Help Net Security
Third-party risk management is under the spotlight
In the aftermath of the CrowdStrike IT outage, new research has uncovered a critical vulnerability within financial institutions regarding supply chain resilience. The outage …
APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262)
ESET researchers discovered a remote code execution vulnerability in WPS Office for Windows (CVE-2024-7262). APT-C-60, a South Korea-aligned cyberespionage group, was …
Cybercriminals capitalize on travel industry’s peak season
Cybercriminals are capitalizing on the travel and hospitality industry’s peak season, using increased traffic as cover for their attacks, according to Cequence Security. …
Old methods, new technologies drive fraud losses
GenAI, deepfakes and cybercrime are critical threats putting intensifying pressures on businesses, according to Experian. Top online security concerns for consumers According …
How to prioritize data privacy in core customer-facing systems
Evolving global data privacy regulations are keeping marketers on their toes. In April 2024, the American Privacy Rights Act (APRA) was introduced in the Senate. The proposed …
Lateral movement: Clearest sign of unfolding ransomware attack
44% of unfolding ransomware attacks were spotted during lateral movement, according to Barracuda Networks. 25% of incidents were detected when the attackers started writing or …
Two strategies to protect your business from the next large-scale tech failure
The CrowdStrike event in July clearly demonstrated the risks of allowing a software vendor deep access to network infrastructure. It also raised concerns about the …
Nuclei: Open-source vulnerability scanner
Nuclei is a fast and customizable open-source vulnerability scanner powered by YAML-based templates. With its flexible templating system, Nuclei can be adapted to perform …
Rebrand, regroup, ransomware, repeat
Changes witnessed over the last few years have led to larger ransomware groups breaking into smaller units, posing more considerable challenges for law enforcement. Ransomware …
Adversaries love bots, short-lived IP addresses, out-of-band domains
Fastly found 91% of cyberattacks – up from 69% in 2023 – targeted multiple customers using mass scanning techniques to uncover and exploit software vulnerabilities, revealing …
GenAI buzz fading among senior executives
GenAI adoption has reached a critical phase, with 67% of respondents reporting their organization is increasing its investment in GenAI due to strong value to date, according …
Week in review: PostgreSQL databases under attack, new Chrome zero-day actively exploited
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: PostgreSQL databases under attack Poorly protected PostgreSQL databases …