Why cyber maturity assessment should become standard practice
Understanding risk is one thing, but how do you know if your organization has what it takes to withstand those risks being realized? Establishing cyber maturity can help …
3 free data protection regulation courses you can take right now
Increasingly, information about us, and even by us, is being processed. Even mundane or insignificant details can be combined and linked with other data in a manner that may …
What organizations need to know about the Digital Operational Resilience Act (DORA)
In this Help Net Security interview, Kris Lovejoy, Global Security and Resilience Leader at Kyndryl, discusses the impact of the Digital Operational Resilience Act (DORA) on …
Organizations are knowingly releasing vulnerable applications
92% of companies had experienced a breach in the prior year due to vulnerabilities of applications developed in-house, according to Checkmarx. AppSec managers and developers …
Critical vulnerabilities in TeamCity JetBrains fixed, release of technical details imminent, patch quickly! (CVE-2024-27198, CVE-2024-27199)
JetBrains has fixed two critical security vulnerabilities (CVE-2024-27198, CVE-2024-27199) affecting TeamCity On-Premises and is urging customers to patch them immediately. …
GitHub push protection now on by default for public repositories
GitHub push protection – a security feature aimed at preventing secrets such as API keys or tokens getting accidentally leaked online – is being switched on by …
Phishers target FCC, crypto holders via fake Okta SSO pages
A new phishing campaign is using fake Okta single sign-on (SSO) pages for the Federal Communications Commission (FCC) and for various cryptocurrency platforms to target users …
Securing software repositories leads to better OSS security
Malicious software packages are found on public software repositories such as GitHub, PyPI and the npm registry seemingly every day. Attackers use a number of tricks to fool …
PyRIT: Open-source framework to find risks in generative AI systems
Python Risk Identification Tool (PyRIT) is Microsoft’s open-source automation framework that enables security professionals and machine learning engineers to find risks …
95% believe LLMs making phishing detection more challenging
More than 95% of responding IT and security professionals believe social engineering attacks have become more sophisticated in the last year, according to LastPass. Recent AI …
New compensation trends in the cybersecurity sector
For several years, cybersecurity leaders have grappled with talent shortages in crucial cyber roles. In the face of escalating financial requirements and expanding …
Photos: BSidesZagreb 2024
BSidesZagreb is a complimentary, non-profit conference driven by community participation, designed for information security professionals and enthusiasts to gather, exchange …
Featured news
Resources
Don't miss
- Google disrupts proxy network used by 550+ threat groups
- eScan AV users targeted with malicious updates
- Google agrees to pay $135 million over Android data harvesting claims
- SolarWinds fixes critical Web Help Desk RCE vulnerabilities, upgrade ASAP!
- Open-source malware zeroes in on developer environments