Cybersecurity fears drive a return to on-premise infrastructure from cloud computing
42% of organizations surveyed in the US are considering or already have moved at least half of their cloud-based workloads back to on-premises infrastructures, a phenomenon …
VMware pushes admins to uninstall vulnerable, deprecated vSphere plugin (CVE-2024-22245, CVE-2024-22250)
VMware Enhanced Authentication Plug-in (EAP), a plugin for VMware vSphere, has two vulnerabilities (CVE-2024-22245, CVE-2024-22250) that could be exploited by attackers to …
10 cybersecurity startups to watch in 2024
At Help Net Security, we’ve been following the cybersecurity business landscape closely for the past 25 years. Through our Industry News section, we’ve been …
TruffleHog: Open-source solution for scanning secrets
TruffleHog is an open-source scanner that identifies and addresses exposed secrets throughout your entire technology stack. “TruffleHog was originally a research tool I …
The importance of a good API security strategy
In 2024, API requests accounted for 57% of dynamic internet traffic around the globe, according to the Cloudflare 2024 API Security & Management Report, confirming that …
Active Directory outages can cost organizations $100,000 per day
Nearly every organization has core systems services tied to Active Directory that will go down during an outage, according to Cayosoft. Consequences of system downtime for …
Alleged Raccoon Infostealer operator extradited, verification site set up for victims
A Ukrainian national was extradited to the United States from the Netherlands after being indicted for crimes related to fraud, money laundering, and aggravated identity …
LockBit takedown: Infrastructure disrupted, criminals arrested, decryption keys recovered
In the wake of yesterday’s surprise law enforcement takeover of LockBit’s leak site, the UK National Crime Agency (NCA) and Europol have shared more information …
LockBit disrupted by international law enforcement task force
On Monday afternoon, LockBit’s leak site has been taken over by a coalition of law enforcement agencies and is showing a seizure notice that promises more details today, …
Critical ConnectWise ScreenConnect vulnerabilities fixed, patch ASAP!
UPDATE (February 22, 2024, 05:40 a.m. ET): Now designated as CVE-2024-1709 and CVE-2024-1708, the vulnerabilities are under active exploitation. Go here for up-to-date …
How to make sense of the new SEC cyber risk disclosure rules
SEC’s new cybersecurity risk management, strategy, governance, and incident disclosure rules, which require increased transparency around cybersecurity incidents, have been in …
How decentralized identity is shaping the future of data protection
In this Help Net Security interview, Patrick Harding, Chief Architect at Ping Identity, discusses the promises and implications of decentralized identity (DCI) in …
Featured news
Resources
Don't miss
- China-linked Murky Panda targets and moves laterally through cloud services
- Five ways OSINT helps financial institutions to fight money laundering
- DevOps in the cloud and what is putting your data at risk
- Russian threat actors using old Cisco bug to target critical infrastructure orgs
- AWS Trusted Advisor flaw allowed public S3 buckets to go unflagged