Strategies for secure identity management in hybrid environments
In this Help Net Security interview, Charlotte Wylie, SVP and Deputy CSO at Okta, discusses the challenges of managing user identities across hybrid IT environments. She …
XZ Utils backdoor: Detection tools, scripts, rules
As the analysis of the backdoor in XZ Utils continues, several security companies have provided tools and advice on how to detect its presence on Linux systems. What happened? …
92,000+ internet-facing D-Link NAS devices accessible via “backdoor” account (CVE-2024-3273)
A vulnerability (CVE-2024-3273) in four old D-Link NAS models could be exploited to compromise internet-facing devices, a threat researcher has found. The existence of the …
April 2024 Patch Tuesday forecast: New and old from Microsoft
April 2024 Patch Tuesday is now live: Microsoft patches actively exploited security feature bypass vulnerability (CVE-2024-29988) This month, we have a new product preview …
How can the energy sector bolster its resilience to ransomware attacks?
Since it plays a vital role in every functioning society, the energy sector has always been a prime target for state-backed cybercriminals. The cyber threats targeting this …
WiCyS: A champion for a more diverse cybersecurity workforce
In this Help Net Security interview, Lynn Dohm, Executive Director at Women in CyberSecurity (WiCyS), talks about how the organization supports its members across different …
Industrial sectors embrace zero trust for enhanced security
Organizations are leveraging zero trust to enhance the safety, security, and reliability of their enterprise across IT and OT environments, according to Xage Security. Zero …
Week in review: 73M customers affected by AT&T data leak, errors led to US govt inboxes compromise
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Cyber attacks on critical infrastructure show advanced tactics and new …
Cybercriminal adoption of browser fingerprinting
Browser fingerprinting is one of many tactics phishing site authors use to evade security checks and lengthen the lifespan of malicious campaigns. While browser fingerprinting …
Security pros are cautiously optimistic about AI
55% of organizations plan to adopt GenAI solutions within this year, signaling a substantial surge in GenAI integration, according to a Cloud Security Alliance and Google …
22% of employees admit to breaching company rules with GenAI
Disruptive technologies like AI are heightening the longstanding tension between organizational security and employee productivity, according to 1Password. Employees are under …
New infosec products of the week: April 5, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Fastly, LogRhythm, Owl Cyber Defense Solutions, and TrueMedia.org. Owl Talon 3 …
Featured news
Resources
Don't miss
- Identifying risky candidates: Practical steps for security leaders
- Humanoid robot found vulnerable to Bluetooth hack, data leaks to China
- F5 data breach: “Nation-state attackers” stole BIG-IP source code, vulnerability info
- Microsoft patches three zero-days actively exploited by attackers
- U.S. seizes $15 billion in Bitcoin linked to massive forced-labor crypto scam