Cybercriminals use legitimate websites to obfuscate malicious payloads
According to Egress, the evolving attack methodologies currently used by cybercriminals are designed to get through traditional perimeter security. “The evolution of phishing …
Fighting ransomware: Perspectives from cybersecurity professionals
Ransomware has become an ever-present threat to individuals, businesses, and even entire nations. In this Help Net Security round-up, we present parts of previously recorded …
The essence of OT security: A proactive guide to achieving CISA’s Cybersecurity Performance Goals
The widespread adoption of remote and hybrid working practices in recent years has brought numerous benefits to various industries, but has also introduced new cyber threats, …
7 access management challenges during M&A
Integrating an acquired company into a single organization is a daunting task that can take weeks, months, or even years to complete. To have a successful conclusion to the …
Blacklist untrustworthy apps that peek behind your firewall
With an increasing number of endpoints and expanding attack surfaces, dodgy apps can offer a way around your firewall. Due to data privacy concerns, Montana has passed the …
Malicious links and misaddressed emails slip past security controls
The majority of organizations use six or more communication tools, across channels, with email remaining the channel seen as the most vulnerable to attacks (38%), according to …
Scammers exploit AI trend with fake ChatGPT apps on Google Play, Apple App Store
Sophos researchers uncovered multiple apps masquerading as legitimate, ChatGPT-based chatbots to overcharge users. These apps have popped up in the Google Play and Apple App …
Malicious open-source components threatening digital infrastructure
A new risk emerges in the digital era, where open-source software has become a fundamental pillar in developing innovative applications. The threat? Malicious open-source …
Web entity activity reveals insights into internet security
For its recent research focusing on web entities (or content served over HTTP), Censys leveraged its internet-wide scan data to understand better the applications and services …
How 2022’s threats will impact the global landscape in 2023
In this Help Net Security video, Devon Kerr, Team Lead, Elastic Security Labs, talks about the 2023 Global Threat Report Spring edition. Key takeaways In this report, the …
AI tools help attackers develop sophisticated phishing campaigns
Phishing scams are a growing threat, and cybercriminals’ methods are becoming increasingly sophisticated, making them harder to detect and block, according to Zscaler report. …
Over 70 billion unprotected files available on unsecured web servers
Critical exposures outside of an organization’s firewall are the greatest source of cybersecurity threats, according to CybelAngel. Across all industries, these …