Organizations actively embrace zero trust, integration remains a hurdle
IT teams have made security efforts and progress in zero-trust implementation strategies to establish a new sense of normalcy following the network upheaval caused by the …
Photos: Infosecurity Europe 2023
Infosecurity Europe 2023 is taking place at ExCeL London from 20-22 June 2023 and Help Net Security is on site. The second gallery is available here. Here’s a closer …
Compromised Linux SSH servers engage in DDoS attacks, cryptomining
Poorly managed Linux SSH servers are getting compromised by unknown attackers and instructed to engage in DDoS attacks while simultaneously mining cryptocurrency in the …
Zyxel patches critical vulnerability in NAS devices (CVE-2023-27992)
Zyxel has released firmware patches for a critical vulnerability (CVE-2023-27992) in some of its consumer network attached storage (NAS) devices. About CVE-2023-27992 …
ChatGPT and data protection laws: Compliance challenges for businesses
In this Help Net Security interview, Patricia Thaine, CEO at Private AI, reviews the main privacy concerns when using ChatGPT in a business context, as well as the risks that …
10 open-source recon tools worth your time
Recon is the initial stage in the penetration testing process. It’s a vital phase allowing the tester to understand their target and strategize their moves. Here are ten …
Demand for STEM training skyrockets
The rapid pace of globalization, digital transformation, and AI advancements have created a renewed demand for digital and human skills among US learners, according to …
A third MOVEit vulnerability fixed, Cl0p lists victim organizations (CVE-2023-35708)
Progress Software has asked customers to update their MOVEit Transfer installations again, to fix a third SQL injection vulnerability (CVE-2023-35708) discovered in the web …
Microsoft confirms DDoS attacks against M365, Azure Portal
The Microsoft 365 and Azure Portal outages users experienced this month were caused by Layer 7 DDoS attacks, Microsoft has confirmed on Friday. The DDoS attacks against …
Three cybersecurity actions that make a difference
Organizations that closely align their cybersecurity programs to business objectives are 18% more likely to achieve target revenue growth and market share and improve customer …
Untangling the web of supply chain security with Tony Turner
Decades ago, Tony Turner, CEO of Opswright and author of Software Transparency: Supply Chain Security in an Era of a Software-Driven Society, faced an SQL Slammer worm. Having …
Week in review: Fortinet patches pre-auth RCE, Switzerland under cyberattack
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Building a culture of security awareness in healthcare begins with leadership …
Featured news
Resources
Don't miss
- Southwest Airlines CISO on tackling cyber risks in the aviation industry
- Insider risk management needs a human strategy
- Cerbos: Open-source, scalable authorization solution
- Patch Tuesday: Microsoft fixes 5 actively exploited zero-days
- Zero-day exploited to compromise Fortinet FortiVoice systems (CVE-2025-32756)