enterprise
Vulnerabilities in Cisco Identity Services Engine require your attention (CVE-2022-20822, CVE-2022-20959)
Cisco has published a heads-up for admins of Cisco Identity Services Engine solutions, about two vulnerabilities (CVE-2022-20822, CVE-2022-20959) that could be exploited to …
Upgrade your security awareness efforts: Here’s how to start
October is Security Awareness Month, an exciting time as organizations around the world train people how to be cyber secure, both at work and at home. But what exactly is …
3 ways enterprises can mitigate social engineering risks
In this Help Net Security video, Alon Levin, VP of Product Management at Seraphic Security, explains what social engineering is, and how prevalent it is. He offers insight …
Former Uber CSO convicted for concealing data breach, theft from the authorities
Joe Sullivan, the former Chief Security Officer (CSO) of Uber, has been convicted of obstruction of proceedings of the Federal Trade Commission and misprision of felony in …
MS SQL servers are getting hacked to deliver ransomware to orgs
Cybercriminals wielding the FARGO (aka Mallox, aka TargetCompany) ransomware are targeting Microsoft SQL (MS SQL) servers, AhnLab’s ASEC analysis team has warned. They …
Critical ManageEngine RCE flaw is being exploited (CVE-2022-35405)
The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2022-35405, a critical remote code execution vulnerability in ManageEngine PAM360, Password …
US-based CISOs get nearly $1 million per year
The role of the Chief Information Security Officer (CISO) is a relatively new senior-level executive position within most organizations, and is still evolving. To find out how …
Microsoft makes tamper protection for macOS endpoints widely available
The tamper protection feature in Microsoft Defender for Endpoint for macOS is getting rolled out to all customers, the company has announced on Monday. The feature is meant …
Which malware delivery techniques are currently favored by attackers?
A wave of cybercriminals spreading malware families – including QakBot, IceID, Emotet, and RedLine Stealer – are shifting to shortcut (LNK) files for email malware delivery. …
Why SAP systems need to be brought into the cybersecurity fold
SAP’s status as a leading business process management software provider is undeniable. Today, the company serves over 230 million cloud users and 99 of the top 100 companies …
The challenges of managing the modern external attack surface
Qualys recently added External Attack Surface Management (EASM) capabilities to the Qualys Cloud Platform. In this interview for Help Net Security, Kunal Modasiya, VP of …
36% of orgs expose insecure FTP protocol to the internet, and some still use Telnet
A significant percentage of organizations expose insecure or highly sensitive protocols, including SMB, SSH, and Telnet, to the public internet, the ExtraHop Benchmarking …
Featured news
Resources
Don't miss
- Quantum threats are already active and the defense response remains fragmented
- Top must-visit companies at RSAC 2026
- Oracle issues emergency fix for pre-auth RCE in Identity Manager (CVE-2026-21992)
- Your AI agents are moving sensitive data. Do you know where?
- Plumber: Open-source scanner of GitLab CI/CD pipelines for compliance gaps