Help Net Security

Evaluating GRC tools

November 18, 2024 add comment
According to Gartner, the broad range of pricing for government, risk, and compliance (GRC) tools requires enterprise risk management (ERM) leaders to be well-versed in distinct pricing tiers of... Read more »

ScubaGear: Open-source tool to assess Microsoft 365 configurations for security gaps

November 18, 2024 add comment
ScubaGear is an open-source tool the Cybersecurity and Infrastructure Security Agency (CISA) created to automatically evaluate Microsoft 365 (M365) configurations for potential security gaps. ScubaGear analyzes an organization’s M365... Read more »

How and where to report cybercrime: What you need to know

November 18, 2024 add comment
Cybercrime reporting mechanisms vary across the globe, with each country offering different methods for citizens to report cybercrime, including online fraud, identity theft, and other cyber-related offenses. Victims are... Read more »

Week in review: Microsoft patches actively exploited 0-days, Amazon and HSBC employee data leaked

November 17, 2024 add comment
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039) November 2024 Patch Tuesday is here, and... Read more »

Cybercriminals hijack DNS to build stealth attack networks

November 15, 2024 add comment
Hijacking domains using a ‘Sitting Ducks attack’ remains an underrecognized topic in the cybersecurity community. Few threat researchers are familiar with this attack vector, and knowledge is scarce. However,... Read more »

Cyber crooks push Android malware via letter

November 15, 2024 add comment
Cyber crooks are trying out an interesting new approach for getting information-stealing malware installed on Android users’ smartphones: a physical letter impersonating MeteoSwiss (i.e., Switzerland’s Federal Office of Meteorology... Read more »

Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465)

November 15, 2024 add comment
Attackers have been spotted exploiting two additional vulnerabilities (CVE-2024-9463, CVE-2024-9465) in Palo Alto Networks’ Expedition firewall configuration migration tool, CISA has confirmed on Thursday. About the vulnerabilities (CVE-2024-9463, CVE-2024-9465)... Read more »

Oscilar Cognitive Identity Intelligence Platform combats AI-powered fraud

November 15, 2024 add comment
Oscilar unveiled its Cognitive Identity Intelligence Platform to combat the rising tide of AI-powered fraud. The platform’s proprietary “Digital & Behavior Identification” technology transforms digital identity verification in an... Read more »

IBM announces Autonomous Security for Cloud

November 15, 2024 add comment
IBM announced Autonomous Security for Cloud (ASC), an AI-powered solution from IBM Consulting designed to automate cloud security management and decision-making to help mitigate risk for organizations accelerating their... Read more »

Bitsight acquires Cybersixgill to help organizations manage cyber exposure

November 15, 2024 add comment
Bitsight announced it has signed a definitive agreement to acquire Cybersixgill, a global cyber threat intelligence (CTI) data provider. Together, Bitsight and Cybersixgill will provide visibility into an organization’s... Read more »
Subscribe to our Newsletter