70% of open-source components are poorly or no longer maintained
The geographic distribution of open-source contributions introduces geopolitical risks that organizations must urgently consider, especially with rising nation-state attacks, …
65% of office workers bypass cybersecurity to boost productivity
High-risk access exists throughout the workplace, in almost every job role, proving that the time has come for organizations to re-think the way they protect their workforce, …
Veeam plugs serious holes in Service Provider Console (CVE-2024-42448, CVE-2024-42449)
Veeam has fixed two vulnerabilities in Veeam Service Provider Console (VSPC), one of which (CVE-2024-42448) may allow remote attackers to achieve code exection on the VSPC …
Police takes down Matrix encrypted chat service used by criminals
A joint investigation team involving French and Dutch authorities has taken down Matrix, yet another end-to-end encrypted chat service created for criminals. Matrix (Source: …
Whitepaper: 9 traits of effective cybersecurity leaders of tomorrow
The cyber world needs your expertise. However, the security leaders of tomorrow require a broad set of skills that job experience alone does not arm you with. What do …
Phishers send corrupted documents to bypass email security
Phishers have come up with a new trick for bypassing email security systems: corrupted MS Office documents. The spam campaign Malware hunting service Any.Run has warned last …
US government, energy sector contractor hit by ransomware
ENGlobal, a Texas-based engineering and automation contractor for companies in the energy sector, has had its data encrypted by attackers. “On November 25, 2024, …
Nextcloud Talk: Open-source, GDPR-compliant alternative to Microsoft Teams
Nextcloud has unveiled Nextcloud Talk, an open-source alternative to Microsoft Teams. It’s a privacy-compliant collaboration platform for hybrid teams that gives …
Treat AI like a human: Redefining cybersecurity
In this Help Net Security interview, Doug Kersten, CISO of Appfire, explains how treating AI like a human can change the way cybersecurity professionals use AI tools. He …
Cybersecurity jobs available right now: December 3, 2024
Some of the jobs listed here are no longer accepting applications. For a fresh list of open cybersecurity jobs, go here. Application Security Engineer TE Connectivity | USA | …
The shocking speed of AWS key exploitation
It’s no secret that developers often inadvertently expose AWS access keys online and we know that these keys are being scraped and misused by attackers before …
AWS offers incident response service
Amazon Web Services (AWS) has launched a new service to help organizations prepare for and recover from ransomware attacks, account takeovers, data breaches, and other …
Featured news
Resources
Don't miss
- CISA: Use Signal or other secure communications app
- Another NetWalker affiliate sentenced to 20 years in prison
- Why cybersecurity is critical to energy modernization
- Cryptocurrency hackers stole $2.2 billion from platforms in 2024
- CISA orders federal agencies to secure their Microsoft cloud environments