Malicious links and misaddressed emails slip past security controls
The majority of organizations use six or more communication tools, across channels, with email remaining the channel seen as the most vulnerable to attacks (38%), according to …
What flying a plane can teach you about cybersecurity
Before taking on the role as GM of IAI’s cyber division, Esti Peshin was the Director General of the Hi-Tech Caucus in Israel’s parliament, balancing legislation and …
Week in review: KeePass vulnerability, Apple fixes exploited WebKit 0-days
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Apple fixes WebKit 0-days under attack (CVE-2023-28204, CVE-2023-32373, …
Apple fixes WebKit 0-days under attack (CVE-2023-28204, CVE-2023-32373, CVE-2023-32409)
Apple has released security updates for iOS and iPadOS, macOS, tvOS and watchOS, delivering fixes for many vulnerabilities but, most importantly, for CVE-2023-32409, a WebKit …
DarkBERT could help automate dark web mining for cyber threat intelligence
Researchers have developed DarkBERT, a language model pretrained on dark web data, to help cybersecurity pros extract cyber threat intelligence (CTI) from the Internet’s …
New infosec products of the week: May 19, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Bitwarden, Cloudflare, ComplyAdvantage, Enzoic, Neurotechnology, Nozomi Networks, …
Inadequate tools leave AppSec fighting an uphill battle for cloud security
AppSec teams are stuck in a catch-up cycle, unable to keep up with the increasingly rapid, agile dev pace, and playing security defense via an endless and unproductive …
Europe: The DDoS battlefield
DDoS attacks appear to reflect major geo-political challenges and social tensions and have become an increasingly significant part in the hybrid warfare arsenal, according to …
Cisco fixes critical flaws in Small Business Series Switches
Nine vulnerabilities – 4 of them critical – have been found in a variety of Cisco Small Business Series Switches. PoC exploit code is available (but not public), …
Enhancing open source security: Insights from the OpenSSF on addressing key challenges
In this Help Net Security interview, we meet a prominent industry leader. Brian Behlendorf, CTO at the Open Source Security Foundation (OpenSSF), shares insights on the …
Organizations’ cyber resilience efforts fail to keep up with evolving threats
A steady increase in cyberattacks and evolving threat landscape are resulting in more organizations turning their attention to building long-term cyber resilience; however, …
Identity crimes: Too many victims, limited resources
The Identity Theft Resource Center (ITRC) has documented incidents of identity theft reported during 2022 and the first quarter of 2023, highlighting the use of strategies by …