For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic (and usually poorly-written) email and fire it out to thousands of recipients in the hope that a few might take the bait. Over…
Tag: Help Net Security
Key elements for a successful cyber risk management strategy
In this Help Net Security interview, Yoav Nathaniel, CEO at Silk Security, discusses the evolution of cyber risk management strategies and practices, uncovering common mistakes and highlighting key components for successful risk resolution. Nathaniel anticipates a growing pressure on organizations…
Government organizations’ readiness in the face of cyber threats
Cyber threats targeting government organizations have become increasingly sophisticated, posing significant risks to national security, public infrastructure, and sensitive data. These threats are diverse in nature, originating from various actors such as nation-states, hacktivist groups, and organized cybercrime entities. Governments…
Week in review: GitLab account takeover flaw, attackers exploiting Ivanti Connect Secure zero-days
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Social engineer reveals effective tricks for real-world intrusions In this Help Net Security interview, Jayson E. Street, Chief Adversarial Officer at Secure Yeti, discusses intriguing…
Akira ransomware attackers are wiping NAS and tape backups
“The Akira ransomware malware, which was first detected in Finland in June 2023, has been particularly active at the end of the year,” the Finnish National Cybersecurity Center (NCSC-FI) has shared on Wednesday. NCSC-FI has received 12 reports of Akira…
Critical GitLab flaw allows account takeover without user interaction, patch quickly! (CVE-2023-7028)
A critical vulnerability in GitLab CE/EE (CVE-2023-7028) can be easily exploited by attackers to reset GitLab user account passwords. While also vulnerable, users who have two-factor authentication enabled on their account are safe from account takeover. “We have not detected…
Behavox Intelligent Archive simplifies operations for the unified tech stack
Behavox launched the Behavox Intelligent Archive. This new offering is WORM (Write Once, Read Many) compliant and seamlessly integrates with the Behavox surveillance product. Developed in partnership with Google Cloud, the Behavox Intelligent Archive offers security, scalability, and access to…
HackerOne collaborates with Semgrep to streamline code review for modern development
HackerOne announced a partnership with code security solution, Semgrep, to combine Semgrep’s automated code security tools with expert support from HackerOne PullRequest code reviewers. Security teams can now analyze code through Semgrep and have PullRequest reviewers validate results to provide…
Cloud security predictions for 2024
As we reflect on the cybersecurity landscape and the trajectories of threat vectors, it’s evident that we’re on the cusp of a paradigm shift in cloud security. Businesses and cybersecurity professionals must stay abreast of these changes, adapting their strategies…
Cyber budgets and the VC landscape in 2024
In this Help Net Security video, Marcus Bartram, General Partner at Telstra Ventures, discusses his 2024 cybersecurity predictions: The U.S. will be in a recession by Q4 2024, and tech companies will continue reducing their workforce. Still, VCs will be…