Migrating to the cloud: An overview of process and strategy
Over the next few years, the number of organizations navigating to the cloud to advance their business goals is expected to grow exponentially. According to Gartner, more than …
Week in review: Windows Event Log zero-day, exploited critical Jenkins RCE flaw
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Prioritizing cybercrime intelligence for effective decision-making in …
New infosec products of the week: February 2, 2024
Here’s a look at the most interesting products from the past week, featuring releases from BackBox, ProcessUnity, SentinelOne, and Vade. ProcessUnity unveils all-in-one …
NIS2 Directive raises stakes for security leaders
In this Help Net Security interview, Roland Palmer, VP Global Operations Center at Sumo Logic, discusses key challenges and innovations of the NIS2 Directive, aiming to …
DDoS attack power skyrockets to 1.6 Tbps
DDoS attack trends for the second half of 2023 reveal alarming developments in their scale and sophistication, according to Gcore. The maximum attack power rose from 800 Gbps …
Crowdsourced security is not just for tech companies anymore
There is a misconception that only software and technology companies leverage crowdsourced security. However, data contradicts this belief. Companies across various sectors …
EU adopts first cybersecurity certification scheme for safer tech
The European Commission adopted the implementing regulation concerning the EU cybersecurity certification scheme on Common Criteria (EUCC). The outcome aligns with the …
Malicious logins from suspicious infrastructure fuel identity-based incidents
69% of identity-based incidents involved malicious logins from suspicious infrastructure, which are hosting providers or proxies that aren’t expected for a user or …
FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities
The FritzFrog cryptomining botnet has new potential for growth: a recently analyzed variant of the bot is exploiting the Log4Shell (CVE-2021-44228) and PwnKit (CVE-2021-4034) …
FBI disrupts Chinese botnet used for targeting US critical infrastructure
The FBI has disrupted the KV botnet, used by People’s Republic of China (PRC) state-sponsored hackers (aka “Volt Typhoon”) to target US-based critical …
Threat actor used Vimeo, Ars Technica to serve second-stage malware
A financially motivated threat actor tracked as UNC4990 is using booby-trapped USB storage devices and malicious payloads hosted on popular websites such as Ars Technica, …
Zero trust implementation: Plan, then execute, one step at a time
82% of cybersecurity professionals have been working on implementing zero trust last year, and 16% should be on it by the end of this year. The challenges of zero trust …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?