What is segregation of duties (SoD)?

Segregation of duties (SoD) is an internal control mechanism designed to prevent errors and fraud by ensuring at least two individuals are responsible for the separate parts of any... Read more »

Kelly Benefits December data breach impacted over 400,000 individuals

Kelly Benefits has determined that the impact of the recently disclosed data breach is much bigger than initially believed. Benefits and payroll solutions firm Kelly & Associates Insurance Group,... Read more »

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware

An Iranian state-sponsored threat group has been attributed to a long-term cyber intrusion aimed at a critical national infrastructure (CNI) in the Middle East that lasted nearly two years.... Read more »

A hacker stole data from TeleMessage, the firm that sells modified versions of Signal to the U.S. gov

A hacker stole data from TeleMessage, exposing messages from its modified Signal, WhatsApp, and other apps sold to the U.S. government. A hacker stole customer data from TeleMessage, an... Read more »

UK retailers under cyber attack: Co-op member data compromised

UK-based retailers Marks & Spencer, Co-op, and Harrods have been targeted by cyber attackers in the last few weeks. Whether the attacks have been mounted by the same group... Read more »

Experts shared up-to-date C2 domains and other artifacts related to recent MintsLoader attacks

MintsLoader is a malware loader delivering the GhostWeaver RAT via a multi-stage chain using obfuscated JavaScript and PowerShell. Recorded Future researchers observed MintsLoader delivering payloads like GhostWeaver via obfuscated... Read more »

Sansec uncovered a supply chain attack via 21 backdoored Magento extensions

Supply chain attack via 21 backdoored Magento extensions hit 500–1,000 e-stores, including a $40B multinational. Sansec researchers reported that multiple vendors were hacked in a coordinated supply chain attack,... Read more »

How CISOs can talk cybersecurity so it makes sense to executives

CISOs know cyber risk is business risk. Boards don’t always see it that way.​ For years, CISOs have struggled to get boards to understand security beyond buzzwords. Many feel... Read more »

How OSINT supports financial crime investigations

In this Help Net Security interview, Stuart Clarke, CEO at Blackdot Solutions, discusses the strategic use of open-source intelligence (OSINT) in tackling financial crime. He outlines its application in... Read more »

Review: Effective Vulnerability Management

Effective Vulnerability Management offers a view of a key part of cybersecurity, showing how practices, tools, and processes can help organizations reduce risk. About the authors Chris Hughes is... Read more »
Subscribe to our Newsletter