cybersecurity
GoldenJackal APT group breaches air-gapped systems in Europe
ESET researchers have discovered a series of attacks that took place in Europe from May 2022 to March 2024, where the attackers used a toolset capable of targeting air-gapped …
30% of customer-facing APIs are completely unprotected
70% of customer-facing APIs are secured using HTTPS, leaving nearly one-third of these APIs completely unprotected, according to F5. This is a stark contrast to the 90% of web …
Ivanti fixes three CSA zero-days exploited in the wild (CVE-2024-9379, CVE-2024-9380, CVE-2024-9381)
Ivanti has patched three additional Cloud Service Appliance (CSA) zero-day flaws, which have been exploited by attackers in conjuction with a zero-day bug the company …
The role of self-sovereign identity in enterprises
As personal data becomes increasingly commodified and centralized, the need for individuals to reclaim control over their identities has never been more urgent. Meanwhile, …
How hybrid workforces are reshaping authentication strategies
In this Help Net Security interview, Brian Pontarelli, CEO at FusionAuth, discusses the evolving authentication challenges posed by the rise of hybrid and remote workforces. …
Websites are losing the fight against bot attacks
The discovery that 95% of advanced bot attacks go undetected points to a weakness in current detection and mitigation strategies. This suggests that while some organizations …
The case for enterprise exposure management
For several years, external attack surface management (EASM) has been an important focus for many security organizations and the vendors that serve them. EASM, attempting to …
Transforming cloud security with real-time visibility
In this Help Net Security interview, Amiram Shachar, CEO at Upwind, discusses the complexities of cloud security in hybrid and multi-cloud environments. He outlines the need …
SOC teams are frustrated with their security tools
Security operations center (SOC) practitioners believe they are losing the battle detecting and prioritizing real threats – due to too many siloed tools and a lack of accurate …
Best practices for implementing threat exposure management, reducing cyber risk exposure
In this Help Net Security interview, Sanaz Yashar, CEO at Zafran, discusses the role of threat exposure management (TEM) in modern cybersecurity strategies. As traditional …
Cybercriminals capitalize on poorly configured cloud environments
Off-the-shelf offensive security tools and poorly configured cloud environments create openings in the attack surface, according to Elastic. Adversaries are utilizing …
Three hard truths hindering cloud-native detection and response
According to Gartner, the market for cloud computing services is expected to reach $675 billion in 2024. Companies are shifting from testing the waters of cloud computing to …