New open-source project takeover attacks spotted, stymied
The OpenJS Foundation has headed off a “credible takeover attempt” similar to the one that resulted in a backdoor getting included in the open-source XZ Utils …
5 free red teaming resources to get you started
Red teaming is evaluating the effectiveness of your cybersecurity by eliminating defender bias and adopting an adversarial perspective within your organization. Tactics may …
Ransomware group maturity should influence ransom payment decision
Your organization has been hit by ransomware and a decision has to be made on whether or not to make the ransom payment to get your data decrypted, deleted from …
Cyber attacks on critical infrastructure show advanced tactics and new capabilities
In this Help Net Security interview, Marty Edwards, Deputy CTO OT/IoT at Tenable, discusses the impact of geopolitical tensions on cyber attacks targeting critical …
6 keys to navigating security and app development team tensions
There will always be a natural tension between cybersecurity teams and developers. After all, it’s the developer’s role to “develop.” They want and are …
The most prevalent malware behaviors and techniques
An analysis of 100,000+ Windows malware samples has revealed the most prevalent techniques used by malware developers to successfully evade defenses, escalate privileges, …
LastPass’ CIO vision for driving business strategy, innovation
Recently, LastPass appointed Asad Siddiqui as its CIO. He brings over two decades of experience leading startups and large technology organizations. It was the perfect time …
10 free cybersecurity guides you might have missed
This collection of free cybersecurity guides covers a broad range of topics, from resources for developing cybersecurity programs to specific guides for various sectors and …
How to create an efficient governance control program
Your success as an organization, especially in the cyber realm, depends on your security posture. To account for the ongoing evolution of digital threats, you need to …
How organizations can navigate identity security risks in 2024
Managing IAM challenges in hybrid IT environments requires a holistic approach, integrating solutions and automating processes to ensure effective access controls and …
Why we fall for fake news and how can we change that?
Have you ever been swept away by an enticing headline and didn’t bother to probe the news in-depth? You might have shared an eye-catching news story or engaged with a …
Key strategies for ISO 27001 compliance adoption
In this Help Net Security interview, Robin Long, founder of Kiowa Security, shares insights on how best to approach the implementation of the ISO/IEC 27001 information …