How CIOs, CTOs, and CISOs view cyber risks differently
C-suite executives face a unique challenge: aligning their priorities between driving technological innovation and ensuring business resilience while managing ever-evolving …
35% of exposed API keys still active, posing major security risks
Nightfall AI’s research revealed that secrets like passwords and API keys were most often found in GitHub, with nearly 350 total secrets exposed per 100 employees every …
Chrome, Edge users beset by malicious extensions that can’t be easily removed
A widespread campaign featuring a malicious installer that saddles users with difficult-to-remove malicious Chrome and Edge browser extensions has been spotted by researchers. …
Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200)
A new MS Office zero-day vulnerability (CVE-2024-38200) can be exploited by attackers to grab users’ NTLM hashes, Microsoft has shared late last week. The vulnerability …
Scout Suite: Open-source cloud security auditing tool
Scout Suite is an open-source, multi-cloud security auditing tool designed to assess the security posture of cloud environments. By leveraging the APIs provided by cloud …
74% of ransomware victims were attacked multiple times in a year
An alarming trend toward multiple, sometimes simultaneous cyber attacks forces business leaders to re-evaluate their cyber resilience strategies to address common points of …
Steps to improve quality engineering and system robustness
Major tech outages have recently impacted customers and operations at McDonald’s, Greggs, Deliveroo, Tesco, and Barclays. In this Help Net Security video, Stephen …
Misconfigurations and IAM weaknesses top cloud security concerns
Traditional cloud security issues often associated with cloud service providers (CSPs) are continuing to decrease in importance, according to the Top Threats to Cloud …
Week in review: Tips for starting your cybersecurity career, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: August 2024 Patch Tuesday forecast: Looking for a calm August release August …
Critical 1Password flaws may allow hackers to snatch your passwords (CVE-2024-42219, CVE-2024-42218)
Two vulnerabilities (CVE-2024-42219, CVE-2024-42218) affecting the macOS version of the popular 1Password password manager could allow malware to steal secrets stored in the …
“0.0.0.0-Day” vulnerability affects Chrome, Safari and Firefox
A “0.0.0.0-Day” vulnerability affecting Chrome, Safari and Firefox can be – and has been – exploited by attackers to gain access to services on …
August 2024 Patch Tuesday forecast: Looking for a calm August release
August 2024 Patch Tuesday is now live: Microsoft fixes 6 zero-days under active attack July ended up being more ‘exciting’ than many of us wanted; we’re supposed to be in the …
Featured news
Resources
Don't miss
- Deploying AI at the edge: The security trade-offs and how to manage them
- Cybercrime forums Cracked and Nulled seized, operators arrested
- SimpleHelp RMM vulnerabilities may have been exploited to breach healthcare orgs
- Zscaler CISO on balancing security and user convenience in hybrid work environments
- ExtensionHound: Open-source tool for Chrome extension DNS forensics