Microsegmentation proves its worth in ransomware defense
The number of ransomware attacks (successful and unsuccessful) has doubled over the past two years, from 43 on average in 2021 to 86 in 2023, according to Akamai. Security …
Outdated cryptographic protocols put vast amounts of network traffic at risk
Cryptography is largely taken for granted – rarely evaluated or checked – a practice that could have devastating consequences for businesses as attack surfaces continue to …
eBook: Keeping Active Directory out of hackers’ cross-hairs
Active Directory is a prime target for threat actors, and companies must act now to eliminate it as a threat vector permanently. Read the e-book to review: Active Directory …
Okta breach post mortem reveals weaknesses exploited by attackers
The recent breach of the Okta Support system was carried out via a compromised service account with permissions to view and update customer support cases. “During our …
Google Play will mark independently validated VPN apps
Android VPN apps that have gone through an independent security validation will now be able to claim that distinction on Google Play with a prominent badge in their Data …
Atlassian Confluence data-wiping vulnerability exploited
Threat actors are trying to exploit CVE-2023-22518, a critical Atlassian Confluence flaw that allows unauthenticated attackers to reset vulnerable instances’ database, …
How global password practices are changing
Password health and hygiene improved globally over the past year, reducing the risk of account takeover for consumers and businesses, according to Dashlane. Password reuse …
Exploring the global shift towards AI-specific legislation
In this Help Net Security interview, Sarah Pearce, Partner at Hunton Andrews Kurth, offers insights into the evolving landscape of AI legislation and its global impact. Pearce …
The roadblocks to preventive cybersecurity success
In the last two years, the average organization’s cybersecurity program was prepared to defend preventively, or block, just 57% of the cyberattacks it encountered, according …
The perils of over-reliance on single cloud providers
The risk associated with dependence on a particular cloud provider for multiple business capabilities is in the top five emerging risks for organizations for the second …
Week in review: Exploited Citrix Bleed vulnerability, Atlassian patches critical Confluence bug
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: AI threat landscape: Model theft and inference attacks emerge as top concerns …
KandyKorn macOS malware lobbed at blockchain engineers
North Korean hackers are using novel MacOS malware named KandyKorn to target blockchain engineers of a cryptocurrency exchange platform. The attack By impersonating blockchain …