Social engineer reveals effective tricks for real-world intrusionsIn this Help Net Security interview, Jayson E. Street, Chief Adversarial Officer at Secure Yeti, discusses intriguing aspects of social engineering and unconventional methods for gathering target information.
Understanding zero-trust design philosophy and principlesIn this Help Net Security interview, Phil Vachon, Head of Infrastructure in the Office of the CTO at Bloomberg, discusses the varying definitions of zero trust among security professionals and companies, emphasizing its broad design philosophy.
Embracing offensive cybersecurity tactics for defense against dynamic threatsIn this Help Net Security, Alexander Hagenah, Head of Cyber Controls at SIX, discusses the critical steps in creating effective offensive security operations and their impact on organizational security strategies.
In their latest publication, NIST researchers and their partners highlight these AI and machine learning vulnerabilities.
Microsoft fixes critical flaws in Windows Kerberos, Hyper-VFor January 2024 Patch Tuesday, Microsoft has released fixes for 49 CVE-numbered vulnerabilities, two of which are critical: CVE-2024-20674 and CVE-2024-20700.
SEC's X account hacked to post fake news of Bitcoin ETF approvalSomeone has hijacked the X account of the US Securities and Exchange Commission, and posted an announcement saying the agency has decided to allow the listing of Bitcoin ETFs on registered national security exchanges.
Ivanti Connect Secure zero-days exploited by attackersTwo zero-day vulnerabilities in Ivanti Connect Secure VPN devices are under active exploitation by unknown attackers, Volexity researchers have discovered.
SQLi vulnerability in Cacti could lead to RCEA blind SQL injection vulnerability in Cacti, a widely-used network monitoring, performance and fault management framework, could lead to information disclosure and potentially remote code execution.
Critical Cisco Unity Connection flaw gives attackers root privileges.
Top 2024 AppSec predictionsIn this Help Net Security video, Shahar Man, CEO of Backslash Security, offers his top three AppSec predictions for 2024, uncovering future trends.
Top LLM vulnerabilities and how to mitigate the associated riskAs large language models become more prevalent, a comprehensive understanding of the LLM threat landscape remains elusive.
The growing challenge of cyber risk in the age of synthetic mediaIn this Help Net Security video, Mike Bechtel, Chief Futurist at Deloitte, discusses the digital risk of cyber-attacks from the proliferation of AI-generated content and synthetic media in our digital landscape.
The power of basics in 2024's cybersecurity strategiesIn this Help Net Security video, Nick Carroll, Cyber Incident Response Manager at Raytheon, discusses how while organizations will be challenged to strengthen their defenses faster than cyber threats are evolving, this 'come from behind' rush to keep pace with attackers can often lead to the harmful practice of organizations skipping the foundational basics of cyber defense and failing to establish a general sense of cyber awareness within the business.
Akira ransomware attackers are wiping NAS and tape backupsThe attackers pinpointed and targeted organizations with vulnerable internet-facing Cisco ASA or FTD devices and found and wiped target organizations' backups before deploying the ransomware.
Cloud security predictions for 2024As we reflect on the cybersecurity landscape and the trajectories of threat vectors, it's evident that we're on the cusp of a paradigm shift in cloud security.
The expanding scope of CISO duties in 2024In this Help Net Security video, Bindu Sundaresan, Director at AT&T Cybersecurity, discusses the ongoing changes we'll see from the CISO role as digital transformation efforts continue.
Cyber budgets and the VC landscape in 2024In this Help Net Security video, Marcus Bartram, General Partner at Telstra Ventures, discusses his 2024 cybersecurity predictions.
Cyber threat actors are increasingly setting their sights on small businesses.
If successful, their attack attempts can be devastating.
New infosec products of the week: January 12, 2024Here's a look at the most interesting products from the past week, featuring releases from Critical Start, Dasera, ID R&D, and SpecterOps.
This Cyber News was published on www.helpnetsecurity.com. Publication date: Sun, 14 Jan 2024 07:43:03 +0000