MITRE ATT&CK project leader on why the framework remains vital for cybersecurity pros
MITRE ATT&CK, a common language for cybersecurity professionals to communicate with each other and better understand real-world adversary behaviors, celebrates its 10th …
IT workers see generative AI as a serious threat to their profession
While many IT workers see the productivity benefits of AI, 56% believe it benefits employers more than employees, according to Ivanti. Additionally, 63% are concerned …
National Student Clearinghouse MOVEit breach impacts nearly 900 schools
US educational nonprofit organization National Student Clearinghouse (NSC) has revealed that the breach of its MOVEit server ended up affecting almost 900 colleges and …
BinDiff: Open-source comparison tool for binary files
BinDiff is a binary file comparison tool to find differences and similarities in disassembled code quickly. It was made open source today. With BinDiff, you can identify and …
Hands-on threat simulations: Empower cybersecurity teams to confidently combat threats
Security processes are increasingly automated which has led some businesses to deprioritize developing their security teams’ defense skills. While antivirus and non-human …
How global enterprises navigate the complex world of data privacy
In this Help Net Security interview, Evelyn de Souza, Head of Privacy Compliance, Oracle SaaS Cloud, talks about the constant efforts required to keep up with privacy laws in …
Balancing cybersecurity with convenience and progress
Changing approaches to cybersecurity have led to slow but steady progress in defense and protection. Still, competing interests create a growing challenge for cybersecurity …
Current ransomware defensive efforts are not working
Despite some positive developments, the impact of ransomware attacks remains high, according to SpyCloud. Infostealer infections preceded 22% of ransomware events for North …
Despite rising insider risk costs, budgets are being wasted in the wrong places
The cost of an insider risk is the highest it’s ever been, as organizations spend more time than ever trying to contain insider incidents, according to DTEX Systems. The …
Week in review: 18 free Microsoft Azure cybersecurity resources, K8 vulnerability allows RCE
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: LLM Guard: Open-source toolkit for securing Large Language Models LLM Guard …
GitLab fixes critical vulnerability, patch now! (CVE-2023-5009)
GitLab has fixed a critical vulnerability (CVE-2023-5009) in the Enterprise Edition (EE) and Community Edition (CE) of its widely used DevOps platform. The flaw may allow a …
Apple fixes 3 zero-day vulnerabilities exploited to compromise iPhones
Apple has released updates for iOS and iPadOS, macOS, watchOS, and Safari to fix three zero-day vulnerabilities (CVE-2023-41992, CVE-2023-41991, CVE-2023-41993) exploited …
Featured news
Sponsored
Don't miss
- Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419)
- Fighting AI-powered synthetic ID fraud with AI
- Laying the groundwork for zero trust in the military
- Grype: Open-source vulnerability scanner for container images, filesystems
- Signatures should become cloud security history