A “cascade” of errors let Chinese hackers into US government inboxes
Microsoft still doesn’t known how Storm-0558 attackers managed to steal the Microsoft Services Account cryptographic key they used to forge authentication tokens needed to access…
Category: HelpnetSecurity
NVD: NIST is working on longer-term solutions
The recent conspicuous faltering of the National Vulnerability Database (NVD) is “based on a variety of factors, including an increase in software and, therefore, vulnerabilities,…
Owl Talon 3 provides hardware-enforced, one-way data transfers
Owl Cyber Defense Solutions launched next generation of their flagship data diode software platform, Owl Talon 3. This new release represents the first in a…
TrueMedia.org introduces deepfake detection tool
TrueMedia.org launched its deepfake detection technology for reporters, and other key audiences to use ahead of the 2024 U.S. elections. The free tool is currently…
How Google plans to make stolen session cookies worthless for attackers
Google is working on a new security feature for Chrome called Device Bound Session Credentials (DBSC), meant to prevent attackers from using stolen session cookies…
Location tracking and the battle for digital privacy
While some online privacy issues can be subtle and difficult to understand, location tracking is very simple – and very scary. Perhaps nothing reveals more…
Cyber attacks on critical infrastructure show advanced tactics and new capabilities
In this Help Net Security interview, Marty Edwards, Deputy CTO OT/IoT at Tenable, discusses the impact of geopolitical tensions on cyber attacks targeting critical infrastructure.…
Cloud Active Defense: Open-source cloud protection
Cloud Active Defense is an open-source solution that integrates decoys into cloud infrastructure. It creates a dilemma for attackers: risk attacking and being detected immediately,…
6 keys to navigating security and app development team tensions
There will always be a natural tension between cybersecurity teams and developers. After all, it’s the developer’s role to “develop.” They want and are paid…
73% brace for cybersecurity impact on business in the next year or two
Only 3% of organizations across the globe have the ‘mature’ level of readiness needed to be resilient against modern cybersecurity risks, according to Cisco. The…
Infosec products of the month: March 2024
Here’s a look at the most interesting products from the past month, featuring releases from: Appdome, AuditBoard, Bedrock Security, Cado Security, Check Point, CyberArk, Cynerio,…
Escalating malware tactics drive global cybercrime epidemic
Evasive, basic, and encrypted malware all increased in Q4 2023, fueling a rise in total malware, according to WatchGuard. Threat actors employ diverse tactics The…