AWS security essentials for managing compliance, data protection, and threat detection
AWS offers a comprehensive suite of security tools to help organizations manage compliance, protect sensitive data, and detect threats within their environments. From AWS …
Consumer privacy risks of data aggregation: What should organizations do?
In September 2024, the Federal Trade Commission (FTC) released an eye-opening report that digs into the data habits of nine major tech giants, including Amazon (Twitch), …
All Google Cloud users will have to enable MFA by 2025
Google has announced that, by the end of 2025, multi-factor authentication (MFA) – aka 2-step verification – will become mandatory for all Google Cloud accounts. …
GoZone ransomware accuses and threatens victims
A new ransomware dubbed GoZone is being leveraged by attackers that don’t seem to be very greedy: they are asking the victims to pay just $1,000 in Bitcoin if they want …
The cybersecurity gender gap: How diverse teams improve threat response
In this Help Net Security interview, Julie Madhusoodanan, Head of Cybersecurity – Identity, Posture Management and Security Infrastructure at LinkedIn, discusses how …
Osmedeus: Open-source workflow engine for offensive security
Osmedeus is an open-source workflow engine designed for offensive security. It serves as a versatile foundation, enabling users to easily create customized reconnaissance …
Identity-related data breaches cost more than average incidents
Identity-related data breaches are more severe and costly than run-of-the-mill incidents, according to RSA. 40% of respondents reported an identity-related security breach. Of …
Beware of phishing emails delivering backdoored Linux VMs!
Unknown attackers are trying to trick Windows users into spinning up a custom Linux virtual machine (VM) with a pre-configured backdoor, Securonix researchers have discovered. …
Google patches actively exploited Android vulnerability (CVE-2024-43093)
Google has delivered fixes for two vulnerabilities endangering Android users that “may be under limited, targeted exploitation”: CVE-2024-43047, a flaw affecting …
Report: Voice of Practitioners 2024 – The True State of Secrets Security
In this study, GitGuardian and CyberArk reveal the stark reality of secrets management across 1,000 organizations. With 79% experiencing secrets leaks and an average …
Open-source software: A first attempt at organization after CRA
The open-source software (OSS) industry is developing the core software for the global infrastructure, to the point that even some proprietary software giants adopt Linux …
Maximizing security visibility on a budget
In this Help Net Security interview, Barry Mainz, CEO at Forescout, discusses the obstacles organizations encounter in attaining security visibility, particularly within cloud …
Featured news
Resources
Don't miss
- Researchers release tool to detect stealthy BPFDoor implants in critical infrastructure networks
- AI SOC vendors are selling a future that production deployments haven’t reached yet
- A nearly undetectable LLM attack needs only a handful of poisoned samples
- Your facilities run on fragile supply chains and nobody wants to admit it
- LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks