The high cost of insecure authentication methods
Insecure authentication is a primary cause of cyber breaches, and that cumbersome login methods take an unacceptable toll on employees and business productivity, according to …
Re-evaluating immature and ineffective insider risk management programs
Managing insider risk is becoming increasingly difficult. In fact, insider risk is emerging as one of the most challenging threats to detect, mitigate and manage, according to …
Prevent and detect Adobe ColdFusion exploitation (CVE-2023-26360, CVE-2023-26359)
When Adobe released security updates for its ColdFusion application development platform last month, it noted that one of the vulnerabilities (CVE-2023-26360) had been …
DoJ cracks down on cryptocurrency fraud, seizes $112 million in linked funds
The Department of Justice (DoJ) declared the confiscation of digital currency valued at approximately $112 million connected to fraudulent cryptocurrency investments. …
Vulnerabilities impacting multiple QNAP operating systems (CVE-2022-27597, CVE-2022-27598)
Two vulnerabilities affecting various QNAP operating systems (CVE-2022-27597 and CVE-2022-27598) have been uncovered by Sternum. These vulnerabilities enable authenticated …
Streamlining cybersecurity decision-making for analysts and CISOs
Using structured, machine-readable data in defensive systems can present a significant challenge. In this Help Net Security interview, Giorgos Georgopoulos, CEO at Elemendar, …
Shadow data slipping past security teams
The rapid pace of cloud transformation and democratization of data has created a new innovation attack surface, leading to 3 in 4 organizations experiencing a cloud data …
Lack of security employees makes SMBs sitting ducks for cyber attacks
For SMBs (and startups in particular), breaches can be devastating, according to DigitalOcean. To strengthen their cybersecurity posture, companies must spend valuable …
3CX supply chain attack: What do we know?
Five days have passed since the supply chain attack targeting 3CX customers gained wider public attention, but the software’s manufacturer is yet to confirm how the …
Western Digital network security incident and service outage
US-based data storage company Western Digital has announced that it has suffered a network security incident that resulted in an unauthorized third party gaining access to a …
Passbolt: Open-source password manager for security-conscious organizations
In this Help Net Security interview, Kevin Muller, CEO at Passbolt, delves into the critical concerns linked to password usage, outlines how the Passbolt password manager …
Rookout’s Snapshots: The fourth pillar of observability for more secure applications
Liran Haimovitch, CTO and co-founder of Rookout, with his extensive background in cybersecurity within the Israeli government, has a unique perspective on the importance of …