Help Net Security
Teams that shift security left and focus on attackability ship more secure code
ShiftLeft released its second annual AppSec Progress Report documenting critical trends in application security and how organizations are shifting security left to deal with …
Researchers uncover ZuoRAT malware targeting home-office routers
Black Lotus Labs discovered a new remote access trojan (RAT) called ZuoRAT, which targets remote workers via their small office/home office (SOHO) devices, including models …
What are the solutions to cybersecurity hiring challenges?
(ISC)² published findings from its 2022 Cybersecurity Hiring Managers research that shed light on best practices for recruiting, hiring and onboarding entry- and junior-level …
Detection, isolation, and negotiation: Improving your ransomware preparedness and response
The risks presented by ransomware and cyber extortion events have likely found a place in your own security team’s discussions, and rightfully so. Ransomware attacks have …
Exploring the insecurity of readily available Wi-Fi networks
In this video for Help Net Security, Andy Thompson, Global Research Evangelist at CyberArk, talks about Wi-Fi security. He walks you through various protocols we see in the …
Trends to watch when creating security strategy for the next two years
Executive performance evaluations will be increasingly linked to ability to manage cyber risk; almost one-third of nations will regulate ransomware response within the next …
Threat actors increasingly use third parties to run their scams
Abnormal Security released new research that showcases a rising trend in financial supply chain compromise as threat actors impersonate vendors more than ever before. In …
Properly securing APIs is becoming increasingly urgent
Imperva released a new study that uncovers the rising global costs of vulnerable or insecure APIs. The analysis of nearly 117,000 unique cybersecurity incidents estimates that …
Python packages with malicious code expose secret AWS credentials
Sonatype researchers have discovered Python packages that contain malicious code that peek into and expose secret AWS credentials, network interface information, and …
How phishing attacks are becoming more sophisticated
The latest APWG’s Phishing Activity Trends Report reveals that in the first quarter of 2022 there were 1,025,968 total phishing attacks—the worst quarter for phishing observed …
Clearview fine: The unacceptable face of modern surveillance
The UK’s Information Commissioner’s Office (ICO) has issued its third largest ever fine of £7.5m. It was imposed on Clearview AI, the controversial facial recognition company …
Cybercriminals use Azure Front Door in phishing attacks
Resecurity, Inc. (USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. The identified resources in …
Featured news
Resources
Don't miss
- F5 data breach: “Nation-state attackers” stole BIG-IP source code, vulnerability info
- Microsoft patches three zero-days actively exploited by attackers
- U.S. seizes $15 billion in Bitcoin linked to massive forced-labor crypto scam
- A safer way to break industrial systems (on purpose)
- Maltrail: Open-source malicious traffic detection system