Help Net Security

Five Eyes agencies detail how Chinese hackers breached US infrastructure
The National Security Agency (NSA) and Five Eyes partner agencies have identified indicators of compromise associated with a People’s Republic of China (PRC) state-sponsored …

The essence of OT security: A proactive guide to achieving CISA’s Cybersecurity Performance Goals
The widespread adoption of remote and hybrid working practices in recent years has brought numerous benefits to various industries, but has also introduced new cyber threats, …

How smart bots are infecting and exploiting the internet
According to Imperva, bad bot traffic grew to 30.2%, a 2.5% increase over 2021. In this Help Net Security video, Lynn Marks, Senior Product Manager at Imperva, discusses …

Realistic simulations are transforming cybersecurity training
To achieve a diverse and well-trained cybersecurity workforce, organizations recognize the value of a quality training program supported by the pursuit of cybersecurity …

12 vulnerabilities newly associated with ransomware
In March 2023, the total number of breaches reported was higher than those reported in the previous three years combined, according to Ivanti. Ransomware groups are …

Legion AWS credential harvester and hijacker analyzed
Researchers from Cado Labs recently encountered an update to the emerging cloud-focused malware family, Legion. This sample iterates upon the credential harvesting features of …

Legitimate Android app transforms into data-snooping malware
ESET researchers have discovered a trojanized Android app named iRecorder – Screen Recorder. It was available on Google Play as a legitimate app in September 2021, with …

How to avoid shadow AI in your SOC
Samsung’s recent discovery that employees had uploaded sensitive code to ChatGPT should serve as a reminder for security leaders to tread carefully when it comes to …

CISO-level tips for securing corporate data in the cloud
The presence of each third-party application increases the potential for attacks, particularly when end users install them without proper oversight or approval. IT security …

6 ChatGPT risks for legal and compliance leaders
Legal and compliance leaders should address their organization’s exposure to six specific ChatGPT risks, and what guardrails to establish to ensure responsible enterprise use …

7 access management challenges during M&A
Integrating an acquired company into a single organization is a daunting task that can take weeks, months, or even years to complete. To have a successful conclusion to the …

Gap between OT security assumptions and reality
In the fast-evolving landscape of technology and connectivity, ensuring the security of operational technology (OT) systems has become a paramount concern for organizations …