US retailers under attack by gift card-thieving cyber gang
Earlier this month, the FBI published a private industry notification about Storm-0539 (aka Atlas Lion), a Morocco-based cyber criminal group that specializes in compromising retailers…
Category: HelpnetSecurity
Effective GRC programs rely on team collaboration
One in three organizations are not currently able to proactively identify, assess, and mitigate risk with their GRC program, nor are they able to ensure…
Google fixes yet another Chrome zero-day exploited in the wild (CVE-2024-5274)
For the eighth time this year, Google has released an emergency update for its Chrome browser that fixes a zero-day vulnerability (CVE-2024-5274) with an in-the-wild…
Fail2Ban: Ban hosts that cause multiple authentication errors
Fail2Ban is an open-source tool that monitors log files, such as /var/log/auth.log, and blocks IP addresses that exhibit repeated failed login attempts. It does this…
Product showcase: Alert – Data breach detector for your email, credit card, and ID
Compared to the last quarter of 2023, data breaches rose from 81M to 435M in Q1 2024. That’s a 5-fold increase in just a few…
Despite increased budgets, organizations struggle with compliance
Only 40% of organizations feel fully prepared to meet the compliance demands of rising cybersecurity regulations, according to a new Swimlane report. Organizations still feel…
Worried about job security, cyber teams hide security incidents
The frequency and severity of cyberattacks are increasing—yet most businesses remain unprepared, according to VikingCloud. Between a growing talent shortage, alert fatigue, and new sophisticated…
GitHub fixes maximum severity Enterprise Server auth bypass bug (CVE-2024-4985)
A critical, 10-out-of-10 vulnerability (CVE-2024-4985) allowing unrestricted access to vulnerable GitHub Enterprise Server (GHES) instances has been fixed by Microsoft-owned GitHub. Fortunately, there is a…
OneTrust helps organizations meet the framework requirements
OneTrust announced the expansion of OneTrust solutions to help organizations drive operational resilience and risk management across their extended enterprise, as well as comply with…
HHS pledges $50M for autonomous vulnerability management solution for hospitals
As organizations in the healthcare sector continue to be a prime target for ransomware gangs and CISA warns about a vulnerability (CVE-2023-43208) in a healthcare-specific…
Strategies for transitioning to a SASE architecture
In this Help Net Security, Prakash Mana, CEO at Cloudbrink, discusses the primary challenges companies face when transitioning to a SASE architecture and how to…
CISOs pursuing AI readiness should start by updating the org’s email security policy
Over the past few years, traditional phishing messages — with their pervasive linguistic errors, thinly-veiled malicious payloads, and often outlandish pretexts — have been on…