Help Net Security

Threat actors exploit new channels for advanced phishing attacks
Perception Point’s team has identified a 356% increase in the number of advanced phishing attacks attempted by threat actors in 2022. Overall, the total number of …

Strengthening travel safety protocols with ISO 31030
In this Help Net Security video, Tracy Reinhold, Chief Security Officer at Everbridge, talks about ISO 31030, the officially recognized International Standard for travel risk …

Cybercriminals masquerading as MFA vendors
Cybercriminals are increasingly posing as multi-factor authentication vendors and small businesses are becoming more popular targets, according to VIPRE. Attachment-based …

Fresh perspectives needed to manage growing vulnerabilities
In its inaugural 2023 Offensive Security Vision Report, NetSPI unveils findings that highlight vulnerability trends across applications, cloud, and networks. Vulnerability …

Five Eyes agencies detail how Chinese hackers breached US infrastructure
The National Security Agency (NSA) and Five Eyes partner agencies have identified indicators of compromise associated with a People’s Republic of China (PRC) state-sponsored …

The essence of OT security: A proactive guide to achieving CISA’s Cybersecurity Performance Goals
The widespread adoption of remote and hybrid working practices in recent years has brought numerous benefits to various industries, but has also introduced new cyber threats, …

How smart bots are infecting and exploiting the internet
According to Imperva, bad bot traffic grew to 30.2%, a 2.5% increase over 2021. In this Help Net Security video, Lynn Marks, Senior Product Manager at Imperva, discusses …

Realistic simulations are transforming cybersecurity training
To achieve a diverse and well-trained cybersecurity workforce, organizations recognize the value of a quality training program supported by the pursuit of cybersecurity …

12 vulnerabilities newly associated with ransomware
In March 2023, the total number of breaches reported was higher than those reported in the previous three years combined, according to Ivanti. Ransomware groups are …

Legion AWS credential harvester and hijacker analyzed
Researchers from Cado Labs recently encountered an update to the emerging cloud-focused malware family, Legion. This sample iterates upon the credential harvesting features of …

Legitimate Android app transforms into data-snooping malware
ESET researchers have discovered a trojanized Android app named iRecorder – Screen Recorder. It was available on Google Play as a legitimate app in September 2021, with …

How to avoid shadow AI in your SOC
Samsung’s recent discovery that employees had uploaded sensitive code to ChatGPT should serve as a reminder for security leaders to tread carefully when it comes to …
Featured news
Resources
Don't miss
- Chinese cyber spies are using Ivanti EPMM flaws to breach EU, US organizations
- TikTok videos + ClickFix tactic = Malware infection
- DanaBot botnet disrupted, QakBot leader indicted
- Is privacy becoming a luxury? A candid look at consumer data use
- Unpatched Windows Server vulnerability allows full domain compromise