Stolen, locked payment cards can be used with digital wallet apps
Fraudsters can add stolen payment cards to digital wallet apps and continue making online purchases even after victims report the card stolen and the bank replaces it, …
Mandatory MFA for Azure sign-ins is coming
Microsoft is making multi-factor authentication (MFA) – “one of the most effective security measures available” – mandatory for all Azure sign-ins. …
To improve your cybersecurity posture, focus on the data
Effectively converging, managing and using enterprise data is a huge undertaking. Enterprises have vast hoards of data, but those hoards exist within siloed systems and …
x64dbg: Open-source binary debugger for Windows
x64dbg is an open-source binary debugger for Windows, designed for malware analysis and reverse engineering of executables without access to the source code. It offers a wide …
Protecting academic assets: How higher education can enhance cybersecurity
Cyber attacks against higher education institutions increased by 70% in 2023. This is largely due to legacy endpoint security management and practices, limited IT support …
Common API security issues: From exposed secrets to unauthorized access
Despite their role in connecting applications and driving innovation, APIs often suffer from serious security vulnerabilities. Recent investigations reveal that many …
Week in review: MS Office flaw may leak NTLM hashes, malicious Chrome, Edge browser extensions
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200) A …
Tech support scammers impersonate Google via malicious search ads
Google Search ads that target users looking for Google’s own services lead them to spoofed sites and Microsoft and Apple tech support scams. The fake Google Search ads …
Observations from Black Hat USA 2024, BSidesLV, and DEF CON 32
I recently spent six days in Las Vegas attending DEF CON, BsidesLV, and Black Hat USA 2024, where I had the opportunity to engage with and learn from some of the top security …
Business and tech consolidation opens doors for cybercriminals
Cyber threats continued to intensify in the first half of 2024 as cybercriminals exploited security gaps from growing business and technological consolidation, according to …
Authentik: Open-source identity provider
Authentik is an open-source identity provider designed for maximum flexibility and adaptability. It easily integrates into existing environments and supports new protocols. …
How NoCode and LowCode free up resources for cybersecurity
In this Help Net Security video, Frederic Najman, Executive Member of the SFPN (French Union of NoCode Professionals), discusses how NoCode and LowCode technologies enable …