cybersecurity
Most GitHub Actions workflows are insecure in some way
Most GitHub Actions are susceptible to exploitation; they are overly privileged or have risky dependencies, according to Legit Security. GitHub Actions security flaws pose …
ChatGPTriage: How can CISOs see and control employees’ AI use?
It’s been less than 18 months since the public introduction of ChatGPT, which gained 100 million users in less than two months. Given the hype, you would expect enterprise …
Managing exam pressure: Tips for certification preparation
In this Help Net Security interview, Seth Hodgson, SVP of Engineering at Udemy, discusses effective study techniques for cybersecurity certification exams. Hodgson discusses …
Firmware update hides Bluetooth fingerprints
A smartphone’s unique Bluetooth fingerprint could be used to track the device’s user–until now. A team of researchers has developed a simple firmware update that can …
Paris 2024 Olympics to face complex cyber threats
While previous Olympic games have faced cybersecurity threats, the Games of the XXXIII Olympiad, also known as Paris 2024, will see the largest number of threats, the most …
Risk related to non-human identities: Believe the hype, reject the FUD
The hype surrounding unmanaged and exposed non-human identities (NHIs), or machine-to-machine credentials – such as service accounts, system accounts, certificates and …
Realm: Open-source adversary emulation framework
Realm is an open-source adversary emulation framework emphasizing scalability, reliability, and automation. It’s designed to handle engagements of any size. “Realm …
Discover the growing threats to data security
In this Help Net Security interview, Pranava Adduri, CEO at Bedrock Security, discusses how businesses can identify and prioritize their data security risks. Adduri emphasizes …
Pressure mounts for C-Suite executives to implement GenAI solutions
87% of C-Suite executives feel under pressure to implement GenAI solutions at speed and scale, according to RWS. Despite these pressures, 76% expressed an overwhelming …
How to design a third-party risk management framework
Most organizations focus on securing routers, servers, firewalls, and other endpoints, but threats can also arise from unfamiliar sources such as third-party networks, which …
Managing cyberattack fallout: Financial and operational damage
In this Help Net Security, Ashley Harrington, Director of Cybersecurity at Aspida, discusses the impact of cyberattack on business operations and financial health. Beyond …
Top priorities for compliance leaders this year
Legal, compliance and privacy leaders list strengthening their personal impact on company strategy as their top priority for 2024, according to Gartner. Improving third party …
Featured news
Sponsored
Don't miss
- Black Friday shoppers targeted with thousands of fraudulent online stores
- RomCom hackers chained Firefox and Windows zero-days to deliver backdoor
- How to recognize employment fraud before it becomes a security issue
- Practical strategies to build an inclusive culture in cybersecurity
- Domain security posture of Forbes Global 2000 companies