Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source – subscribe here!

Please turn on your JavaScript for this page to function normally.
HNS
Mitiga Cloud MDR detects threats in SaaS and cloud environments

Mitiga unveiled its Cloud Managed Detection and Response (MDR) service, designed to provide 24/7 protection against the increasingly complex threats targeting cloud and SaaS …

Snowflake
Snowflake denies breach, blames data theft on poorly secured customer accounts

Snowflake is disputing claims made by a threat actor who stole data belonging to Santander and Ticketmaster, and maintains that the theft of customer data was the result of …

Snowflake
Snowflake compromised? Attackers exploit stolen credentials

New story – Saturday, June 1, 2024 at 4:48 PM Snowflake denies breach, Santander and Ticketmaster confirm data theft, Hudson Rock deletes report Have attackers …

AWS
Attackers can turn AWS SSM agents into remote access trojans

Mitiga researchers have documented a new post-exploitation technique attackers can use to gain persistent remote access to AWS Elastic Compute Cloud (EC2) instances (virtual …

Google Drive
Threat actors can exfiltrate data from Google Drive without leaving a trace

Google Workspace (formerly G Suite) has a weak spot that can prevent the discovery of data exfiltration from Google Drive by a malicious outsider or insider, Mitiga …

Okta
A common user mistake can lead to compromised Okta login credentials

Logged failed logins into a company’s Okta domain could be used by threat actors to discover access credentials of valid accounts, Mitiga researchers have found. Those …

Silicon Valley Bank
SVB account holders targeted with phishing, scams

After news broke late last week about Silicon Valley Bank’s bank run and collapse, security researchers started warning SVB account holders about incoming SVB-related …

Silicon Valley Bank
The SVB demise is a fraudster’s paradise, so take precautions

For those who haven’t followed the drama, Silicon Valley Bank has been shut down by the California Department of Financial Protection and Innovation, after a bank run that …

cloud
Google Cloud Platform allows data exfiltration without a (forensic) trace

Attackers can exfiltrate company data stored in Google Cloud Platform (GCP) storage buckets without leaving obvious forensic traces of the malicious activity in GCP’s …

identity
2FA is over. Long live 3FA!

In the past few months, we’ve seen an unprecedented number of identity theft attacks targeting accounts protected by two-factor authentication (2FA), challenging the …

How attackers abuse Microsoft MFA
How attackers use and abuse Microsoft MFA

Microsoft has been pushing for the use of multi-factor authentication (MFA) to thwart attackers for many years. But threat actors are keeping up with the increasing enterprise …

Cyber Week 2022 video
Cyber Week 2022 video walkthrough

Cyber Week is a large annual international cybersecurity event, hosted each year at Tel Aviv University in Israel. In this Help Net Security video, we take you inside Cyber …

Don't miss

Cybersecurity news