Yearlong supply-chain attack targeting security pros steals 390K credentials
Multifaceted, high-precision campaign targets malicious and benevolent hackers alike. A sophisticated and ongoing supply-chain attack operating for the past year has been stealing.....»»
iPhone 17 Slim specs will be an enormous engineering & supply chain challenge
Apple's supply chain will be challenged to produce the rumored iPhone 17 Slim. Here's what features the company is rumored to jam into the thinnest iPhone yet.A render of what the iPhone 17 Slim could look likeThe iPhone 17 Slim is expected to form p.....»»
The US military is now talking openly about going on the attack in space
"We have to build capabilities that provide our leadership offensive and defensive options." ORLANDO, Florida—Earlier this year, officials at US Space Command released a list of.....»»
Celigo Private Cloud enhances security and connectivity
Celigo introduced Celigo Private Cloud, a transformative solution offering enterprises fully private automation instances. Designed for businesses that prioritize enhanced security, control, and compliance, Celigo Private Cloud empowers organizations.....»»
New infosec products of the week: December 13, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Cato Networks, Horizon3.ai, SecureAuth, Stamus Networks, Trellix, and Versa Networks. Trellix Drive Encryption enhances security against insider attacks Trel.....»»
Tackling software vulnerabilities with smarter developer strategies
In this Help Net Security interview, Karl Mattson, CISO at Endor Labs, discusses strategies for enhancing secure software development. Mattson covers how developers can address vulnerabilities in complex systems, ways organizations can better support.....»»
Critical WordPress plugin vulnerability under active exploit threatens thousands
Vulnerability with severity rating of 9.8 out of possible 10 still live on >8,000 sites. Thousands of sites running WordPress remain unpatched against a critical security flaw in.....»»
A new test shows Microsoft Recall’s continued security problems
Microsoft's Recall feature and its new security standards are being tested by Windows Insiders again, and still creating problems......»»
Cleo patches zero-day exploited by ransomware gang
Cleo has released a security patch to address the critical vulnerability that started getting exploited while still a zero-day to breach internet-facing Cleo Harmony, VLTrader, and LexiCom instances. Version 5.8.0.24 of the three products, which was.....»»
Security cameras and alarms effective at deterring burglars, say burglars
If you’ve ever wondered whether security cameras and alarms are effective at deterring burglars, the answer is yes – and that comes from a very reliable source: burglars. KGW-TV asked 86 inmates convicted of burglary what would make them more.....»»
We must adjust expectations for the CISO role
Cybersecurity has become one of the most high-stakes facets of business operations in the past few years. The chief information security officer (CISO) role, once a back-office function primarily focused on technical oversight, has moved squarely int.....»»
Krispy Kreme cybersecurity incident disrupts online ordering
Popular US doughnut chain Krispy Kreme has been having trouble with its online ordering system as well as digital payments at their brick-and-mortar shops since late November, and now we finally know why: an 8-K report filed with the US Securities an.....»»
Consumers report impact of hurricanes Helene and Milton on their food supply
Nearly 21% of households in states heavily affected by hurricanes Helene and Milton report sometimes or often not having enough to eat within the first seven days of the storms' impact, according to the November 2024 Consumer Food Insights Report (CF.....»»
Citrix acquires deviceTRUST and Strong Network
With the widespread adoption of hybrid work models, where teams operate across geographical regions on managed and unmanaged devices, every connection and endpoint presents a potential security risk. Addressing this challenge, Citrix announced the st.....»»
Exposed APIs and issues in the world’s largest organizations
In this Help Net Security video, Tristan Kalos, CEO of Escape, discusses the results of its 2024 State of API Exposure report. The study highlights significant API security gaps affecting Fortune 1000 organizations, with over 28,500 exposed APIs and.....»»
Shaping effective AI governance is about balancing innovation with humanity
In this Help Net Security interview, Ben de Bont, CISO at ServiceNow, discusses AI governance, focusing on how to foster innovation while ensuring responsible oversight. He emphasizes the need for collaboration between technologists, policymakers, an.....»»
Google boosts Android security against unknown tracking devices
Google's unknown tracker alerts system will now let users disable their phone's location sharing and use a map view to find the hidden tracking device......»»
Update your iPhone, iPad, and Mac to fix these security vulnerabilities
Apple regularly lists resolved vulnerabilities for iPhone, iPad, and Mac after each software update. Right on cue, the company has released an extensive list of which security resolutions are included in today’s iOS 18.2 and macOS Sequoia 15.2 soft.....»»
Cato Networks extends SASE-based protection to IoT/OT environments
With the introduction of Cato IoT/OT Security, Cato Networks is enabling enterprises to simplify the management and security of Internet of Things (IoT) and operational technology (OT) devices. Cato IoT/OT Security converges device discovery and clas.....»»
Picus provides automated pentesting testing to help uncover critical risks
Picus Security announced new innovations to its Attack Path Validation (APV) product. The new Picus APV now offers security teams accurate, risk-free, and continuous automated penetration testing to uncover critical risks, while significantly reducin.....»»
Containers have 600+ vulnerabilities on average
Containers are the fastest growing – and weakest cybersecurity link – in software supply chains, according to NetRise. Companies are struggling to get container security right. Issues from misconfigured clouds, containers, and networks to.....»»