Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.

News

Google Chrome
Google fixes actively exploited Chrome zero-day (CVE-2024-0519)

In the new stable release of the Chrome browser, Google has fixed three security vulnerabilities affecting the V8 engine, including one zero-day (CVE-2024-0519) with an …

problem
Security considerations during layoffs: Advice from an MSSP

Navigating layoffs is complex and difficult for many reasons. Not only do human resources and direct managers bear the onus of responsibility when conducting exit …

cybersecurity awareness
The right strategy for effective cybersecurity awareness

Employees play a significant role in safeguarding organizational assets. With a constantly evolving threat landscape, cybersecurity awareness training is an essential …

Chris Mixter
CISOs’ crucial role in aligning security goals with enterprise expectations

In this Help Net Security interview, Chris Mixter, Vice President, Analyst at Gartner, discusses the dynamic world of CISOs and how their roles have evolved significantly over …

data analytics
IT teams unable to deliver data fast enough to match the speed of business

Increasing data requests overwhelm IT teams, but security concerns hinder their ability to provide employees with access to timely data, according to CData Software. The …

Atlassian Confluence
Atlassian reveals critical Confluence RCE flaw, urges “immediate action” (CVE-2023-22527)

Atlassian has patched a critical vulnerability (CVE-2023-22527) in Confluence Data Center and Confluence Server that could lead to remote code execution. The good news is that …

Ivanti
1,700 Ivanti VPN devices compromised. Are yours among them?

Over 1,700 Ivanti Connect Secure VPN devices worldwide have been compromised by attackers exploiting two zero-days with no patches currently available. “Additional …

OAuth
3 ways to combat rising OAuth SaaS attacks

OAuth attacks are on the rise. In December, the Microsoft Threat Intelligence team observed threat actors misusing OAuth apps to take over a cloud server and mine …

cybersecurity frameworks
10 cybersecurity frameworks you need to know about

As cyber threats grow more sophisticated, understanding and implementing robust cybersecurity frameworks is crucial for organizations of all sizes. This article lists the most …

Tsurugi Linux
Tsurugi Linux: Tailoring user experience for digital forensics and OSINT investigations

Tsurugi Linux is a heavily customized open-source distribution focused on supporting DFIR investigations. The project focuses mainly on live forensics analysis, post-mortem …

internet
Geopolitical tensions combined with technology will drive new security risks

Misinformation and disinformation are biggest short-term risks, while extreme weather and critical change to Earth systems are greatest long-term concern, according to the …

malware
Windows SmartScreen bug exploited to deliver powerful info-stealer (CVE-2023-36025)

A vulnerability (CVE-2023-36025) that Microsoft fixed in November 2023 continues to be exploited by malware peddlers: this time around, the delivered threat is a variant of …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools