CIS Controls v8: Safeguards to mitigate the most prevalent cyber-attacks
The CIS Critical Security Controls (CIS Controls) are a prioritized set of safeguards to mitigate cyber-attacks against systems and networks. They are mapped to and referenced by multiple legal, regulatory, and policy frameworks. In this Help Net Sec.....»»
Using ChatGPT to make fake social media posts backfires on bad actors
OpenAI claims cyber threats are easier to detect when attackers use ChatGPT. Using ChatGPT to research cyber threats has backfired on bad actors, OpenAI revealed in a report analy.....»»
Internet Archive data breach exposes 31M users; under DDoS attack
An Internet Archive data breach has been confirmed by the organisation, which has also been suffering Distributed Denial-of-Service (DDoS) attacks. The home of the Wayback Machine was previously attacked back in May. At this point, it’s being su.....»»
Widening talent pool in cyber with on-demand contractors
Filling roles within the cyber sector is an ongoing battle. The shortfall of workers risks creating a vicious cycle within existing cyber teams: With fewer team members to spread the workload on, you risk burning out security professionals. Many make.....»»
Tidal Cyber empowers organizations to improve their protection efforts
Tidal Cyber announced that it now incorporates test results from Breach and Attack Simulation (BAS) tools and other sources to complement the company’s existing Threat-Informed Defense capabilities. With this new integration, Tidal Cyber Enterprise.....»»
Commvault Cloud Rewind helps businesses bounce back from cyber incidents
Commvault launched Cloud Rewind on the Commvault Cloud platform. This offering, which integrates cloud-native distributed application recovery and rebuild capabilities from the Appranix acquisition, gives cloud-first organizations a secret weapon to.....»»
Meet the shared responsibility model with new CIS resources
You can’t fulfill your end of the shared responsibility model if you don’t emphasize secure configurations. Depending on the cloud services you’re using, you’re responsible for configuring different things. Once you figure out.....»»
Survey experiment reveals celebrities and politicians could be the "missing link" to mitigate climate change
Psychologists from Cardiff University have uncovered new insights into the role of celebrities and politicians in influencing public opinion on low-carbon lifestyles. The paper is published in the journal Humanities and Social Sciences Communications.....»»
New infosec products of the week: October 4, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Balbix, Halcyon, Metomic, Red Sift, SAFE Security, Veeam Software, and Legit Security. SAFE X equips CISOs with integrated data from all their existing cyber.....»»
Best practices for implementing threat exposure management, reducing cyber risk exposure
In this Help Net Security interview, Sanaz Yashar, CEO at Zafran, discusses the role of threat exposure management (TEM) in modern cybersecurity strategies. As traditional vulnerability management evolves, TEM addresses the overwhelming risks arising.....»»
Research reveals how media coverage helped successfully mitigate forest fires in the Brazilian Amazon
A new study from the University of California San Diego's School of Global Policy and Strategy reveals that public outcry can lead to significant environmental action, even when public administrations are openly hostile to environmental priorities......»»
Camera Control video zoom isn’t usable yet, but I expect a software update to fix it
Back in February, I talked about the difficulty of smoothly zooming video footage using the on-screen controls, and said I’d really love a hardware control. The iPhone 16 looked like it might give me what I wanted, with the Camera Control video zoo.....»»
CUPS vulnerabilities could be abused for DDoS attacks
While the Common UNIX Printing System (CUPS) vulnerabilities recently disclosed by researcher Simone “evilsocket” Margaritelli are not easily exploited for remote command execution on vulnerable systems, they could offer more opportunity.....»»
This Dyson V8 cordless vacuum deal cuts the price by $120
Invest in a vacuum that will keep you happy for years to come. Right now, you’ll save $120 when you order the Dyson V8 Cordless Vacuum through Best Buy!.....»»
Thousands of Zimbra servers attacked following email account compromise
The attacks don't seem to be that effective right now, but a patch should still be installed......»»
15% of office workers use unsanctioned GenAI tools
Rigid security protocols — such as complex authentication processes and highly restrictive access controls — can frustrate employees, slow productivity and lead to unsafe workarounds, according to Ivanti. Understanding workplace behavior key to s.....»»
Spotting AI-generated scams: Red flags to watch for
In this Help Net Security interview, Andrius Popovas, Chief Risk Officer at Mano Bank, discusses the most prevalent AI-driven fraud schemes, such as phishing attacks and deepfakes. He explains how AI manipulates videos and audio to deceive victims an.....»»
Ransomware activity shows no signs of slowing down
Ransomware attacks have seen a significant resurgence, disrupting multiple sectors and affecting global supply chains. Despite efforts to disrupt major ransomware groups, incidents continue to rise, signaling an ongoing and growing threat into 2024......»»
Attackers exploit critical Zimbra vulnerability using cc’d email addresses
When successful, attacks install a backdoor. Getting it to work reliably is another matter. Attackers are actively exploiting a critical vulnerability in mail servers sold by Zimb.....»»
Ukraine Is Decentralizing Energy Production to Protect Itself From Russia
The Energy Act for Ukraine Foundation is equipping schools and hospitals with solar panels and energy storage systems to nullify Russian attacks on the country's power plants......»»
Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519)
Attackers are actively exploiting CVE-2024-45519, a critical Zimbra vulnerability that allows them to execute arbitrary commands on vulnerable installations. Proofpoint’s threat researchers say that the attacks started on September 28 – s.....»»