vulnerability
Cultivating a security-first mindset for software developers
There is a “great cyber security awakening” happening across companies. Right now, we need a fundamental new approach to development, so we are not constantly firefighting. …
Manufacturers are starting to realize the importance of OT security
While rapid technology advances have improved manufacturing operations in recent years, combining new and legacy operational technology (OT) has created security gaps that …
When it comes to banking security, there’s no silver bullet
In this interview with Help Net Security, Ido Helshtock, Chief Product Officer at HUB Security, talks about banking security, the most common vulnerabilities, and what banks …
Delivering vulnerable signed kernel drivers remains popular among attackers
ESET researchers took an in-depth look into the abuse of vulnerable kernel drivers. Vulnerabilities in signed drivers are mostly utilized by game cheat developers to …
2022 promises to be a challenging year for cybersecurity professionals
I am very glad to turn the page on 2021, however, I am not optimistic that 2022 will be remarkably better. I am hopeful that President Biden’s Executive Order 14028 and the …
Small businesses are most vulnerable to growing cybersecurity threats
Many small and medium-sized businesses (SMBs) mistakenly assume (hope?) their size makes them a less appealing target to hackers, without realizing cyber criminals are eager …
The Log4j debacle showed again that public disclosure of 0-days only helps attackers
On December 9, 2021, a (now deleted) tweet linking to a 0-day proof of concept (PoC) exploit (also now deleted) for the Log4Shell vulnerability on GitHub set the internet on …
Experts uncover Elephant Beetle, an organized financial-theft operation
Sygnia announced that it has released its comprehensive report uncovering an organized financial-theft operation it has termed Elephant Beetle. For the past two years, the …
Insider threat does not have to be malicious, so how do you protect your organization?
In this interview with Help Net Security, Laura Hoffner, Chief of Staff at Concentric, talks about the causes of insider threat attacks and what companies can do to mitigate …
Why the UK’s energy sector is fragile and ripe to cyber attacks
For the first time in a generation, the UK is in the middle of an unprecedented supply chain crisis, and in recent weeks, we have seen very clearly the immediate and …
How will the cybersecurity industry evolve in 2022?
The cybersecurity landscape has always been dynamic. However, this past year highlighted vulnerabilities and attack vectors that will drive trends and shape global …
4 practical strategies for Log4j discovery
For security teams scrambling to secure their organizations against Log4j exploitation, one of the first and most challenging tasks is understanding where Log4j exists within …