ScreenConnect admins targeted with spoofed login alerts
ScreenConnect cloud administrators across all region and industries are being targeted with fake email alerts warning about a potentially suspicious login event. The goal of …
From legacy to SaaS: Why complexity is the enemy of enterprise security
In this Help Net Security interview, Robert Buljevic, Technology Consultant at Bridge IT, discusses how the coexistence of legacy systems and SaaS applications is changing the …
AWS launches new cloud security features
Amazon Web Services has announced new and improved security features at its annual AWS re:Inforce cloud security conference. The company has also introduced features aimed at …
Account takeover detection: There’s no single tell
Account takeover (ATO) is one of the most prevalent attack types; Proofpoint says that in 2024, 99% of the customer tenants the company monitors were hit with at least one …
CISA: Use Signal or other secure communications app
In the wake of the widespread compromise of US telecom giants’ networks by Chinese hackers and the FBI advising Americans to use end-to-end encrypted communications, …
Faraway Russian hackers breached US organization via Wi-Fi
Forest Blizzard, a threat group associated with Russia’s GRU military intelligence service, repeatedly breached a US-based organization via compromised computer systems …
All Google Cloud users will have to enable MFA by 2025
Google has announced that, by the end of 2025, multi-factor authentication (MFA) – aka 2-step verification – will become mandatory for all Google Cloud accounts. …
How hybrid workforces are reshaping authentication strategies
In this Help Net Security interview, Brian Pontarelli, CEO at FusionAuth, discusses the evolving authentication challenges posed by the rise of hybrid and remote workforces. …
Vulnerability allows Yubico security keys to be cloned
Researchers have unearthed a cryptographic vulnerability in popular Yubico (FIDO) hardware security keys and modules that may allow attackers to clone the devices. But the …
Mandatory MFA for Azure sign-ins is coming
Microsoft is making multi-factor authentication (MFA) – “one of the most effective security measures available” – mandatory for all Azure sign-ins. …
Review: Action1 – Simple and powerful patch management
Although endpoint anti-malware and other security controls are now standard at the operating system level, keeping all endpoint software up-to-date and secure remains an open …
Info of 2,3+ million individuals stolen in Advance Auto Parts data breach
Personal information of over 2,3 million individuals has been stolen by attackers as part of the massive data grab via compromised Snowflake accounts without MFA protection, …
Featured news
Resources
Don't miss
- KillChainGraph: Researchers test machine learning framework for mapping attacker behavior
- AIDEFEND: Free AI defense framework
- Boards are being told to rethink their role in cybersecurity
- Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms
- New framework aims to outsmart malware evasion tricks