Geopolitical tensions escalate OT cyber attacks
In this Help Net Security interview, Andrew Ginter, VP of Industrial Security at Waterfall Security, discusses operational technology (OT) cyber attacks and their 2024 Threat Report. He examines how global geopolitical tensions and evolving ransomwar.....»»
UK outlaws awful default passwords on connected devices
The law aims to prevent global-scale botnet attacks. Enlarge (credit: Getty Images) If you build a gadget that connects to the Internet and sell it in the United Kingdom, you can no longer make the default password "pass.....»»
Researchers unveil novel attack methods targeting Intel’s conditional branch predictor
Researchers have found two novel types of attacks that target the conditional branch predictor found in high-end Intel processors, which could be exploited to compromise billions of processors currently in use. The multi-university and industry resea.....»»
Okta warns customers about credential stuffing onslaught
Credential stuffing attacks have exploded this April, Okta warns, and advises its customers to use available tools to block access requests originating from residential proxies before authentication takes place. Abuse of proxy networks “In cred.....»»
AI is creating a new generation of cyberattacks
Most businesses see offensive AI fast becoming a standard tool for cybercriminals, with 93% of security leaders expecting to face daily AI-driven attacks, according to Netacea. Offensive AI in cyberattacks The research, “Cyber security in the age o.....»»
Prompt Fuzzer: Open-source tool for strengthening GenAI apps
Prompt Fuzzer is an open-source tool that evaluates the security of your GenAI application’s system prompt against dynamic LLM-based threats. Prompt Fuzzer features Simulation of over a dozen types of GenAI attacks The tool contextualizes itsel.....»»
New infosec products of the week: April 26, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Cyberint, Forcepoint, Invicti Security, Netwrix, Trend Micro, Zero Networks, and WhyLabs. Trend Micro launches AI-driven cyber risk management capabilities T.....»»
Breaking down the numbers: Cybersecurity funding activity recap
Here’s a list of interesting cybersecurity companies that received funding so far in 2024. Aim Security January | $10 million Aim Security raised $10 million in seed funding, led by YL Ventures, with participation from CCL (Cyber Club Lond.....»»
In the face of bans, ByteDance tightens grip over US TikTok operations
Relationship between TikTok, ByteDance deepens as tensions over the app’s ownership escalate. Enlarge (credit: FT/Getty Images) TikTok’s Beijing-based owner ByteDance tightened its grip over its US operations over th.....»»
Dropzone AI raises $16.85 million to combat advanced AI attacks
Dropzone AI has raised $16.85 million in Series A funding. Theory Ventures led the round, adding to their cohort of existing investors Decibel Partners, Pioneer Square Ventures, and In-Q-Tel (IQT). Carta CISO Garrett Held, Head of Security at Postman.....»»
Stellar Cyber and Acronis team up to provide optimized threat detection solutions for MSPs
Stellar Cyber has revealed a new partnership with Acronis, to deliver an optimized threat detection and response solution enabling MSPs to protect on-premises, cloud, hybrid, and IT/OT environments most cost-effectively and efficiently possible. Thro.....»»
BforeAI raises $15 million to stop attacks before they occur
BforeAI has secured $15 million in Series A funding led by SYN Ventures, with renewed participation from early investors Karma Ventures, Karista, Addendum Capital, and a new investment from the Partnership Fund for New York City. BforeAI autonomously.....»»
56% of cyber insurance claims originate in the email inbox
56% of all 2023 claims were a result of funds transfer fraud (FTF) or business email compromise (BEC), highlighting the importance of email security as a critical aspect of cyber risk management, according to Coalition. The 2024 Cyber Claims Report i.....»»
Nation-state hackers exploit Cisco firewall 0-days to backdoor government networks
Perimeter devices ought to prevent network hacks. Why are so many devices allowing attacks? Enlarge (credit: Getty Images) Hackers backed by a powerful nation-state have been exploiting two zero-day vulnerabilities in Ci.....»»
Hackers are using developing countries for ransomware practice
Businesses in Africa, Asia, and South America hit before moving on to Western targets. Enlarge (credit: Getty Images) Cyber attackers are experimenting with their latest ransomware on businesses in Africa, Asia, and Sout.....»»
Hackers are carrying out ransomware experiments in developing countries
Businesses in Africa, Asia, and South America hit before moving on to western targets. Enlarge (credit: Getty Images) Cyber attackers are experimenting with their latest ransomware on businesses in Africa, Asia and South.....»»
Comcast Business MDR limits the impact of cyber threats
Comcast Business has expanded its cybersecurity portfolio with the launch of its Comcast Business Managed Detection and Response (MDR) solution. The solution combines an advanced security analytics platform and Security Operations Center (SOC) to hel.....»»
GISEC Global 2024 video walkthrough
In this Help Net Security video, we take you inside GISEC Global, which is taking place from April 23 to April 25, 2024, at the Dubai World Trade Centre. The video features the following vendors: Sophos, Waterfall Security Solutions, UAE Cyber Securi.....»»
AI set to play key role in future phishing attacks
A staggering increase in QR code phishing (quishing) attacks during 2023 saw them skyrocket up the list of concerns for cyber teams globally, according to Egress. Attacks were both prolific and highly successful, demonstrating how cybercriminals effe.....»»
GenAI can enhance security awareness training
One of the biggest concerns over generative AI is its ability to manipulate us, which makes it ideal for orchestrating social engineering attacks. From mining someone’s digital footprint to crafting highly convincing spear phishing emails, to voice.....»»
Entrust protects users against fraud, phishing and other account takeover attacks
Entrust announced a single-vendor enhanced authentication solution that integrates identity verification (IDV) and identity and access management (IAM) to fight deepfakes, phishing, account takeover (ATO) attacks and other threats. By enhancing Entru.....»»