Cybercriminals masquerading as MFA vendors
Cybercriminals are increasingly posing as multi-factor authentication vendors and small businesses are becoming more popular targets, according to VIPRE. Attachment-based …
Fresh perspectives needed to manage growing vulnerabilities
In its inaugural 2023 Offensive Security Vision Report, NetSPI unveils findings that highlight vulnerability trends across applications, cloud, and networks. Vulnerability …
Five Eyes agencies detail how Chinese hackers breached US infrastructure
The National Security Agency (NSA) and Five Eyes partner agencies have identified indicators of compromise associated with a People’s Republic of China (PRC) state-sponsored …
Phishing campaign targets ChatGPT users
A clever phishing campaign aimed at stealing users’ business email account credentials by impersonating OpenAI, the company behind the ChatGPT chatbot, has been spotted …
Barracuda email security appliances hacked via zero-day vulnerability (CVE-2023-2868)
A vulnerability (CVE-2023-2868) in Barracuda Networks’ Email Security Gateway (ESG) appliances has been exploited by attackers, the company has warned. About …
Realistic simulations are transforming cybersecurity training
To achieve a diverse and well-trained cybersecurity workforce, organizations recognize the value of a quality training program supported by the pursuit of cybersecurity …
12 vulnerabilities newly associated with ransomware
In March 2023, the total number of breaches reported was higher than those reported in the previous three years combined, according to Ivanti. Ransomware groups are …
Microsoft, GitHub announce application security testing tools for Azure DevOps
GitHub has announced that its application security testing tools are now more widely available for subscribers of Microsoft’s Azure DevOps Services. Enabling GitHub …
IT employee piggybacked on cyberattack for personal gain
A 28-year-old former IT employee of an Oxford-based company has been convicted of blackmailing his employer and unauthorized access to a computer with intent to commit other …
Legitimate Android app transforms into data-snooping malware
ESET researchers have discovered a trojanized Android app named iRecorder – Screen Recorder. It was available on Google Play as a legitimate app in September 2021, with …
Navigating the quantum leap in cybersecurity
In this Help Net Security interview, we sit down with Dr. Atsushi Yamada, the newly appointed CEO of ISARA, a security solutions company specializing in creating quantum-safe …
6 ChatGPT risks for legal and compliance leaders
Legal and compliance leaders should address their organization’s exposure to six specific ChatGPT risks, and what guardrails to establish to ensure responsible enterprise use …
Featured news
Resources
Don't miss
- Fake Claude Code install pages highlight rise of “InstallFix” attacks
- Decoding silence: How deaf and hard-of-hearing pros are breaking into cybersecurity
- Turning expertise into opportunity for women in cybersecurity
- Open-source tool Sage puts a security layer between AI agents and the OS
- Iran-linked APT targets US critical sectors with new backdoors