5 API security best practices you must implement
As outside economic pressures continue to shape how organizations think and allocate resources, data security continues to be a high priority. Due to their dependence…
Category: HelpnetSecurity
Tython: Open-source Security as Code framework and SDK
Development teams utilize automation through Infrastructure as Code (IaC) to facilitate rapid and frequent changes to their cloud-native architectures. Security teams must adopt automation and…
Security in the cloud with more automation
Hopefully, you’ve been working with the Center for Internet Security (CIS) on securing your cloud infrastructure for a while now. Initially, you might have used…
Infostealer with hVNC capability pushed via Google Ads
There has been a noted increase in malvertising via Google Ads this year, aimed at tricking users into downloading malware; among these malicious payloads is…
Apple starts delivering smaller security updates
The security updating of iPhones, iPads and Macs has entered a new stage: Apple has, for the first time, released a Rapid Security Response to…
Data-driven insights help prevent decisions based on fear
Organizations have strengthened security measures and become more resilient, but threat actors are still finding ways through, according to BakerHostetler. “We launched the Data Security…
The costly threat that many businesses fail to address
Insider attacks such as fraud, sabotage, and data theft plague 71% of U.S. businesses, according to Capterra. These schemes can cost companies hundreds of thousands…
The warning signs for security analyst burnout and ways to prevent
Security analysts face the demanding task of investigating and resolving increasing volumes of alerts daily, while adapting to an ever-changing threat landscape and keeping up…
Why the manufacturing sector needs stronger cyber defenses
In this Help Net Security interview, Filipe Beato, Lead, Centre for Cybersecurity, World Economic Forum, shares his expertise on the correlation between the digitization of…
Using just-in-time access to reduce cloud security risk
Excessive privileges are a continuing headache for security professionals. As more organizations migrate assets to the cloud, users with excessive permissions can expand the blast…
Cybercriminals use proxies to legitimize fraudulent requests
Bot attacks were previously seen as relatively inconsequential type of online fraud, and that mentality has persisted even as threat actors have gained the ability…
Using multiple solutions adds complexity to your zero trust strategy
Companies’ operating models today are significantly more complex than they were just a couple of years ago, according to BeyondTrust. Remote employees accessing key systems…