The reality of hacking threats in connected car systemsIn this Help Net Security interview, Ivan Reedman, Director of Secure Engineering at IOActive, discusses how manufacturers, government regulations, and consumers are adapting to these new challenges.
Beyond blockchain: Strategies for seamless digital asset integrationIn this Help Net Security interview, Jean-Philippe Aumasson, CSO at Taurus, emphasizes the often-overlooked complexities of key generation, storage, and distribution, underlining the necessity for a high level of security maturity in handling digital assets.
Prioritizing CIS Controls for effective cybersecurity across organizationsIn this Help Net Security interview, Randy Marchany, CISO at Virginia Tech, discusses the challenges and strategies associated with implementing CIS Controls in organizations of varying sizes.
CISOs' role in identifying tech components and managing supply chainsIn this Help Net Security interview, Nate Warfield, Director of Threat Research and Intelligence at Eclypsium, outlines the crucial tasks for CISOs in protecting supply chains and achieving comprehensive visibility.
Emerging trends and strategies in digital forensicsIn this Help Net Security interview, Amber Schroader, CEO at Paraben Corporation, discusses the challenges posed by the complexity of modern computer systems and networks on digital evidence collection.
Automated Emulation: Open-source breach and attack simulation labAutomated Emulation is an open-source Terraform template designed to create a customizable, automated breach and attack simulation lab.
Attackers can steal NTLM password hashes via calendar invitesA recently patched vulnerability in Microsoft Outlook that can be used by attackers to steal users' NTLM v2 hashes can be exploited by adding two headers to an email carrying a specially crafted file, security researcher Dolev Taler has shared on Friday.
Data of 15 million Trello users scraped and offered for saleSomeone is selling scraped data of millions of users of Trello, a popular a web-based list-making application and project management platform, on a dark web hacker forum.
Apple debuts new feature to frustrate iPhone thievesBesides fixing an actively exploited zero-day vulnerability, the latest update for the iOS 17 branch offers a new feature to help you protect your accounts and sensitive information in case your iPhone gets stolen.
PoC for easily exploitable Fortra GoAnywhere MFT vulnerability releasedProof-of-concept exploit code for a critical vulnerability in Fortra's GoAnywhere MFT solution has been made public, sparking fears that attackers may soon take advantage of it.
Tietoevry ransomware attack halts Swedish organizationsFinnish IT software and service company Tietoevry has suffered a ransomware attack that affected several customers of one of its datacenters in Sweden.
Apple fixes actively exploited WebKit zero-dayApple has fixed an actively exploited zero-day vulnerability that affects Macs, iPhones, iPads and AppleTVs.
Fighting insider threats is tricky but essential workBusiness executives are worried about accidental internal staff error almost as much as they are worried about external threats.
Russian hackers breached Microsoft, HPE corporate maliboxesCozy Bear has been busy hacking and spying on big tech companies: both Microsoft and Hewlett Packard Enterprise have recently disclosed successful attack campaigns by the Russia-affiliated APT group.
Top cybersecurity concerns for the upcoming electionsIn this Help Net Security video, Adam Marrè, CISO at Arctic Wolf, explains how state and local governments must focus on cybersecurity as the 2024 election approaches in the United States.
10 USA cybersecurity conferences you should visit in 202410 USA cybersecurity conferences you should visit in 2024.
Why resilience leaders must prepare for polycrisesIn this Help Net Security video, Frank Shultz, CEO of Infinite Blue, discusses how more frequent and severe disruptions and our increasingly interconnected world collide to create a new threat for resilience leaders to manage: polycrises.
New method to safeguard against mobile account takeoversComputer science researchers have developed a new way to identify security weaknesses that leave people vulnerable to account takeover attacks, where an attacker gains unauthorized access to online accounts.
One of these is the omission bias, which has interesting ramifications in the world of cyber security, specifically vulnerability management.
New infosec products of the week: January 26, 2024Here's a look at the most interesting products from the past week, featuring releases from 1Kosmos, Atakama, Onfido, Regula, Searchlight Cyber, Seceon, and Veriti.
This Cyber News was published on www.helpnetsecurity.com. Publication date: Sun, 28 Jan 2024 09:43:05 +0000