Seasoned cyber pros are more complacent in their skills than junior staff
Average response time accelerated from 29 to 19 days, from 2021 to 2022, with lessons from Log4j and other high-profile vulnerabilities having a significant impact on urgency …
Managing human cyber risks matters now more than ever
As artificial intelligence amplifies the sophistication and reach of phishing, vishing, and smishing attacks, understanding and managing human cyber risks has become …
How to get started with ongoing configuration assessments
There’s an old adage in business: if you’re not measuring something, you can’t manage it. These days, information technology (IT) and information security …
Keystroke sounds can betray passwords
Researchers from several UK universities have proven that the recorded sounds of laptop keystrokes can be used to obtain sensitive user data such as passwords with a high …
PaperCut fixes bug that can lead to RCE, patch quickly! (CVE-2023-39143)
Horizon3.ai researchers have published some details (but no PoC for now, thankfully!) about CVE-2023-39143, two vulnerabilities in PaperCut application servers that could be …
8 free cybersecurity documentaries you can watch right now
The line between physical and digital safety continues to blur, making cybersecurity a universal concern. The intricacies of cybersecurity can often feel esoteric, leaving …
Zoom CISO Michael Adams discusses cybersecurity threats, solutions, and the future
In this Help Net Security interview, we delve into the world of cybersecurity with Michael Adams, the CISO at Zoom. Adams analyzes how organizations grapple with the effects …
Budget constraints threaten cybersecurity in government bodies
Government organizations are attractive targets for threat actors whose motivations may be geopolitical, financial, or disruption, according to BlackBerry. Because threat …
Week in review: AWS SSM agents as RATs, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Open-source penetration testing tool BloodHound CE released SpecterOps …
Top 12 vulnerabilities routinely exploited in 2022
Cybersecurity agencies from member countries of the Five Eyes intelligence alliance have released a list of the top 12 vulnerabilities routinely exploited in 2022, plus 30 …
Google makes removal of personal user info from Search easier
Google is making it easier for users to remove personal contact information and personal, non-consensual explicit imagery from Google search results. “Of course, …
August 2023 Patch Tuesday forecast: Software security improvements
August 2023 Patch Tuesday: Microsoft fixes critical bugs in Teams, MSMQ The continued onslaught of phishing attacks, ransomware deployment, and other exploitation is forcing …
Featured news
Resources
Don't miss
- Hackers probe, exploit newly patched BeyondTrust RCE flaw (CVE-2026-1731)
- Brutus: Open-source credential testing tool for offensive security
- Why secure OT protocols still struggle to catch on
- Edge computing’s biggest lie: “We’ll patch it later”
- Cyber risk is becoming a hold-period problem for private equity firms