EU Council adopts the NIS2 directive

The European Council adopted legislation for a high common level of cybersecurity across the Union, to further improve the resilience and incident response capacities of both the public and private sector and the EU as a whole. The new directive, called “NIS2“, will replace the current directive on security of network and information systems (the […]

Continue Reading

Pre-auth RCE in Oracle Fusion Middleware exploited in the wild (CVE-2021-35587)

A pre-authentication RCE flaw (CVE-2021-35587) in Oracle Access Manager (OAM) that has been fixed in January 2022 is being exploited by attackers in the wild, the Cybersecurity and Infrastructure Security Agency has confirmed by adding the vulnerability to its  Known Exploited Vulnerabilities (KEV) Catalog. About CVE-2021-35587 CVE-2021-35587 was discovered by security researchers “Jang” (Nguyen Jang) […]

Continue Reading

The top 200 most common passwords in 2022 are bad, mkay?

According to NordPass’ latest list of top 200 most common passwords in 2022, “password” is the most popular choice, followed by “123456”, “123456789”, “guest” and “qwerty“. 2022 is ending and 2023 is almost upon us, but despite yearly entreates to users to up their password game, weak and often (re)used passwords are obviously still a […]

Continue Reading

The cybersecurity trends organizations will soon be dealing with

In this interview with Help net Security, Brad Jones, VP of Information Security at Seagate Technology, talks about cybersecurity trends organizations will be dealing with soon, particlularly concerning cloud misconfiguration, data classification, software vulnerabilities, and the cybersecurity skills gap. Cybersecurity risks are an ever-evolving issue for all organizations. What are the main ones we are […]

Continue Reading

CISOs in investment firms help fast-track cybersecurity startups

In this Help Net Security video, Frank Kim, CISO-in-Residence at YL Ventures, discusses the growing role of CISOs in investment firms and how their role as advisors helps drive cybersecurity startups. Frank works closely with cybersecurity startup founders on ideation, product-market-fit, and value realization, on an in-house and regular basis. He provides them with what […]

Continue Reading

Cloud security starts with zero trust

In this interview for Help Net Security, Mark Ruchie, CISO at Entrust, talks about cloud security and how zero trust should be implemented to guarantee overall cloud protection. Organizations are increasingly moving their operations to the cloud, thus making security a top priority to make sure employee, personal and customer data is safe. Are organizations […]

Continue Reading

How the dynamics of phishing attacks are changing

In this Help Net Security video, Alex Paquette, COO at Ironscales, discusses the impact in terms of the time and energy required to defend against the never-ending and ever-evolving onslaught of phishing attacks. A recent study conducted by Osterman Research found that IT and security teams spend one-third of their time handling phishing threats every […]

Continue Reading

7 free cybersecurity resources you need to bookmark

CodeSec CodeSec is a CLI based tool which brings Contrast’s enterprise-level security testing right to your laptop. It allows you to run real-time SAST or Serverless scans and receive actionable results in a matter of minutes. Defendify Essentials Package Assess your cyber risk, test your network, and improve awareness with essential tools from Defendify: Cybersecurity […]

Continue Reading

Overcoming unique cybersecurity challenges in schools

A school’s ecosystem is far different from that of the typical enterprise. Not only does a school district face the monumental task of educating our upcoming generations, but they must do it at the scale of a Fortune 500 enterprise with a fraction of the budget! With ransomware attacks rising, administrators must find ways to […]

Continue Reading