Researchers warn of increased malware delivery via fake browser updates
ClearFake, a recently documented threat leveraging compromised WordPress sites to push malicious fake browser updates, is likely operated by the threat group behind the …
How to go from collecting risk data to actually reducing risk?
Organizations trying to cope with securing their expanding attack surfaces eventually find themselves at a crossroads: they need to move beyond finding risks to effectively …
The collaborative power of CISOs, CTOs and CIOs for a secure future
In this Help Net Security interview, Phil Venables, CISO at Google Cloud, discusses the results of a recent Google report on board collaboration with the C-suite — …
One in five CISOs miss out on pay raise
The CISO role was partially shielded from the macroeconomic challenges of 2023, according to a new research from IANS and Artico Search. 20% of CISOs did not receive a raise …
Cyberattacks on healthcare organizations affect patient care
88% of organizations experienced an average of 40 attacks in the past 12 months, according to a survey conducted by the Proofpoint and Ponemon Institute. Supply chain attacks: …
Anticipating the benefits of a passwordless tomorrow
Businesses are actively moving to eradicate passwords from employees’ lives, with 89% of IT leaders expecting passwords to represent less than a quarter of their …
Essential cyber hygiene: Making cyber defense cost effective
Strengthening your cyber defenses can be a daunting task. Where do you start? Which tools do you use? How much will it cost? And, what do you risk losing if you do nothing? …
ELITEWOLF: NSA’s repository of signatures and analytics to secure OT
Cyber entities continue to show a persistent interest in targeting critical infrastructure by taking advantage of vulnerable OT assets. To counter this threat, NSA has …
Cisco IOS XE zero-day exploited by attackers to deliver implant (CVE-2023-20198)
A previously unknown vulnerability (CVE-2023-20198) affecting networking devices running Cisco IOS XE software is being exploited by a threat actor to take control of the …
Compromised Skype accounts deliver DarkGate malware to employees
A threat actor is using compromised Skype accounts to deliver the DarkGate malware to target organizations, Trend Micro researchers have warned. “Versions of DarkGate …
Microsoft announces AI bug bounty program
Microsoft is offering up to $15,000 to bug hunters that pinpoint vulnerabilities of Critical or Important severity in its AI-powered “Bing experience”. “The …
DIY attack surface management: Simple, cost-effective and actionable perimeter insights
Modern-day attack surface management (ASM) can be an intimidating task for most organizations, with assets constantly changing due to new deployments, assets being …
Featured news
Resources
Don't miss
- Cybercriminals exploit RMM tools to steal real-world cargo
- Former ransomware negotiators allegedly targeted US firms with ALPHV/BlackCat ransomware
- How nations build and defend their cyberspace capabilities
- Uncovering the risks of unmanaged identities
- Deepfakes, fraud, and the fight for trust online