Help Net Security

1 in 100 emails is malicious
BEC and phishing attacks soar by 20% and 41% respectively in H1 2023, according to Perception Point. Cyber attackers have continued to refine their methods, adopting more …

CyFox disclose Stremio vulnerability, developers don’t agree on findings
UPDATE: August 2, 10:21 AM PT The Stremio team published a blog post saying that they’ve received a report from CyFox, but that they did not consider it valid, so they …

Keeping the cloud secure with a mindset shift
Gartner estimates that in 2023 worldwide end-user spending on public cloud services will grow by 21.7% and hit nearly $600 billion. Even as the economic downturn has most …

Strategies for ensuring compliance and security in outdated healthcare IT systems
With the average price tag for a healthcare data breach at an all-time high, the overall financial damage to an organization is high regarding economic loss and reputation …

The gap in users’ identity security knowledge gives cybercriminals an opening
With exponential growth in the number of human and machine actors on the network and more sophisticated technology in more places, identity in this new era is rapidly becoming …

EU’s financial institutions face cyber resilience crisis
78% of Europe’s largest financial institutions experienced a third-party breach in the past year, according to SecurityScorecard. In the wake of attacks such as MOVEit and …

Infosec products of the month: July 2023
Here’s a look at the most interesting products from the past month, featuring releases from: BreachRx, Code42, ComplyAdvantage, Darktrace, Dig Security, Diligent, Fidelis …

How the best CISOs leverage people and technology to become superstars
What separates superstar CISOs from the rest of the pack is that they are keenly aware of the burgeoning threat landscape and the cybersecurity skills shortage, but they don’t …

Relying on CVSS alone is risky for vulnerability management
A vulnerability management strategy that relies solely on CVSS for vulnerability prioritization is proving to be insufficient at best, according to Rezilion. In fact, relying …

Open-source security challenges and complexities
Open source refers to software or technology that is made available to the public with its source code openly accessible, editable, and distributable. In other words, the …

The race against time in ransomware attacks
Most organizations lack strong cyber resilience strategies or data security capabilities to address threats and maintain business continuity, according to BigID. Despite both …

Week in review: Ivanti zero-day exploited, MikroTik vulnerability could compromise 900,000 routers
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Key factors for effective security automation In this Help Net Security …
Featured news
Resources
Don't miss
- Chinese cyber spies are using Ivanti EPMM flaws to breach EU, US organizations
- TikTok videos + ClickFix tactic = Malware infection
- DanaBot botnet disrupted, QakBot leader indicted
- Is privacy becoming a luxury? A candid look at consumer data use
- Unpatched Windows Server vulnerability allows full domain compromise