Generative AI security: Preventing Microsoft Copilot data exposure
Microsoft Copilot has been called one of the most powerful productivity tools on the planet. Copilot is an AI assistant that lives inside each of…
Category: HelpnetSecurity
Report: The state of authentication security 2023
This survey set out to explore these challenges, to identify common practices, and to provide insight into how organizations can bolster their defenses. Key findings…
Fortanix Key Insight discovers and remediates data security risks in hybrid multicloud environments
Fortanix announced Key Insight, a new capability in the Fortanix Data Security Manager TM (DSM) platform designed to help enterprises discover, assess, and remediate risk…
Released: AI security guidelines backed by 18 countries
The UK National Cyber Security Centre (NCSC) has published new guidelines that can help developers and providers of AI-powered systems “build AI systems that function…
PoC for Splunk Enterprise RCE flaw released (CVE-2023-46214)
A proof-of-concept (PoC) exploit for a high-severity flaw in Splunk Enterprise (CVE-2023-46214) that can lead to remote code execution has been made public. Users are…
OpenSSL 3.2.0 released: New cryptographic algorithms, support for TCP fast open, and more!
OpenSSL is a full-featured toolkit for general-purpose cryptography and secure communication. The final version of OpenSSL 3.2.0 is now available. Major changes in OpenSSL 3.2.0…
AWS Kill Switch: Open-source incident response tool
AWS Kill Switch is an open-source incident response tool for quickly locking down AWS accounts and IAM roles during a security incident. The solution includes…
Why it’s the perfect time to reflect on your software update policy
The threat landscape is evolving by the minute, with both malicious actors and well-intentioned researchers constantly on the hunt for new attack vectors that bypass…
Vulnerability disclosure: Legal risks and ethical considerations for researchers
In this Help Net Security interview, Eddie Zhang, Principal Consultant at Project Black, explores the complex and often controversial world of vulnerability disclosure in cybersecurity.…
Week in review: LockBit exploits Citrix Bleed, Apache ActiveMQ bug exploited for cryptojacking
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: PolarDNS: Open-source DNS server tailored for security evaluationsPolarDNS is a…
NIS2 and its global ramifications
The Network and Information Systems Directive (NIS2), due to come into effect in October 2024, seeks to improve cyber resilience in the European Union (EU).…
Network security tops infrastructure investments
Network security is both the top challenge and the top investment priority for enterprise IT leaders, according to ISG. Network security challenges 60% of respondents…