Machine identities lack essential security controls, pose major threat
Siloed approaches to securing human and machine identities are driving identity-based attacks across enterprises and their ecosystems, according to CyberArk. The CyberArk 2024 …
Windows’ new Recall feature: A privacy and security nightmare?
Microsoft has announced the Copilot+ line of Windows 11-powered PCs that, among other things, will have Recall, a feature that takes screenshots every few seconds, encrypts …
Veeam fixes auth bypass flaw in Backup Enterprise Manager (CVE-2024-29849)
Veeam has patched four vulnerabilities in Backup Enterprise Manager (VBEM), one of which (CVE-2024-29849) may allow attackers to bypass authentication and log in to its web …
Authelia: Open-source authentication and authorization server
Authelia is an open-source authentication and authorization server that offers 2FA and SSO for applications through a web portal. It works alongside reverse proxies to permit, …
Cybersecurity jobs available right now: May 22, 2024
Some of the jobs listed here are no longer accepting applications. For a fresh list of open cybersecurity jobs, go here. Associate Director, Cyber Security AstraZeneca | …
CEOs accelerate GenAI adoption despite workforce resistance
CEOs are facing workforce, culture and governance challenges as they act quickly to implement and scale generative AI across their organizations, according to IBM. The annual …
Technological complexity drives new wave of identity risks
Security leaders are facing increased technological and organizational complexity, which is creating a new wave of identity risks for their organizations, according to …
15 QNAP NAS bugs and one PoC disclosed, update ASAP! (CVE-2024-27130)
Researchers have found 15 vulnerabilities in QNAP’s network attached storage (NAS) devices, and have released a proof-of-concept for one: an unauthenticated stack …
Critical Fluent Bit flaw affects major cloud platforms, tech companies’ offerings (CVE-2024-4323)
Tenable researchers have discovered a critical vulnerability (CVE-2024-4323) in Fluent Bit, a logging utility used by major cloud providers and tech companies, which may be …
Strategies for combating AI-enhanced BEC attacks
In this Help Net Security interview, Robert Haist, CISO at TeamViewer, discusses how AI is being leveraged by cybercriminals to enhance the effectiveness of BEC scams. How is …
Phishing statistics that will make you think twice before clicking
This article includes excerpts from various reports that offer statistics and insights into the current phishing landscape. AI-driven phishing attacks deceive even the most …
YouTube has become a significant channel for cybercrime
Social engineering threats – those which rely on human manipulation – account for most cyberthreats faced by individuals in 2024, according to Avast. According to the latest …