Vulnerability disclosure: Legal risks and ethical considerations for researchersIn this Help Net Security interview, Eddie Zhang, Principal Consultant at Project Black, explores the complex and often controversial world of vulnerability disclosure in cybersecurity.
How passkeys are reshaping user security and convenienceIn this Help Net Security interview, Anna Pobletts, Head of Passwordless at 1Password, talks about passkey adoption and its acceleration in 2024.
Strategies for cultivating a supportive culture in zero-trust adoptionIn this Help Net Security interview, Wolfgang Goerlich, Advisory CISO at Cisco, discusses the benefits of implementing a mature zero-trust model for both security and business outcomes, revealing a decrease in reported security incidents and enhanced adaptability.
Bridging the risk exposure gap with strategies for internal auditorsIn this Help Net Security interview, Richard Chambers, Senior Internal Audit Advisor at AuditBoard, discusses the transformational role of the internal audit function and risk management in helping organizations bridge the gap in risk exposure.
AWS Kill Switch: Open-source incident response toolAWS Kill Switch is an open-source incident response tool for quickly locking down AWS accounts and IAM roles during a security incident.
Vigil: Open-source LLM security scannerVigil is an open-source security scanner that detects prompt injections, jailbreaks, and other potential threats to Large Language Models.
It integrates multiple services, providing security researchers with rapid access to a broad range of information.
PoC for Splunk Enterprise RCE flaw releasedA proof-of-concept exploit for a high-severity flaw in Splunk Enterprise that can lead to remote code execution has been made public.
Critical ownCloud flaw under attackAttackers are trying to exploit a critical information disclosure vulnerability in ownCloud, a popular file sharing and collaboration platform used in enterprise settings.
Okta breach: Hackers stole info on ALL customer support usersThe scope of the recent breach of the Okta customer support system is much wider than initially established, the company has admitted on Tuesday: the attackers downloaded a report that contained the names and email addresses of all Okta customer support system users.
PoCs for critical Arcserve UDP vulnerabilities releasedArcserve has fixed critical security vulnerabilities in its Unified Data Protection solution, PoCs for which have been published by Tenable researchers on Monday.
Google fixes Chrome zero day exploited in the wildGoogle has released an urgent security update to fix a number of vulnerabilities in Chrome browser, including a zero-day vulnerability that is being actively exploited in the wild.
In the face of an increasingly nimble attacker community and an overall jump in attack sophistication, this balance has tipped towards a more urgent need for rapid security responsiveness.
Security leaders on high alert as GenAI poses privacy and security risksIn this Help Net Security video, Neil Cohen, Head of Go-To-Market at Portal26, discusses why security leaders are concerned about GenAI privacy and security risks.
Guarding the gateway: Securing dispersed networksIn this Help Net Security video, Martin Roesch, CEO of Netography, discusses why the shift is happening now, the top challenges organizations face to secure their dispersed networks, and how to successfully evolve with and secure today's networks.
Enterprises prepare for the inevitable cyber attackIn this Help Net Security video, Rahul Pawar, Global VP of Security Go-To-Market, CTO of Global Services & Solutions at Commvault, discusses why business leaders must play a key role in ensuring companies prioritize cyber preparedness.
What custom GPTs mean for the future of phishingIn this Help Net Security video, Tal Zamir, CTO of Perception Point, believes this will be a powerful tool malicious actors will use to amp up phishing campaigns, as they'll gain an efficient way to boost customized phishing email output beyond their use of traditional ChatGPT. Key drivers of software security for financial servicesIn this Help Net Security video, Chris Eng, Chief Research Officer at Veracode, discusses how financial organizations would benefit from increased automation and secure coding techniques to help them prevent, detect, and respond to vulnerabilities faster than ever.
Report: The state of authentication security 2023This survey set out to explore these challenges, to identify common practices, and to provide insight into how organizations can bolster their defenses.
Generative AI security: Preventing Microsoft Copilot data exposureCopilot is an AI assistant that lives inside each of your Microsoft 365 apps - Word, Excel, PowerPoint, Teams, Outlook, and so on.
Product showcase: New ESET Home SecurityESET HOME Security subscriptions are available on all major operating systems -Windows, macOS, Android, and iOS. With the new offering, ESET introduces two groundbreaking features to bolster online security and privacy-VPN and Identity Protection.
This Cyber News was published on www.helpnetsecurity.com. Publication date: Sun, 03 Dec 2023 09:13:04 +0000