Ivanti fixes second zero-day exploited by attackers (CVE-2023-35081)
Another actively exploited zero-day vulnerability (CVE-2023-35081) affecting Ivanti Endpoint Manager Mobile (EPMM) has been identified and fixed. The first zero-day spotted …
Web browsing is the primary entry vector for ransomware infections
The most widely used method for ransomware delivery in 2022 was via URL or web browsing (75.5%), Palo Alto Networks researchers have found. In 2021, it was email attachments …
New persistent backdoor used in attacks on Barracuda ESG appliances
The Cybersecurity and Infrastructure Agency (CISA) has published an analysis report on the backdoors dropped by attackers exploiting CVE-2023-2868, a remote command injection …
Data privacy vault: Securing sensitive data while navigating regulatory demands
In this Help Net Security interview, Jean-Charles Chemin, CEO of Legapass, provides insight into the correlation between maintaining customer trust and protecting sensitive …
Relying on CVSS alone is risky for vulnerability management
A vulnerability management strategy that relies solely on CVSS for vulnerability prioritization is proving to be insufficient at best, according to Rezilion. In fact, relying …
The race against time in ransomware attacks
Most organizations lack strong cyber resilience strategies or data security capabilities to address threats and maintain business continuity, according to BigID. Despite both …
Week in review: Ivanti zero-day exploited, MikroTik vulnerability could compromise 900,000 routers
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Key factors for effective security automation In this Help Net Security …
New infosec products of the week: July 28, 2023
Here’s a look at the most interesting products from the past week, featuring releases from BreachRx, Darktrace, Dig Security, Panorays, and SeeMetrics. Panorays unveils …
Blocking access to ChatGPT is a short term solution to mitigate risk
For every 10,000 enterprise users, an enterprise organization is experiencing approximately 183 incidents of sensitive data being posted to ChatGPT per month, according to …
CISOs consider zero trust a hot security ticket
The majority of organizations are on the road to implementing a zero trust framework to increase their overall security risk posture, according to PlainID. However, only 50% …
A step-by-step guide for patching software vulnerabilities
Coalition’s recent Cyber Threat Index 2023 predicts the average Common Vulnerabilities and Exposures (CVEs) rate will rise by 13% over 2022 to more than 1,900 per month in …
Why are computer security guidelines so confusing?
If you find the computer security guidelines you get at work confusing and not very useful, you’re not alone. A new study highlights a key problem with how these guidelines …
Featured news
Resources
Don't miss
- More than half of public vulnerabilities bypass leading WAFs
- The soft underbelly of space isn’t in orbit, it’s on the ground
- Privacy risks sit inside the ads that fill your social media feed
- Should AI access be treated as a civil right across generations?
- What cybersecurity leaders are reading to stay ahead