Hackers leverage 1-day vulnerabilities to deliver custom Linux malware
A financially motivated threat actor is using known vulnerabilities to target public-facing services and deliver custom malware to unpatched Windows and Linux systems. Among …
How advances in AI are impacting business cybersecurity
While ChatGPT and Bard have proven to be valuable tools for developers, marketers, and consumers, they also carry the risk of unintentionally exposing sensitive and …
Cybersecurity jobs available right now: March 12, 2024
Some of the jobs listed here are no longer accepting applications. For a fresh list of open cybersecurity jobs, go here. CISO / Head of Enterprise IT Stitch Fix | USA | Remote …
Tax-related scams escalate as filing deadline approaches
As the April 15, 2024 tax filing deadline approaches in the US, some old and some new tax-related scams are targeting both taxpayers and tax professionals. Tax-related scams …
Image-based phishing tactics evolve
While 70% of organizations feel their current security stacks are effective against image-based and QR code phishing attacks, 76% were still compromised in the last 12 months, …
Microsoft: Russian hackers accessed internal systems, code repositories
Midnight Blizzard (aka APT29), a group of Russian hackers tied to the country’s Foreign Intelligence Service (SVR), has leveraged information stolen from Microsoft …
10 free cybersecurity guides you might have missed
This collection of free cybersecurity guides covers a broad range of topics, from resources for developing cybersecurity programs to specific guides for various sectors and …
Transitioning to memory-safe languages: Challenges and considerations
In this Help Net Security interview, Omkhar Arasaratnam, General Manager at the Open Source Security Foundation (OpenSSF), discusses the evolution of memory-safe programming …
CloudGrappler: Open-source tool detects activity in cloud environments
CloudGrappler is an open-source tool designed to assist security teams in identifying threat actors within their AWS and Azure environments. The tool, built on the foundation …
Advanced AI, analytics, and automation are vital to tackle tech stack complexity
97% of technology leaders find traditional AIOps models are unable to tackle the data overload, according to Dynatrace. Organizations are drowning in data The research reveals …
Week in review: Attackers use phishing emails to steal NTLM hashes, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: What organizations need to know about the Digital Operational Resilience Act …
Cisco patches Secure Client VPN flaw that could reveal authentication tokens (CVE-2024-20337)
Cisco has fixed two high-severity vulnerabilities affecting its Cisco Secure Client enterprise VPN and endpoint security solution, one of which (CVE-2024-20337) could be …