Information Security newsfeeds from around the world in English and French. Find it all in one place since 2004. You'll find online the last 5 years.
Network defenders searching for malicious activity in their Microsoft Azure, Azure Active Directory (AAD), and Microsoft 365 (M365) cloud environments have a new free solution at their disposal: Untitled Goose Tool. Released by the Cybersecurity and Infrastructure Security Agency (CISA), it is an open-source tool that allows users to export and review logs, alerts, configurations, […]
Continue ReadingOver the last several years, endpoints have played a crucial role in cyberattacks. While there are several steps organizations can take to help mitigate endpoint threats – such as knowing what devices are on a network (both on-premises and off-site), quarantining new or returning devices, scanning for threats and vulnerabilities, immediately applying critical patches, etc. […]
Continue ReadingOrganizations worldwide pay ransomware fees instead of implementing solutions to protect themselves. The ransom is just the tip of the iceberg regarding the damage a ransomware attack can wreak. In this Help Net Security video, Gerasim Hovhannisyan, CEO at EasyDMARC, discusses how domain authentication tools such as DKIM, SPF, and DMARC can help mitigate risk […]
Continue ReadingA new Chrome extension promising to augment users’ Google searches with ChatGPT also leads to hijacked Facebook accounts, Guardio Labs researchers have found. While this specific trick isn’t new, this time around the extension also worked as advertised. “Based on version 1.16.6 of the [ChatGPT for Google] open-source project, this FakeGPT variant does only one […]
Continue ReadingLogged failed logins into a company’s Okta domain could be used by threat actors to discover access credentials of valid accounts, Mitiga researchers have found. Those credentials can then be used log in to any of the organization’s platforms that use Okta single sign-on (SSO) or – if the login credentials belong to an administrator […]
Continue ReadingThe Transportation Security Administration (TSA) recently issued new cybersecurity requirements for the aviation industry, which follows last year’s announcement for railroad operators. Both announcements are part of the Department of Homeland Security’s effort to improve the nation’s cybersecurity resiliency and align with the National Cybersecurity Strategy released by the White House earlier this month. While […]
Continue ReadingWith cybersecurity incidents involving compromised credentials continually the most common cause of a data breach for enterprises – and account takeover for individuals, securing digital identities has become paramount. In this Help Net Security video, Jeff Reich, Executive Director at the Identity Defined Security Alliance (IDSA), tells us more. The post Best practices to secure […]
Continue ReadingGoogle has announced the startups chosen for its Cybersecurity Startups Growth Academy. The 15 selected startups are from eight countries and were chosen from over 120 applicants. They have made significant contributions, from securing health applications to protecting educators and safeguarding the clean water supply chain. The selected companies will receive mentoring sessions from Google […]
Continue Reading“Is cybersecurity recession-proof?” That’s the question on the minds of many security professionals and executives as a possible economic downturn of indeterminate length and severity looms and many organizations are tightening their belts. While research suggests that IT spending is showing some immunity to economic headwinds – Gartner is still predicting growth this year, albeit […]
Continue ReadingAlthough OpenAI is an established organization with many years of experience promoting and developing AI systems, the relative immaturity of the ChatGPT application, combined with the lack of security assurance available for OpenAI, can put organizations at risk. In this Help Net Security video, Meghan Maneval, Director of Technical Product Management, Reciprocity, discusses why companies […]
Continue Reading