Investing in Privacy by Design for long-term compliance
In this Help Net Security interview, Bojan Belušić, Head of Information Security & IT Operations at Microblink, discusses the relationship between Privacy by Design and …
Balancing legal frameworks and enterprise security governance
In this Help Net Security interview, Tom McAndrew, CEO at Coalfire, discusses the balance organizations must strike between legal compliance and effective enterprise security …
Consumers have trust issues regarding how AI collects their data
Consumers worldwide are highly concerned about the information companies collect from them – especially when it’s used for AI, according to Cohesity. The majority …
Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409)
If you run a self-managed GitLab installation with configured SAML-based authentication and you haven’t upgraded it since mid-September, do it now, because security …
Guide for selecting the right GRC framework, EU edition
Governance, risk, and compliance frameworks are critical. They enable cybersecurity professionals to accurately identify an organization’s risk posture, align business and …
YARA: Open-source tool for malware research
YARA is a powerful tool designed primarily to aid malware researchers in identifying and categorizing malware samples, though its applications are broader. The tool enables …
Cultivating a security-first mindset: Key leadership actions
In this Help Net Security interview, Emily Wienhold, Cyber Education Specialist at Optiv, discusses how business leaders can promote a security-first culture within their …
GoldenJackal APT group breaches air-gapped systems in Europe
ESET researchers have discovered a series of attacks that took place in Europe from May 2022 to March 2024, where the attackers used a toolset capable of targeting air-gapped …
30% of customer-facing APIs are completely unprotected
70% of customer-facing APIs are secured using HTTPS, leaving nearly one-third of these APIs completely unprotected, according to F5. This is a stark contrast to the 90% of web …
Cybersecurity jobs available right now: October 9, 2024
Some of the jobs listed here are no longer accepting applications. For a fresh list of open cybersecurity jobs, go here. Cloud Cybersecurity Analyst III Texas Health and Human …
Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572)
For October 2024 Patch Tuesday, Microsoft has released fixes for 117 security vulnerabilities, including two under active exploitation: CVE-2024-43573, a spoofing bug …
Ivanti fixes three CSA zero-days exploited in the wild (CVE-2024-9379, CVE-2024-9380, CVE-2024-9381)
Ivanti has patched three additional Cloud Service Appliance (CSA) zero-day flaws, which have been exploited by attackers in conjuction with a zero-day bug the company …
Featured news
Resources
Don't miss
- Product showcase: Ledger Flex secure crypto wallet
- Villain: Open-source framework for managing and enhancing reverse shells
- Securing the invisible: Supply chain security trends
- Why cyber resilience must be part of every organization’s DNA
- 44% of the zero-days exploited in 2024 were in enterprise solutions