Longer passwords aren’t safe from intensive cracking efforts
88% of organizations still use passwords as their primary method of authentication, according to Specops Software. The report found that 31.1 million breached passwords had …
New infosec products of the week: January 26, 2024
Here’s a look at the most interesting products from the past week, featuring releases from 1Kosmos, Atakama, Onfido, Regula, Searchlight Cyber, Seceon, and Veriti. Onfido …
Emerging trends and strategies in digital forensics
In this Help Net Security interview, Amber Schroader, CEO at Paraben Corporation, discusses the challenges posed by the complexity of modern computer systems and networks on …
Essential questions for developing effective human rights policies
Growing environmental, social, and governance (ESG) expectations and expanding global regulation are propelling organizations to consider implementing a stand-alone human …
Budget cuts loom for data privacy initiatives
The past year saw developments and updates to privacy regulations across the globe—from India’s Personal Data Protection Bill to Brazil’s General Data Protection Law, …
Russian hackers breached Microsoft, HPE corporate maliboxes
Cozy Bear (aka Midnight Blizzard, aka APT29) has been busy hacking and spying on big tech companies: both Microsoft and Hewlett Packard Enterprise (HPE) have recently …
Blackwood APT delivers malware by hijacking legitimate software update requests
ESET researchers have discovered NSPX30, a sophisticated implant used by a new China-aligned APT group, which they dubbed Blackwood. Blackwood has carried out cyberespionage …
AI expected to increase volume, impact of cyberattacks
All types of cyber threat actor are already using artificial intelligence (AI) to varying degrees, UK National Cyber Security Centre’s analysts say, and predict that AI …
Fighting insider threats is tricky but essential work
Business executives are worried about accidental internal staff error (71%) almost as much as they are worried about external threats (75%). But which of the two is a bigger …
Automated Emulation: Open-source breach and attack simulation lab
Automated Emulation is an open-source Terraform template designed to create a customizable, automated breach and attack simulation lab. The solution automatically constructs …
CISOs’ role in identifying tech components and managing supply chains
In this Help Net Security interview, Nate Warfield, Director of Threat Research and Intelligence at Eclypsium, outlines the crucial tasks for CISOs in protecting supply chains …
45% of critical CVEs left unpatched in 2023
Global attack attempts more than doubled in 2023, increasing 104%, according to Armis. Blind spots and critical vulnerabilities are worsening, with 45% of critical CVEs …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?