
Featured news
Resources
Don't miss
- Cybercriminals exploit RMM tools to steal real-world cargo
- Former ransomware negotiators allegedly targeted US firms with ALPHV/BlackCat ransomware
- How nations build and defend their cyberspace capabilities
- Uncovering the risks of unmanaged identities
- Deepfakes, fraud, and the fight for trust online