Vulnerabilities impacting multiple QNAP operating systems (CVE-2022-27597, CVE-2022-27598)
Two vulnerabilities affecting various QNAP operating systems (CVE-2022-27597 and CVE-2022-27598) have been uncovered by Sternum. These vulnerabilities enable authenticated …
Streamlining cybersecurity decision-making for analysts and CISOs
Using structured, machine-readable data in defensive systems can present a significant challenge. In this Help Net Security interview, Giorgos Georgopoulos, CEO at Elemendar, …
Shadow data slipping past security teams
The rapid pace of cloud transformation and democratization of data has created a new innovation attack surface, leading to 3 in 4 organizations experiencing a cloud data …
Lack of security employees makes SMBs sitting ducks for cyber attacks
For SMBs (and startups in particular), breaches can be devastating, according to DigitalOcean. To strengthen their cybersecurity posture, companies must spend valuable …
3CX supply chain attack: What do we know?
Five days have passed since the supply chain attack targeting 3CX customers gained wider public attention, but the software’s manufacturer is yet to confirm how the …
Western Digital network security incident and service outage
US-based data storage company Western Digital has announced that it has suffered a network security incident that resulted in an unauthorized third party gaining access to a …
Passbolt: Open-source password manager for security-conscious organizations
In this Help Net Security interview, Kevin Muller, CEO at Passbolt, delves into the critical concerns linked to password usage, outlines how the Passbolt password manager …
Rookout’s Snapshots: The fourth pillar of observability for more secure applications
Liran Haimovitch, CTO and co-founder of Rookout, with his extensive background in cybersecurity within the Israeli government, has a unique perspective on the importance of …
Millions still exposed despite available fixes
Although KEV catalog vulnerabilities are frequent targets of APT Groups, a large and exploitable attack surface remains due to software vendors’ lack of awareness and …
Managing the risks of unstructured data growth
Locating and identifying sensitive data, including defense-in-depth strategies where a series of mechanisms are layered to protect valuable information, should be a critical …
Infosec products of the month: March 2023
Here’s a look at the most interesting products from the past month, featuring releases from: 1Password, Appdome, Atakama, BreachLock, Elevate Security, Fastly, Forescout, …
Week in review: 3CX supply chain attack, ChatGPT data leak
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Visa fraud expert outlines the many faces of payment ecosystem fraud In this …
Don't miss
- This is the year CISOs unlock AI’s full potential
- How AI and ML are transforming digital banking security
- UK domain registry Nominet breached via Ivanti zero-day
- Attackers are encrypting AWS S3 data without using ransomware
- EU law enforcement training agency data breach: Data of 97,000 individuals compromised