Keeping up with the demands of the cyber insurance market
Cyber insurance has been around longer than most of us think. When American International Group (AIG) launched the first cyber insurance policy in 1997, it stepped into …
Unmasking the limitations of yearly penetration tests
In this Help Net Security interview, Charles d’Hondt, Head of Operations, Ambionics Security, talks about the necessity of implementing continuous penetration testing …
Yeti: Open, distributed, threat intelligence repository
Yeti serves as a unified platform to consolidate observables, indicators of compromise, TTPs, and threat-related knowledge. It enhances observables automatically, such as …
As biohacking evolves, how vulnerable are we to cyber threats?
Can our bodies be hacked? The answer may be yes, in that anyone can implant a chip under the skin and these devices do not usually use secure technologies, according to …
Cybersecurity should be a business priority for CEOs
74% of CEOs are concerned about their organizations’ ability to avert or minimize damage to the business from a cyberattack – even though 96% of CEOs said that …
Critical Atlassian Confluence vulnerability exploited by state-backed threat actor
A critical flaw in Atlassian Confluence Data Center and Server (CVE-2023-22515) has been exploited by a state-backed threat actor, Microsoft’s threat analysts have …
Curl project squashes high-severity bug in omnipresent libcurl library (CVE-2023-38545)
Curl v8.4.0 is out, and fixes – among other things – a high-severity SOCKS5 heap buffer overflow vulnerability (CVE-2023-38545). Appropriate patches for some older …
15 free Microsoft 365 security training modules worth your time
Microsoft 365 is a cloud-based productivity suite. Beyond just tools like Word and Excel, it integrates productivity applications with cloud functionalities, device …
Endpoint malware attacks decline as campaigns spread wider
In Q2 2023, 95% of malware now arrives over encrypted connections, endpoint malware volumes are decreasing despite campaigns growing more widespread, ransomware detections are …
Cloud security and functionality: Don’t settle for just one
Cloud security is important to you, but that doesn’t mean you’re willing to trade security for functionality. You need security to work for you. Whatever cloud security …
Microsoft fixes exploited WordPad, Skype for Business zero-days (CVE-2023-36563, CVE-2023-41763)
On this October 2023 Patch Tuesday, Microsoft has released 103 patches and has fixed three actively exploited vulnerabilities (CVE-2023-36563, CVE-2023-41763, CVE-2023-44487). …
Dangerous vulnerability can be exploited to carry out massive DDoS attacks (CVE-2023-44487)
Cloudflare, Google, and Amazon AWS revealed that a zero-day vulnerability in the HTTP/2 protocol has been used to mount massive, high-volume DDoS attacks, which they dubbed …
Featured news
Resources
Don't miss
- Design weaknesses in major password managers enable vault attacks, researchers say
- ISC2 webinar: Power up your exam prep!
- OT teams are losing the time advantage against industrial threat actors
- Firmware-level Android backdoor found on tablets from multiple manufacturers
- Your encrypted data is already being stolen