credentials
Is the cybersecurity community’s obsession with compliance counter-productive?
Does anyone think the chances of surviving a plane crash increase if our tray tables are locked and our carry-on bags are completely stowed under our seats? That we’ll be OK …
Adapting authentication to a cloud-centric landscape
In this Help Net Security interview, Florian Forster, CEO at Zitadel, discusses the challenges CISOs face in managing authentication across increasingly distributed and remote …
Bitwarden launches E2EE Secrets Manager
Bitwarden, a popular open-source password management service, has released Bitwarden Secrets Manager, an open-source, end-to-end encrypted solution that helps development, IT …
Zimbra users in Europe, Latin America face phishing threat
ESET researchers have uncovered a mass-spreading phishing campaign aimed at collecting Zimbra account users’ credentials. Zimbra Collaboration is an open-core collaborative …
Number of email-based phishing attacks surges 464%
The evolving cyberattack landscape reveals the increasing utilization of generative artificial intelligence (AI) systems, like ChatGPT, by cybercriminals for crafting …
Compromised ChatGPT accounts garner rapid dark web popularity
Compromised credentials were found within the logs of info-stealing malware traded on illicit dark web marketplaces over the past year, according to Group-IB. The number of …
Legion AWS credential harvester and hijacker analyzed
Researchers from Cado Labs recently encountered an update to the emerging cloud-focused malware family, Legion. This sample iterates upon the credential harvesting features of …
Bad bots are coming for APIs
In 2022, 47.4% of all internet traffic came from bots, a 5.1% increase over the previous year, according to Imperva. The proportion of human traffic (52.6%) decreased to its …
Refined methodologies of ransomware attacks
Adversaries were able to encrypt data in 76% of the ransomware attacks that were conducted against surveyed organizations, according to Sophos. The survey also shows that when …
Data-driven insights help prevent decisions based on fear
Organizations have strengthened security measures and become more resilient, but threat actors are still finding ways through, according to BakerHostetler. “We launched the …
Using just-in-time access to reduce cloud security risk
Excessive privileges are a continuing headache for security professionals. As more organizations migrate assets to the cloud, users with excessive permissions can expand the …
Overcoming industry obstacles for decentralized digital identities
In this Help Net Security interview, Eve Maler, CTO at ForgeRock, talks about how digital identities continue to play a critical role in how we access online services …
Featured news
Resources
Don't miss
- Meta open-sources AI tool to automatically classify sensitive documents
- Why SAP security updates are a struggle for large enterprises
- Attackers fake IT support calls to steal Salesforce data
- Google fixes Chrome zero-day with in-the-wild exploit (CVE-2025-5419)
- How to manage your cyber risk in a modern attack surface