When organizations get hit by ransomware and pay the crooks to decrypt the encrypted data and delete the stolen data, they can never be entirely sure the criminals will do as they promised. And even if an organization gets its…
Tag: Help Net Security
If you prepare, a data security incident will not cause an existential crisis
Why is it that when a company becomes aware of a potential data security incident, the team working on it (and others who are made aware that “something” is going on) have an immediate and overwhelming feeling that the company…
Understanding zero-trust design philosophy and principles
In this Help Net Security interview, Phil Vachon, Head of Infrastructure in the Office of the CTO at Bloomberg, discusses the varying definitions of zero trust among security professionals and companies, emphasizing its broad design philosophy. Vachon explores challenges in…
The growing challenge of cyber risk in the age of synthetic media
As AI tools become more widespread, impersonation and deception have become easier. However, organizations are combating this issue with policies and technological solutions. In this Help Net Security video, Mike Bechtel, Chief Futurist at Deloitte, discusses the digital risk of…
Accelerate essential cyber hygiene for your small business
Think you’re too small to experience a cyber attack? That’s not the case. In fact, cyber threat actors (CTAs) are increasingly setting their sights on small businesses. If successful, their attack attempts can be devastating. Fortunately, the Center for Internet…
Securing AI systems against evasion, poisoning, and abuse
Adversaries can intentionally mislead or “poison” AI systems, causing them to malfunction, and developers have yet to find an infallible defense against this. In their latest publication, NIST researchers and their partners highlight these AI and machine learning vulnerabilities. Taxonomy…
McAfee Project Mockingbird defends users against AI-generated scams and disinformation
McAfee announced its AI-powered Deepfake Audio Detection technology, known as Project Mockingbird. This new, proprietary technology was developed to help defend consumers against the surging threat of cybercriminals utilizing fabricated, AI-generated audio to carry out scams that rob people of…
Social engineer reveals effective tricks for real-world intrusions
In this Help Net Security interview, Jayson E. Street, Chief Adversarial Officer at Secure Yeti, discusses intriguing aspects of social engineering and unconventional methods for gathering target information. Street explores the overlooked threat of physical security and the human tendency…
Review: Engineering-grade OT security: A manager’s guide
Andrew Ginter is a widely-read author on industrial security and a trusted advisor for industrial enterprises. He holds a BSc. in Applied Mathematics and an MSc. in Computer Science from the University of Calgary. He developed control system software products…
AuthLogParser: Open-source tool for analyzing Linux authentication logs
AuthLogParser is an open-source tool tailored for digital forensics and incident response, specifically crafted to analyze Linux authentication logs (auth.log). The tool examines the auth.log file, extracting crucial details like SSH logins, user creations, event names, IP addresses, among others.…