Easily exploitable flaw in Oracle Opera could spell trouble for hotel chains (CVE-2023-21932)
A recently patched vulnerability (CVE-2023-21932) in Oracle Opera, a property management system widely used in large hotel and resort chains, is more critical than Oracle says …
Infostealer with hVNC capability pushed via Google Ads
There has been a noted increase in malvertising via Google Ads this year, aimed at tricking users into downloading malware; among these malicious payloads is LOBSHOT, an …
Apple starts delivering smaller security updates
The security updating of iPhones, iPads and Macs has entered a new stage: Apple has, for the first time, released a Rapid Security Response to owners of the devices running …
Fake ChatGPT desktop client steals Chrome login data
Researchers are warning about an infostealer mimicking a ChatGPT Windows desktop client that’s capable of copying saved credentials from the Google Chrome login data …
Why the manufacturing sector needs stronger cyber defenses
In this Help Net Security interview, Filipe Beato, Lead, Centre for Cybersecurity, World Economic Forum, shares his expertise on the correlation between the digitization of …
The costly threat that many businesses fail to address
Insider attacks such as fraud, sabotage, and data theft plague 71% of U.S. businesses, according to Capterra. These schemes can cost companies hundreds of thousands of dollars …
Data-driven insights help prevent decisions based on fear
Organizations have strengthened security measures and become more resilient, but threat actors are still finding ways through, according to BakerHostetler. “We launched the …
Cybercriminals use proxies to legitimize fraudulent requests
Bot attacks were previously seen as relatively inconsequential type of online fraud, and that mentality has persisted even as threat actors have gained the ability to cause …
Using multiple solutions adds complexity to your zero trust strategy
Companies’ operating models today are significantly more complex than they were just a couple of years ago, according to BeyondTrust. Remote employees accessing key systems …
Infosec products of the month: April 2023
Here’s a look at the most interesting products from the past month, featuring releases from: Abnormal Security, Arista Networks, Armorblox, BigID, Binarly, Cofense, Cyera, …
Week in review: PaperCut vulnerabilities, VMware fixes critical flaws, RSA Conference 2023
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: RSA Conference 2023 RSA Conference 2023 took place at the Moscone Center in …
EU moves to regulate tech titans with Digital Services Act
The Commission adopted the first designation decisions under the Digital Services Act (DSA), designating 17 Very Large Online Platforms (VLOPs) and 2 Very Large Online Search …