75% of education sector attacks linked to compromised accounts
69% of organizations in the education sector suffered a cyberattack within the last 12 months, according to Netwrix. Phishing and account compromise threaten the education …
Unimplemented controls could derail your ESG compliance efforts
Two-thirds of organizations have not implemented environmental, social and governance (ESG) controls, and 60% do not currently perform internal ESG audits, according to a …
How Chinese hackers got their hands on Microsoft’s token signing key
The mystery of how Chinese hackers managed to steal a crucial signing key that allowed them to breach Microsoft 365’s email service and access accounts of employees of 25 …
MacOS malware has a new trick up its sleeve
A newer version of the Atomic Stealer macOS malware has a new trick that allows it to bypass the operating system’s Gatekeeper, Malwarebytes researchers have discovered. …
LibreOffice: Stability, security, and continued development
LibreOffice, the most widely used open-source office productivity suite, has plenty to recommend it: it’s feature-rich, user-friendly, well-documented, reliable, has an …
3 ways to strike the right balance with generative AI
To find the sweet spot where innovation doesn’t mean sacrificing your security posture, organizations should consider the following three best practices when leveraging AI. …
Shifting left and right, innovating product security
In this Help Net Security interview, Slava Bronfman, CEO at Cybellum, discusses approaches for achieving product security throughout a device’s entire lifecycle, …
Cybersecurity pros battle discontent amid skills shortage
The cybersecurity skills crisis continues in a multi-year freefall that has impacted 71% of organizations and left two-thirds of cybersecurity professionals stating that the …
Baseline standards for BYOD access requirements
49% of enterprises across Europe currently have no formal Bring-Your-Own-Device (BYOD) policy in place, meaning they have no visibility into or control over if and how …
Old vulnerabilities are still a big problem
A recently flagged phishing campaign aimed at delivering the Agent Tesla RAT to unsuspecting users takes advantage of old vulnerabilities in Microsoft Office that allow remote …
Cybercriminals target MS SQL servers to deliver ransomware
A cyberattack campaign is targeting exposed Microsoft SQL (MS SQL) databases, aiming to deliver ransomware and Cobalt Strike payloads. The attack campaign The attackers target …
MITRE Caldera for OT now available as extension to open-source platform
MITRE Caldera for OT is now publicly available as an extension to the open-source Caldera platform, allowing security teams to run automated adversary emulation exercises that …
Featured news
Resources
Don't miss
- Job-seeking devs targeted with fake CrowdStrike offer via email
- January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance
- The SBI fake banking app shows that SMS authentication has had its day
- Preventing the next ransomware attack with help from AI
- Banshee Stealer variant targets Russian-speaking macOS users