Log4Shell shows no sign of fading, spotted in 30% of CVE exploits
Organizations continue to run insecure protocols across their wide access networks (WAN), making it easier for cybercriminals to move across networks, according to a Cato …
Black Basta target orgs with new social engineering campaign
Black Basta, one of the most prolific ransomware-as-a-service operators, is trying out a combination of email DDoS and vishing to get employees to download remote access …
Red teaming: The key ingredient for responsible AI
Developing responsible AI isn’t a straightforward proposition. On one side, organizations are striving to stay at the forefront of technological advancement. On the other …
Establishing a security baseline for open source projects
In this Help Net Security interview, Dana Wang, Chief Architect at OpenSSF, discusses the most significant barriers to improving open-source software security (OSS security) …
AI’s rapid growth puts pressure on CISOs to adapt to new security risks
The increased use of AI further complicates CISO role as industries begin to realize the full potential of GenAI and its impact on cybersecurity, according to Trellix. …
Critical vulnerabilities take 4.5 months on average to remediate
Over a third of organizations had at least one known vulnerability in 2023, with nearly a quarter of those facing five or more, and 60% of vulnerabilities remained unaddressed …
Download: The Ultimate Guide to the CISSP
The Ultimate Guide to the CISSP covers everything you need about the world’s premier cybersecurity leadership certification. Learn how CISSP and ISC2 will help you navigate …
Week in review: Veeam fixes RCE flaw in backup management platform, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Veeam fixes RCE flaw in backup management platform (CVE-2024-29212) Veeam has …
Google fixes Chrome zero-day with in-the-wild exploit (CVE-2024-4671)
Google has fixed a Chrome zero-day vulnerability (CVE-2024-4671), an exploit for which exists in the wild. About CVE-2024-4671 CVE-2024-4671 is a use after free vulnerability …
May 2024 Patch Tuesday forecast: A reminder of recent threats and impact
The updates have been released: May 2024 Patch Tuesday: Microsoft fixes exploited zero-days (CVE-2024-30051, CVE-2024-30040) The thunderstorms of April patches have passed, …
How secure is the “Password Protection” on your files and drives?
People in certain professions, such as healthcare, law, and corporations, often rely on password protection when sending files via email, believing it provides adequate …
Cybercriminals are getting faster at exploiting vulnerabilities
Cybercriminals are targeting the ever-increasing number of new vulnerabilities resulting from the exponential growth in the number and variety of connected devices and an …
Featured news
Resources
Don't miss
- CISOs, are your medical devices secure? Attackers are watching closely
- Cybersecurity classics: 10 books that shaped the industry
- NIST selects HQC as backup algorithm for post-quantum encryption
- NetBird: Open-source network security
- Burnout in cybersecurity: How CISOs can protect their teams (and themselves)