Black Basta target orgs with new social engineering campaignBlack Basta, one of the most prolific ransomware-as-a-service operators, is trying out a combination of email DDoS and vishing to get employees to download remote access tools.
Cybersecurity jobs available right now: May 15, 2024We've scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field.
OWASP dep-scan: Open-source security and risk audit toolOWASP dep-scan is an open-source security and risk assessment tool that leverages information on vulnerabilities, advisories, and licensing restrictions for project dependencies.
Core security measures to strengthen privacy and data protection programsAs privacy laws evolve globally, organizations face increasing complexity in adapting their data protection strategies to stay compliant.
In this Help Net Security interview, Kabir Barday, CEO at OneTrust, emphasizes that embracing privacy by design enables organizations to navigate compliance challenges.
Tailoring responsible AI: Defining ethical guidelines for industry-specific useIn this Help Net Security interview, Chris Peake, CISO & SVP at Smartsheet, explains how responsible AI should be defined by each organization to guide their AI development and usage.
Establishing a security baseline for open source projectsIn this Help Net Security interview, Dana Wang, Chief Architect at OpenSSF, discusses the most significant barriers to improving open-source software security and opportunities for overcoming these challenges.
Google fixes third exploited Chrome zero-day in a weekFor the third time in the last seven days, Google has fixed a Chrome zero-day vulnerability for which an exploit exists in the wild.
May 2024 Patch Tuesday: Microsoft fixes exploited zero-daysFor May 2024 Patch Tuesday, Microsoft has released fixes for 59 CVE-numbered vulnerabilities, including two zero-days actively exploited by attackers.
US exposes scheme enabling North Korean IT workers to bypass sanctionsThe US Justice Department had unsealed charges against a US woman and an Ukranian man who, along with three unidentified foreign nationals, have allegedly helped North Korean IT workers work remotely for US companies under assumed US identities and thus evade sanctions.
Organizations struggle to defend against ransomwareIn this Help Net Security video, Jeremy Nichols, Director, Global Threat Intelligence Center at NTT Security Holdings, discusses a recent surge in ransomware incidents.
Its rapid advancement and widespread adoption raise concerns, especially for those of us in cybersecurity.
Critical vulnerabilities take 4.5 months on average to remediateOver a third of organizations had at least one known vulnerability in 2023, with nearly a quarter of those facing five or more, and 60% of vulnerabilities remained unaddressed past CISA's deadlines, according to Bitsight.
The critical role of IT staffing in strengthening cybersecurityIn this Help Net Security video, Phani Dasari, CISO at HGS Digital, discusses the state of the IT industry, the increasing demands for cybersecurity professionals, and strategies for taking advantage of the opportunities that lie ahead. Ransomware statistics that reveal alarming rate of cyber extortionIn this article, you will find excerpts from various reports that offer statistics and insights about the current ransomware landscape.
On one side, organizations are striving to stay at the forefront of technological advancement.
Key questions to ask when tailoring defensive stacksIn this Help Net Security video, Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber, outlines the questions you need to ask your security team when tailoring a defense stack against your current threat landscape.
AI's rapid growth puts pressure on CISOs to adapt to new security risksThe increased use of AI further complicates CISO role as industries begin to realize the full potential of GenAI and its impact on cybersecurity, according to Trellix.
How AI affects vulnerability management in open-source softwareIn this Help Net Security video, Itamar Sher, CEO of Seal Security, discusses how AI affects the risk and operational aspects of managing vulnerabilities in open-source software.
Download: The Ultimate Guide to the CISSPThe Ultimate Guide to the CISSP covers everything you need about the world's premier cybersecurity leadership certification.
Learn how CISSP and ISC2 will help you navigate your training path, succeed in certification, and advance your career so you're ready to rise as a leader in cybersecurity.
This Cyber News was published on www.helpnetsecurity.com. Publication date: Sun, 19 May 2024 08:43:06 +0000