Lack of visibility into cloud access policies leaves enterprises flying blind
Fragmented access policies are top security concern in multi-cloud environments, with more than 75% of enterprises reporting they do not know where applications are deployed …
Webinar: The external attack surface & AI’s role in proactive security
The enterprise perimeter is now a massively decentralized IT landscape characterized by large-scale adoption of cloud platforms, digital services, and an increasingly tangled …
Attackers exploited WinRAR zero-day for months to steal money from brokers (CVE-2023-38831)
Financially-motivated attackers have exploited a zero-day vulnerability in WinRAR (CVE-2023-38831) to trick traders into installing malware that would allow them to steal …
Surge in identity crime victims reporting suicidal thoughts
Identity theft can have great financial impact on the victims, but the experienced emotional, physical and psychological impact can be even more devastating, according to the …
Bogus OfficeNote app delivers XLoader macOS malware
A new macOS-specific variant of the well known XLoader malware is being delivered disguised as the “OfficeNote” app. “Multiple submissions of this sample …
Security Onion 2.4: Free, open platform for defenders gets huge update
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It has been downloaded over 2 million times and is being …
Open redirect flaws increasingly exploited by phishers
Phishing attacks using open redirect flaws are on the rise again, according to Kroll’s Cyber Threat Intelligence (CTI) team, which means organizations should consider …
Anticipating the next wave of IoT cybersecurity challenges
In this Help Net Security interview, Roland Atoui, Managing Director at Red Alert Labs, discusses the intricacies of transitioning from isolated IoT setups to interconnected …
Cybercriminals turn to AI to bypass modern email security measures
Cybercriminals employ artificial intelligence (AI) to create complex email threats like phishing and business email compromise (BEC) attacks, while modern email security …
Large-scale breaches overshadow decline in number of healthcare data incidents
While H1 2023 saw an encouraging decrease in the overall number of data breaches impacting healthcare organizations, it was overshadowed by large-scale breaches resulting in a …
Ivanti Sentry zero-day vulnerability exploited, patch ASAP! (CVE-2023-38035)
Ivanti is urging administrators of Ivanti Sentry (formerly MobileIron Sentry) gateways to patch a newly discovered vulnerability (CVE-2023-38035) that could be exploited to …
Seiko joins growing list of ALPHV/BlackCat ransomware victims
Japanese watchmaker Seiko has been added to ALPHV (BlackCat) ransomware group’s victim list, following a data breach occurring in early August. The Seiko data breach The …
Featured news
Resources
Don't miss
- Millions of Android devices roped into Badbox 2.0 botnet. Is yours among them?
- June 2025 Patch Tuesday forecast: Second time is the charm?
- Why IAM should be the starting point for AI-driven cybersecurity
- Protecting patient data starts with knowing where it’s stored
- Ransomware and USB attacks are hammering OT systems