Clean links and sophisticated scams mark new era in email attacks
Analysis of 7 billion emails shows clean links are duping users, malicious EML attachments increased 10-fold in Q4, and social engineering attacks are at all-time…
Category: HelpnetSecurity
36% of code generated by GitHub CoPilot contains security flaws
Security debt, defined as flaws that remain unfixed for longer than a year, exists in 42% of applications and 71% of organizations, according to Veracode.…
How to make sense of the new SEC cyber risk disclosure rules
SEC’s new cybersecurity risk management, strategy, governance, and incident disclosure rules, which require increased transparency around cybersecurity incidents, have been in effect since December 18,…
How decentralized identity is shaping the future of data protection
In this Help Net Security interview, Patrick Harding, Chief Architect at Ping Identity, discusses the promises and implications of decentralized identity (DCI) in cybersecurity. By…
RCE vulnerabilities fixed in SolarWinds enterprise solutions
SolarWinds has released updates for Access Rights Manager (ARM) and (Orion) Platform that fix vulnerabilities that could allow attackers to execute code on vulnerable installations.…
Inside the strategy of Salesforce’s new Chief Trust Officer
Recently, Salesforce named Brad Arkin, previously Chief Security & Trust Officer at Cisco, the company’s new Chief Trust Officer. This was the perfect opportunity to…
CVE Prioritizer: Open-source tool to prioritize vulnerability patching
CVE Prioritizer is an open-source tool designed to assist in prioritizing the patching of vulnerabilities. It integrates data from CVSS, EPSS, and CISA’s KEV catalog…
Balancing “super app” ambitions with privacy
When Elon Musk’s ambitions to transform X into an “everything app” were divulged last year, he joined several companies known to be exploring or actively…
Fraudsters have found creative ways to scam some businesses
70% of businesses report that fraud losses have increased in recent years and over half of consumers feel they’re more of a fraud target than…
Week in review: AnyDesk phishing campaign targets employees, Microsoft fixes exploited zero-days
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Integrating cybersecurity into vehicle design and manufacturingIn this Help Net…
U.S. authorities disrupt Russian intelligence’s botnet
In January 2024, an operation dismantled a network of hundreds of SOHO routers controlled by GRU Military Unit 26165, also known as APT 28, Sofacy…
Cyber threats cast shadow over 2024 elections
Considering that 2024 is a historic year for elections – with an estimated half of the world’s population taking part in democratic votes – this…