Navigating cybersecurity in the age of remote work
In this Help Net Security interview, Jay Chaudhry, CEO at Zscaler, talks about connecting and securing remote employees and their devices to access organizational resources …
Phishing campaigns thrive as evasive tactics outsmart conventional detection
A 25% increase in the use of phishing kits has been recorded in 2022, according to Group-IB. The key phishing trends observed are the increasing use of access control and …
Infosec products of the month: May 2023
Here’s a look at the most interesting products from the past month, featuring releases from: Aqua Security, Axiado, Bitwarden, Cloudflare, ComplyAdvantage, Dashlane, Delinea, …
Someone is roping Apache NiFi servers into a cryptomining botnet
If you’re running an Apache NiFi instance exposed on the internet and you have not secured access to it, the underlying host may already be covertly cryptomining on …
Zyxel patches vulnerability in NAS devices (CVE-2023-27988)
Zyxel has patched a high-severity authenticated command injection vulnerability (CVE-2023-27988) in some of its network attached storage (NAS) devices aimed at home users. …
How APTs target SMBs
Small and medium businesses (SMBs) are not exempt from being targeted by advanced persistent threat (APT) actors, according to Proofpoint researchers. By analyzing a year’s …
Kali Linux 2023.2 released: New tools, a pre-built Hyper-V image, a new audio stack, and more!
Offensive Security has released Kali Linux 2023.2, the latest version of its popular penetration testing and digital forensics platform. New tools in Kali Linux 2023.2 Aside …
The strategic importance of digital trust for modern businesses
In this Help Net Security interview, Deepika Chauhan, CPO at DigiCert, talks about the importance of maintaining high trust assurance levels for businesses in today’s …
Organizations are placing OT cybersecurity responsibility on CISOs
Protecting operational technology (OT) systems is now more critical than ever as more organizations connect their OT environments to the internet, according to Fortinet. …
Attackers leave organizations with no recovery option
Organizations of all sizes are increasingly falling victim to ransomware attacks and inadequately protecting against this rising cyberthreat, according to Veeam. One in seven …
Attackers hacked Barracuda ESG appliances via zero-day since October 2022
Barracuda says that the recently discovered compromise of some of it clients’ ESG appliances via a zero-day vulnerability (CVE-2023-2868) resulted in the deployment of …
Penetration tester develops AWS-based automated cracking rig
Building a custom cracking rig for research can be expensive, so penetration tester Max Ahartz built one on AWS. In this Help Net Security interview, he takes us through the …
Featured news
Resources
Don't miss
- Google strengthens secure enterprise access from BYOD Android devices
- Southwest Airlines CISO on tackling cyber risks in the aviation industry
- Insider risk management needs a human strategy
- Cerbos: Open-source, scalable authorization solution
- Patch Tuesday: Microsoft fixes 5 actively exploited zero-days