With DORA approaching, financial institutions must strengthen their cyber resilience
The clock is ticking for financial institutions across the EU as the January 17, 2025, deadline for the Digital Operational Resilience Act (DORA) approaches. This regulation …
How companies can address bias and privacy challenges in AI models
In this Help Net Security interview, Emre Kazim, Co-CEO of Holistic AI, discusses the need for companies to integrate responsible AI practices into their business strategies …
Trapster Community: Open-source, low-interaction honeypot
Trapster Community is an open-source, lightweight, low-interaction honeypot designed for deployment within internal networks. It enhances network security by creating a …
Overlooking platform security weakens long-term cybersecurity posture
Platform security – securing the hardware and firmware of PCs, laptops and printers – is often overlooked, weakening cybersecurity posture for years to come, according to HP. …
Week in review: Microsoft fixes exploited 0-day, top cybersecurity books for your holiday gift list
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes exploited zero-day (CVE-2024-49138) On December 2024 Patch …
FuzzyAI: Open-source tool for automated LLM fuzzing
FuzzyAI is an open-source framework that helps organizations identify and address AI model vulnerabilities in cloud-hosted and in-house AI models, like guardrail bypassing and …
Tackling software vulnerabilities with smarter developer strategies
In this Help Net Security interview, Karl Mattson, CISO at Endor Labs, discusses strategies for enhancing secure software development. Mattson covers how developers can …
CISOs need to consider the personal risks associated with their role
70% of cybersecurity leaders felt that stories of CISOs being held personally liable for cybersecurity incidents have negatively affected their opinion of the role, according …
New infosec products of the week: December 13, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Cato Networks, Horizon3.ai, SecureAuth, Stamus Networks, Trellix, and Versa …
Cleo patches zero-day exploited by ransomware gang
Cleo has released a security patch to address the critical vulnerability that started getting exploited while still a zero-day to breach internet-facing Cleo Harmony, …
Krispy Kreme cybersecurity incident disrupts online ordering
Popular US doughnut chain Krispy Kreme has been having trouble with its online ordering system as well as digital payments at their brick-and-mortar shops since late November, …
27 DDoS-for hire platforms seized by law enforcement
As part of an ongoing international crackdown known as Operation PowerOFF, international law enforcement has seized over two dozen platforms used to carry out Distributed …
Featured news
Resources
Don't miss
- Criminals create business website to sell RAT disguised as RMM tool
- Ex-Google engineers charged with orchestrating high-tech secrets extraction
- Google cleans house, bans 80,000 developer accounts from the Play Store
- The CISO view of fraud risk across the retail payment ecosystem
- Applying green energy tax policies to improve cybersecurity