NIST releases finalized post-quantum encryption standards
NIST has finalized its principal set of encryption algorithms designed to withstand cyberattacks from a quantum computer. The announced algorithms are specified in the first…
Category: HelpnetSecurity
Microsoft fixes 6 zero-days under active attack
August 2024 Patch Tuesday is here, and Microsoft has delivered fixes for 90 vulnerabilities, six of which have been exploited in the wild as zero-days,…
Suspected head of Reveton, Ransom Cartel RaaS groups arrested
An international operation coordinated by the UK National Crime Agency (NCA) has resulted in the arrest and extradition of a man believed to be one…
Scammers dupe chemical company into wiring $60 million
Orion S.A., a global chemical company with headquarters in Luxembourg, has become a victim of fraud: it lost approximately $60 million through “multiple fraudulently induced…
Australian gold mining company hit with ransomware
Australian gold mining firm Evolution Mining has announced on Monday that it became aware on 8 August 2024 of a ransomware attack impacting its IT…
Key metrics for monitoring and improving ZTNA implementations
In this Help Net Security interview, Dean Hamilton, CTO at Wilson Perumal & Company, discusses the complexities of zero trust network access (ZTNA) implementation, focusing…
Browser backdoors: Securing the new frontline of shadow IT
Browser extensions are a prime target for cybercriminals. And this isn’t just a consumer problem – it’s a new frontier in enterprises’ battle against shadow…
How CIOs, CTOs, and CISOs view cyber risks differently
C-suite executives face a unique challenge: aligning their priorities between driving technological innovation and ensuring business resilience while managing ever-evolving cyber threats from criminals adept…
35% of exposed API keys still active, posing major security risks
Nightfall AI’s research revealed that secrets like passwords and API keys were most often found in GitHub, with nearly 350 total secrets exposed per 100…
Chrome, Edge users beset by malicious extensions that can’t be easily removed
A widespread campaign featuring a malicious installer that saddles users with difficult-to-remove malicious Chrome and Edge browser extensions has been spotted by researchers. “The trojan…
Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200)
A new MS Office zero-day vulnerability (CVE-2024-38200) can be exploited by attackers to grab users’ NTLM hashes, Microsoft has shared late last week. The vulnerability…
Resecurity unveils new AI-driven Fraud Prevention Platform
Resecurity unveiled its advanced AI-driven Fraud Prevention Platform. This versatile solution is engineered to combat fraud across banking, virtual asset service providers (VASPs), gambling, e-commerce,…