OT security: Helping under-resourced critical infrastructure organizations
In this Help Net Security interview, Dawn Cappelli, Director of OT-CERT at the industrial cybersecurity company Dragos, talks about the OT security risks critical …
Clearview fine: The unacceptable face of modern surveillance
The UK’s Information Commissioner’s Office (ICO) has issued its third largest ever fine of £7.5m. It was imposed on Clearview AI, the controversial facial recognition company …
Cybercriminals use Azure Front Door in phishing attacks
Resecurity, Inc. (USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. The identified resources in …
48% of security practitioners seeing 3x increase in alerts per day
Panther Labs surveyed 400 active security practitioners, primarily, security analysts and security engineers, to reflect the “boots on the ground” perspective for security …
Week in review: Log4Shell exploitation, DevSecOps myths, 56 vulnerabilities impacting OT devices
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: QNAP NAS devices hit by DeadBolt and ech0raix ransomware Taiwan-based QNAP …
Attackers still exploit Log4Shell on VMware Horizon servers, CISA warns
If your organization is running VMware Horizon and Unified Access Gateway servers and you haven’t implemented the patches or workarounds to fix/mitigate the Log4Shell …
New infosec products of the week: June 24, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Arcserve, Cavelo, ComplyCube, CompoSecure, and Hillstone Networks. Arcserve N Series …
How companies are prioritizing infosec and compliance
New research conducted by Enterprise Management Associates (EMA), examines the impact of the compliance budget on security strategy and priorities. It describes areas for …
Risky behavior reduced when executives put focus on identity security
Managing identities accessing enterprise resources has become significantly more complicated over the last several years. Between the increasing number of identities, the …
Despite known security issues, VPN usage continues to thrive
VPN usage is still prevalent among 90% of security teams who have highlighted cost, time, and difficulty as reasons to not move forward with ZTNA adoption, according to a new …
Conti effectively created an extortion-oriented IT company, says Group-IB
In slightly more than a month, the Conti ransomware collective compromised more than 40 companies worldwide, and the fastest attack took only three days, Group-IB’s noted in …
Automotive hose manufacturer hit by ransomware, shuts down production control system
A US subsidiary of Nichirin Co., a Japan-based company manufacturing and selling automotive hoses and hose parts, has been hit with ransomware, which resulted in the shut down …
Featured news
Resources
Don't miss
- Balancing usability and security in the fight against identity-based attacks
- MSSqlPwner: Open-source tool for pentesting MSSQL servers
- Critical SimpleHelp vulnerabilities fixed, update your server instances!
- Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them?
- New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344)