MikroTik vulnerability could be used to hijack 900,000 routers (CVE-2023-30799)
A privilege escalation vulnerability (CVE-2023-30799) could allow attackers to commandeer up to 900,000 MikroTik routers, says VulnCheck researcher Jacob Baines. While …
Enterprises should layer-up security to avoid legal repercussions
The role of CISO these days requires a strong moral compass: You have to be the one speaking up for the protection of customer data and be ready to handle uncomfortable …
Overcoming the cybersecurity talent shortage with upskilling initiatives
In this Help Net Security interview, Dr. Lindsey Polley de Lopez, Director of Cyber & Space Intelligence at MACH37, proposes strategies for companies, educational …
Product showcase: Stellar Toolkit for Exchange – Restore Exchange Database
Time is of the essence when it comes to recovery after Exchange Server failure or database corruption, as organizations depend on emails for their day-to-day business …
Zero trust rated as highly effective by businesses worldwide
Zero trust is here to stay, with 82% of experts currently working on implementing zero trust, and 16% planning to begin within 18 months, according to Beyond Identity. Over …
Companies encounter months-long delays in filling critical security positions
A lack of executive understanding and an ever-widening talent gap that is placing an unsustainable burden on security teams to prevent business-ending breaches, according to …
Ivanti zero-day exploited to target Norwegian government (CVE-2023-35078)
A zero-day vulnerability (CVE-2023-35078) affecting Ivanti Endpoint Manager Mobile (EPMM) has been exploited to carry out an attack that affected 12 Norwegian ministries, the …
Apple fixes exploited zero-day in all of its OSes (CVE-2023-38606)
Apple has patched an exploited zero-day kernel vulnerability (CVE-2023-38606) in iOS, iPadOS, macOS, watchOS and tvOS. CVE-2023-38606 fix has been backported In early July, …
Inspiring secure coding: Strategies to encourage developers’ continuous improvement
In software development, the importance of secure coding practices cannot be overstated. Fostering a security culture within development teams has become crucial to ensure the …
Companies are rushing into generative AI without a cohesive, secure strategy
Despite mass adoption of generative AI, most companies don’t have a coordinated strategy for deploying it or know how to assess its security—exposing them to risks and …
RaaS proliferation: 14 new ransomware groups target organizations worldwide
In the Q2 2023, GuidePoint Research and Intelligence Team (GRIT) tracked 1,177 total publicly posted ransomware victims claimed by 41 different threat groups. The most …
Has the MOVEit hack paid off for Cl0p?
The number of known Cl0p victims resulting from its Memorial Day attack on vulnerable internet-facing MOVEit Transfer installations has surpassed 420, according to IT market …
Featured news
Sponsored
Don't miss
- Black Friday shoppers targeted with thousands of fraudulent online stores
- RomCom hackers chained Firefox and Windows zero-days to deliver backdoor
- How to recognize employment fraud before it becomes a security issue
- Practical strategies to build an inclusive culture in cybersecurity
- Domain security posture of Forbes Global 2000 companies