Self-managed GitLab installations should be patched again (CVE-2024-0402)
Less than two weeks after having plugged a security hole that allows account takeover without user interaction, GitLab Inc. has...
Read more →Category: HelpnetSecurity
Balancing AI benefits with security and privacy risks in healthcare
To manage an environment of increasing risks and limited resources, healthcare internal audit and compliance departments must align their risk...
Read more →
Faction: Open-source pentesting report generation and collaboration framework
Faction is an open-source solution that enables pentesting report generation and assessment collaboration. Josh Summitt, the creator of Faction, has...
Read more →
Great security or great UX? Both, please
A new user is signing up for a SaaS application. On the one hand, UX teams want that user to...
Read more →
Unlocking sustainable security practices with secure coding education
Despite stringent regulations and calls for ‘security by design’, organizations are still failing to equip teams with the knowledge to...
Read more →
Critical Jenkins RCE flaw exploited in the wild. Patch now! (CVE-2024-23897)
Several proof-of-concept (PoC) exploits for a recently patched critical vulnerability (CVE-2024-23897) in Jenkins has been made public and there’s evidence...
Read more →
Cybercriminals embrace smarter strategies, less effort
2024 is shaping up to be a record-breaking year for data breaches, according to Experian. Despite 2023 being labeled as...
Read more →
Prioritizing cybercrime intelligence for effective decision-making in cybersecurity
In this Help Net Security interview, Alon Gal, CTO at Hudson Rock, discusses integrating cybercrime intelligence into existing security infrastructures....
Read more →
Third-party risk management best practices and why they matter
With organizations increasingly relying on third-party vendors, upping the third-party risk management (TPRM) game has become imperative to prevent the...
Read more →
Global critical infrastructure faces relentless cyber activity
In the last year, the world’s critical infrastructure – the medical, power, communications, waste, manufacturing, and transportation equipment that connects...
Read more →
Week in review: 15 million Trello users’ scraped data on sale, attackers can steal NTLM hashes
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: The reality of hacking threats...
Read more →
Essential questions for developing effective human rights policies
Growing environmental, social, and governance (ESG) expectations and expanding global regulation are propelling organizations to consider implementing a stand-alone human...
Read more →