The root cause of open-source risk
2023 saw twice as many software supply chain attacks as 2019-2022 combined. Sonatype logged 245,032 malicious packages in 2023. One in eight open-source downloads today poses …
Backdoored Android phones, TVs used for ad fraud – and worse!
A key monetization mechanism of a sophisticated series of cybercriminal operations involving backdoored off-brand mobile and CTV Android devices has been disrupted, Human …
Qualcomm patches 3 actively exploited zero-days
Qualcomm has fixed three actively exploited vulnerabilities (CVE-2023-33106, CVE-2023-33107, CVE-2023-33063) in its Adreno GPU and Compute DSP drivers. Vulnerabilities …
Google unveils stricter anti-spam rules for bulk email senders
To keep Gmail users’ inboxes “safer and more spam-free”, Google is introducing new requirements for bulk senders (of commercial email). “Last year we …
Amazon: AWS root accounts must have MFA enabled
Amazon wants to make it more difficult for attackers to compromise Amazon Web Services (AWS) root accounts, by requiring those account holders to enable multi-factor …
Making privacy sustainable: Incorporating privacy into the ESG agenda
Data breaches have been rising in frequency and magnitude over the last two decades. In fact, the Identity Theft Resource Centre (ITRC) found that between 2005 and 2020, data …
Tackling cyber risks head-on using security questionnaires
In this Help Net Security interview, Gaspard de Lacroix-Vaubois, CEO at Skypher, talks about the implementation of security questionnaires and how they facilitate assessments …
Cybersecurity preparedness pays big dividends for businesses
Businesses are taking cybersecurity more seriously by boosting resources and preparedness, according to GetApp. US businesses on the whole are gaining ground against …
Factors leading to organizations losing control over IT and security environments
Companies are challenged with the growing need to connect everything in their business while maintaining control over their security, productivity, and competitive growth, …
Photos: Cybertech Europe 2023
The Cybertech Europe conference and exhibition takes place at La Nuvola Convention Center in Rome, and features the latest innovative solutions from dozens of companies and …
Zero-day in Arm GPU drivers exploited in targeted attacks (CVE-2023-4211)
A vulnerability (CVE-2023-4211) in the kernel drivers for several Mali GPUs “may be under limited, targeted exploitation,” British semiconductor manufacturer Arm …
Evolving conversations: Cybersecurity as a business risk
Board members often lack technical expertise and may not fully grasp cyber risks. On the other hand, CISOs are more accustomed to interfacing with IT staff. This is …