Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source – subscribe here!

Please turn on your JavaScript for this page to function normally.
cloud
Organizations face an uphill battle to keep their sensitive data secure

On average, organizations store 61% of their sensitive data in the cloud, and most have experienced at least one cybersecurity breach (90%), threat (89%) and/or theft of data …

Microsoft Exchange
Exchange Online will soon start blocking emails from old, vulnerable on-prem servers

Slowly but surely, Microsoft aims to make it impossible for unsupported and/or unpatched on-prem Microsoft Exchange servers to use the company’s Exchange Online hosted …

healthcare
How healthcare CISOs can automate cloud security controls

Cloud environments provide many benefits, primarily involving their ease of scalability and resilience. Those qualities exist because of automation and the easy and …

cloud
Google Cloud Platform allows data exfiltration without a (forensic) trace

Attackers can exfiltrate company data stored in Google Cloud Platform (GCP) storage buckets without leaving obvious forensic traces of the malicious activity in GCP’s …

cloud
Application and cloud security is a shared responsibility

Cloud environments and application connectivity have become a critical part of many organizations’ digital transformation initiatives. In fact, nearly 40% of North American …

Amazon S3
Amazon S3 to apply security best practices for all new buckets

Starting in April 2023, Amazon S3 will change the default security configuration for all new S3 buckets. For new buckets created after this date, S3 Block Public Access will …

vmware
Thousands of unpatched VMware ESXi servers hit by ransomware via old bug (CVE-2021-21974)

Late last week, unknown attackers launched a widespread ransomware attack hitting VMware ESXi hypervisors via CVE-2021-21974, an easily exploitable vulnerability that allows …

email
Attackers used malicious “verified” OAuth apps to infiltrate organizations’ O365 email accounts

Malicious third-party OAuth apps with an evident “Publisher identity verified” badge have been used by unknown attackers to target organizations in the UK and …

cyber insurance
Cyber insurance can offset the risks of potential breaches

SMBs are aware of increasing cyber threats and allocating resources and investing in areas such as network and cloud security, according to Datto. Key takeaways from this …

malware
Attackers abuse business-critical cloud apps to deliver malware

Over 400 distinct cloud applications delivered malware in 2022, nearly triple the amount seen in the prior year, and 30% of all cloud malware downloads in 2022 originated from …

lock
How to gain security consciousness through cost

In this Help Net Security video, Karthik Kannan, CEO at Anvilogic, talks about predictions for the cybersecurity world in 2023 and how to gain security consciousness through cost.

cloud
Cloud-native application adoption puts pressure on appsec teams

Oxeye revealed five predictions expected to shape enterprise security spending in 2023. The predictions follow industry-wide research, which shows the industry is shifting …

Don't miss

Cybersecurity news