Help Net Security
Implementing zero trust for a secure hybrid working enterprise
In this Help Net Security video, Kevin Peterson, Cybersecurity Strategist at Xalient, provides an overview of the early days of zero trust, illustrates where we are today, and …
SquarePhish: Advanced phishing tool combines QR codes and OAuth 2.0 device code flow
In this Help Net Security video, Security Consultant Kam Talebzadeh and Senior Security Researcher Nevada Romsdahl from Secureworks, showcase SquarePhish, a tool that combines …
Why SAP systems need to be brought into the cybersecurity fold
SAP’s status as a leading business process management software provider is undeniable. Today, the company serves over 230 million cloud users and 99 of the top 100 companies …
As the cost of cyber insurance rises, the number of organizations who can’t afford it is set to double
The number of organizations that will be either unable to afford cyber insurance, be declined cover, or experience significant coverage limitations is set to double in 2023, …
Majority of SMBs lack 24/7 security operations to detect threats
Cybercriminals and threat actors work around the clock, with attacks originating from around the world. Therefore, all businesses, including SMBs, need to be always on alert …
AWSGoat: Easy to deploy vulnerable AWS infrastructure for pentesters
Compromising an organization’s cloud infrastructure is like sitting on a gold mine for attackers. And sometimes, a simple misconfiguration or a vulnerability in web …
Identity is the killer context: 4 ways to stay in control
The COVID-19 pandemic sounded the death knell for the traditional perimeter. Work is now an activity, not a place, meaning the concept of an encircling wall of security is as …
36% of orgs expose insecure FTP protocol to the internet, and some still use Telnet
A significant percentage of organizations expose insecure or highly sensitive protocols, including SMB, SSH, and Telnet, to the public internet, the ExtraHop Benchmarking …
LogoKit update: The phishing kit leveraging open redirect vulnerabilities
Resecurity identified threat actors leveraging open redirect vulnerabilities in online services and apps to bypass spam filters to ultimately deliver phishing content. Using …
Three ransomware gangs consecutively attacked the same network
Hive, LockBit and BlackCat, three prominent ransomware gangs, consecutively attacked the same network, according to Sophos. The first two attacks took place within two hours, …
Cyber syndicates are working with amateur attackers to target businesses
Cybercrime is being supercharged through “plug and play” malware kits that make it easier than ever to launch attacks. Cyber syndicates are collaborating with amateur …
Dissecting Google’s Titan M chip: Vulnerability research challenges
The enterprise-grade Titan M security chip was custom built to help protect data. Derived from the same chip Google uses to protect its cloud data centers, it handles …
Featured news
Resources
Don't miss
- When trusted AI connections turn hostile
- Identifying risky candidates: Practical steps for security leaders
- Humanoid robot found vulnerable to Bluetooth hack, data leaks to China
- F5 data breach: “Nation-state attackers” stole BIG-IP source code, vulnerability info
- Microsoft patches three zero-days actively exploited by attackers