Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
Cisco ASA 5500-X
Cisco VPNs with no MFA enabled hit by ransomware groups

Since March 2023 (and possibly even earlier), affiliates of the Akira and LockBit ransomware operators have been breaching organizations via Cisco ASA SSL VPN appliances. …

Florian Forster
Adapting authentication to a cloud-centric landscape

In this Help Net Security interview, Florian Forster, CEO at Zitadel, discusses the challenges CISOs face in managing authentication across increasingly distributed and remote …

Microsoft 365
Microsoft 365 accounts of execs, managers hijacked through EvilProxy

A phishing campaign leveraging the EvilProxy phishing-as-a-service (PhaaS) tool has been spotted targeting Microsoft 365 user accounts of C-level executives and managers at …

audio
Scammers using AI voice technology to commit crimes

The usage of platforms like Cash App, Zelle, and Venmo for peer-to-peer payments has experienced a significant surge, with scams increasing by over 58%. Additionally, there …

lock
Small organizations outpace large enterprises in MFA adoption

The use of MFA has nearly doubled since 2020 and that phishing-resistant authenticators represent the best choice in terms of security and convenience for users, according to …

authentication
Beyond MFA: 3 steps to improve security and reduce customer authentication friction

For many people, life’s fundamental activities are now conducted online. We do our banking and shopping online, turn to the digital realm for entertainment and to access …

email
Cybercriminals masquerading as MFA vendors

Cybercriminals are increasingly posing as multi-factor authentication vendors and small businesses are becoming more popular targets, according to VIPRE. Attachment-based …

CISA
The essence of OT security: A proactive guide to achieving CISA’s Cybersecurity Performance Goals

The widespread adoption of remote and hybrid working practices in recent years has brought numerous benefits to various industries, but has also introduced new cyber threats, …

Microsoft 365
Greatness phishing-as-a-service threatens Microsoft 365 users

Manufacturing businesses, healthcare organizations, and tech companies in English-speaking countries are the most targeted by phishers leveraging a relatively new …

Microsoft space
Microsoft Authenticator push notifications get number matching

Microsoft has enabled number matching for Microsoft Authenticator push notifications to improve user sign-in security. Authenticator MFA number matching in action (Source: …

idea
Data-driven insights help prevent decisions based on fear

Organizations have strengthened security measures and become more resilient, but threat actors are still finding ways through, according to BakerHostetler. “We launched the …

identity
Phishing-resistant MFA shapes the future of authentication forms

Over the last two years, respondents reported a continued reliance on the least secure forms of authentication, including traditional usernames and passwords and one-time …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools