Prioritizing cybercrime intelligence for effective decision-making in cybersecurityIn this Help Net Security interview, Alon Gal, CTO at Hudson Rock, discusses integrating cybercrime intelligence into existing security infrastructures.
Proactive cybersecurity: A strategic approach to cost efficiency and crisis managementIn this Help Net Security interview, Stephanie Hagopian, VP of Security at CDW, discusses offensive strategies in the face of complex cyberattacks and the role of the zero-trust model.
Custom rules in security tools can be a game changer for vulnerability detectionIn this Help Net interview, Isaac Evans, CEO at Semgrep, discusses the balance between speed and thoroughness in CI/CD pipeline security scanning.
NIS2 Directive raises stakes for security leadersIn this Help Net Security interview, Roland Palmer, VP Global Operations Center at Sumo Logic, discusses key challenges and innovations of the NIS2 Directive, aiming to standardize cybersecurity practices across sectors.
Faction: Open-source pentesting report generation and collaboration frameworkFaction is an open-source solution that enables pentesting report generation and assessment collaboration.
CVEMap: Open-source tool to query, browse and search CVEsCVEMap is an open-source command-line interface tool that allows you to explore Common Vulnerabilities and Exposures.
Self-managed GitLab installations should be patched againLess than two weeks after having plugged a security hole that allows account takeover without user interaction, GitLab Inc. has patched a critical vulnerability in GitLab CE/EE again and is urging users to update their installations immediately.
A zero-day vulnerability to blind defenses relying on Windows event logsA zero-day vulnerability that, when triggered, could crash the Windows Event Log service on all supported versions of Windows could spell trouble for enterprise defenders.
Threat actor used Vimeo, Ars Technica to serve second-stage malwareA financially motivated threat actor tracked as UNC4990 is using booby-trapped USB storage devices and malicious payloads hosted on popular websites such as Ars Technica, Vimeo, GitHub and GitLab to surreptitiously deliver malware.
Third-party risk management best practices and why they matterWith organizations increasingly relying on third-party vendors, upping the third-party risk management game has become imperative to prevent the fallout of third-party compromises.
How to make developers accept DevSecOpsAccording to a recent Dynatrace report, only 50% of CISOs believe that development teams have thoroughly tested the software for vulnerabilities before deploying it into the production environment.
Zero trust implementation: Plan, then execute, one step at a time82% of cybersecurity professionals have been working on implementing zero trust last year, and 16% should be on it by the end of this year.
FBI disrupts Chinese botnet used for targeting US critical infrastructureThe FBI has disrupted the KV botnet, used by People's Republic of China state-sponsored hackers to target US-based critical infrastructure organizations.
Ransomware recap 2023 highlights cybersecurity crisisIn this Help Net Security video, Yochai Corem, CEO of Cyberint, explores the ransomware environment's development, effects, and emerging patterns throughout the previous year.
Free ransomware recovery tool White Phoenix now has a web versionWhite Phoenix is a free ransomware recovery tool for situations where files are encrypted with intermittent encryption.
Unpacking the challenges of AI cybersecurityIn this Help Net Security video, Tyler Young, CISO at BigID, explores AI's challenges, triumphs, and future in cybersecurity.
Cybercriminals embrace smarter strategies, less effort2024 is shaping up to be a record-breaking year for data breaches, according to Experian.
Global critical infrastructure faces relentless cyber activityIn the last year, the world's critical infrastructure - the medical, power, communications, waste, manufacturing, and transportation equipment that connects people and machines - has been under near-constant attack, according to Forescout.
Cybercriminals replace familiar tactics to exfiltrate sensitive dataRansomware attacks are increasing again as cybercriminals' motivation shifts to data exfiltration, according to Delinea.
New infosec products of the week: February 2, 2024Here's a look at the most interesting products from the past week, featuring releases from BackBox, ProcessUnity, SentinelOne, and Vade.
This Cyber News was published on www.helpnetsecurity.com. Publication date: Sun, 04 Feb 2024 09:13:04 +0000