Vulnerabilities impacting multiple QNAP operating systems (CVE-2022-27597, CVE-2022-27598)
Two vulnerabilities affecting various QNAP operating systems (CVE-2022-27597 and CVE-2022-27598) have been uncovered by Sternum. These vulnerabilities enable authenticated …
Streamlining cybersecurity decision-making for analysts and CISOs
Using structured, machine-readable data in defensive systems can present a significant challenge. In this Help Net Security interview, Giorgos Georgopoulos, CEO at Elemendar, …
Shadow data slipping past security teams
The rapid pace of cloud transformation and democratization of data has created a new innovation attack surface, leading to 3 in 4 organizations experiencing a cloud data …
Lack of security employees makes SMBs sitting ducks for cyber attacks
For SMBs (and startups in particular), breaches can be devastating, according to DigitalOcean. To strengthen their cybersecurity posture, companies must spend valuable …
3CX supply chain attack: What do we know?
Five days have passed since the supply chain attack targeting 3CX customers gained wider public attention, but the software’s manufacturer is yet to confirm how the …
Western Digital network security incident and service outage
US-based data storage company Western Digital has announced that it has suffered a network security incident that resulted in an unauthorized third party gaining access to a …
Passbolt: Open-source password manager for security-conscious organizations
In this Help Net Security interview, Kevin Muller, CEO at Passbolt, delves into the critical concerns linked to password usage, outlines how the Passbolt password manager …
Rookout’s Snapshots: The fourth pillar of observability for more secure applications
Liran Haimovitch, CTO and co-founder of Rookout, with his extensive background in cybersecurity within the Israeli government, has a unique perspective on the importance of …
Millions still exposed despite available fixes
Although KEV catalog vulnerabilities are frequent targets of APT Groups, a large and exploitable attack surface remains due to software vendors’ lack of awareness and …
Managing the risks of unstructured data growth
Locating and identifying sensitive data, including defense-in-depth strategies where a series of mechanisms are layered to protect valuable information, should be a critical …
Infosec products of the month: March 2023
Here’s a look at the most interesting products from the past month, featuring releases from: 1Password, Appdome, Atakama, BreachLock, Elevate Security, Fastly, Forescout, …
Week in review: 3CX supply chain attack, ChatGPT data leak
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Visa fraud expert outlines the many faces of payment ecosystem fraud In this …
Featured news
Resources
Don't miss
- Coinbase suffers data breach, gets extorted (but won’t pay)
- Samsung patches MagicINFO 9 Server vulnerability exploited by attackers
- Building cybersecurity culture in science-driven organizations
- How Kim Crawley challenges big tech in “Digital Safety in a Dangerous World”
- Google strengthens secure enterprise access from BYOD Android devices