Armed forces have always utilized war-gaming exercises for battlefield training to prepare for times of conflict. With today’s digital transformation, the same concept is being applied in the form of cybersecurity exercises – tests and simulations based on plausible cyber-attack…
Tag: Help Net Security
Escalating malware tactics drive global cybercrime epidemic
Evasive, basic, and encrypted malware all increased in Q4 2023, fueling a rise in total malware, according to WatchGuard. Threat actors employ diverse tactics The average malware detections rose 80% from the previous quarter, illustrating a substantial volume of malware…
Infosec products of the month: March 2024
Here’s a look at the most interesting products from the past month, featuring releases from: Appdome, AuditBoard, Bedrock Security, Cado Security, Check Point, CyberArk, Cynerio, DataDome, Delinea, Drata, Exabeam, GitGuardian, GitHub, GlobalSign, Legato Security, Legit Security, Malwarebytes, Ordr, Pentera, Portnox,…
Securing privacy in the face of expanding data volumes
One of the primary concerns regarding data privacy is the potential for breaches and unauthorized access. Whether it’s financial records, medical histories, or personal communications, individuals have a right to control who can access their data and for what purposes.…
XZ Utils backdoor update: Which Linux distros are affected and what can you do?
The news that XZ Utils, a compression utility present in most Linux distributions, has been backdoored by a supposedly trusted maintainer has rattled the open-source software community on Friday, mere hours until the beginning of a long weekend for many.…
Week in review: Backdoor found in XZ utilities, weaponized iMessages, Exchange servers at risk
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094) A vulnerability (CVE-2024-3094) in XZ Utils, the XZ format compression utilities included in…
Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094)
A vulnerability (CVE-2024-3094) in XZ Utils, the XZ format compression utilities included in most Linux distributions, may “enable a malicious actor to break sshd authentication and gain unauthorized access to the entire system remotely,” Red Hat warns. The cause of…
Stream.Security unveils threat investigation and AI-powered remediation capabilities
Stream.Security announced new threat investigation and AI-powered remediation capabilities. The new real-time attack path detection and generative AI-powered remediation tools are part of the real-time exposure management features that the cloud security company is rolling out. With these capabilities, customers…
AI abuse and misinformation campaigns threaten financial institutions
Though generative AI offers financial firms remarkable business and cybersecurity utility, cyberthreats relating to GenAI in financial services are a consistent concern, according to FS-ISAC. Cybercriminals exploit AI for data exfiltration The cybersecurity community’s current consensus is that adversarial usage…
How much does cloud-based identity expand your attack surface?
We all know using a cloud-based identity provider (IdP) expands your attack surface, but just how big does that attack surface get? And can we even know for sure? As Michael Jordan once said, “Get the fundamentals down, and the…