Apple fixes exploited zero-day in all of its OSes (CVE-2023-38606)
Apple has patched an exploited zero-day kernel vulnerability (CVE-2023-38606) in iOS, iPadOS, macOS, watchOS and tvOS. CVE-2023-38606 fix has been backported In early July, …
Inspiring secure coding: Strategies to encourage developers’ continuous improvement
In software development, the importance of secure coding practices cannot be overstated. Fostering a security culture within development teams has become crucial to ensure the …
Companies are rushing into generative AI without a cohesive, secure strategy
Despite mass adoption of generative AI, most companies don’t have a coordinated strategy for deploying it or know how to assess its security—exposing them to risks and …
RaaS proliferation: 14 new ransomware groups target organizations worldwide
In the Q2 2023, GuidePoint Research and Intelligence Team (GRIT) tracked 1,177 total publicly posted ransomware victims claimed by 41 different threat groups. The most …
Has the MOVEit hack paid off for Cl0p?
The number of known Cl0p victims resulting from its Memorial Day attack on vulnerable internet-facing MOVEit Transfer installations has surpassed 420, according to IT market …
US companies commit to safe, transparent AI development
Seven US artificial intelligence (AI) giants – Amazon, Anthropic, Google, Inflection, Meta, Microsoft, and OpenAI – have publicly committed to “help move …
Average cost of a data breach reaches $4.45 million in 2023
IBM released its annual Cost of a Data Breach Report, showing the global average cost of a data breach reached $4.45 million in 2023 – an all-time high for the report and a …
Bridging the cybersecurity skills gap through cyber range training
In this Help Net Security interview, Debbie Gordon, CEO of Cloud Range explains the concept of a cyber range, its crucial role in preparing for real-world cyber threats, and …
Consumers demand more from businesses when it comes to security
Fraudsters are opportunistic criminals and 2022 and the first few months of this year brought opportunities like never before, according to Experian. This volatility …
Week in review: VirusTotal data leak, Citrix NetScaler zero-day exploitation
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Citrix ADC zero-day exploitatation: CISA releases details about attack on CI …
North Korean hackers targeted tech companies through JumpCloud and GitHub
North Korean state-sponsored hackers have been linked to two recent cyberattack campaigns: one involving a spear-phishing attack on JumpCloud and the other targeting tech …
Citrix ADC zero-day exploitation: CISA releases details about attack on CI organization (CVE-2023-3519)
The exploitation of the Citrix NetScaler ADC zero-day vulnerability (CVE-2023-3519) was first spotted by a critical infrastructure organization, who reported it to the …
Featured news
Resources
Don't miss
- Why we must go beyond tooling and CVEs to illuminate security blind spots
- Making security and development co-owners of DevSecOps
- Review: Passwork 7.0, self-hosted password manager for business
- What a mature OT security program looks like in practice
- Machine unlearning gets a practical privacy upgrade