Fujitsu finds malware on company systems, investigates possible data breach
Fujitsu Limited, the largest Japanese IT services provider, has announced that several of the company’s computers have been compromised with malware, leading to a possible data breach. Known details about the Fujitsu data breach The company pub.....»»
Nissan breach exposed data of 100,000 individuals
Nissan Oceania has confirmed that the data breach it suffered in December 2023 affected around 100,000 individuals and has begun notifying them. First response In early December 2023, the company – a regional Nissan division which includes Niss.....»»
Loft Labs simplifies multi-cluster Kubernetes management for Rancher users
Loft Labs announced vCluster for Rancher, enabling self-service virtual Kubernetes cluster creation and management for teams already using Rancher for Kubernetes management. Rancher customers can now have more secure Kubernetes multi-tenancy, with th.....»»
Deloitte unveils CyberSphere platform for simplified cyber program management
Deloitte has launched CyberSphere, a vendor-neutral services and solutions platform to help clients simplify their organizations’ cyber program data, workflows, reporting and third-party technologies for improved cyber operational efficiency an.....»»
43 million workers potentially affected in France Travail data breach
French national unemployment agency France Travail (formerly Pôle emploi) and Cap emploi, a government employment service for people with disabilities, have suffered a data breach that might have exposed personal data of 43 million people. The breac.....»»
Quicmap: Fast, open-source QUIC protocol scanner
Quicmap is a fast, open-source QUIC service scanner that streamlines the process by eliminating multiple tool requirements. It effectively identifies QUIC services, the protocol version, and the supported ALPNs. “As I started researching the QU.....»»
Harnessing the power of privacy-enhancing tech for safer AI adoption
A consensus on regulatory AI frameworks seems distant. Yet, the imperative for secure and responsible AI deployment cannot be overstated. How can leaders proactively address AI adoption challenges while waiting for regulatory clarity? In this Help Ne.....»»
Public anxiety mounts over critical infrastructure resilience to cyber attacks
With temporary failures of critical infrastructure on the rise in the recent years, 81% of US residents are worried about how secure critical infrastructure may be, according to MITRE and The Harris Poll. Public views cyberattacks as greatest risk to.....»»
The dark side of GenAI
Beyond traditional AI models, generative AI (GenAI) can create new content, images, and even entire scenarios from scratch. While this technology holds immense promise across various sectors, it also introduces challenges and threats to cybersecurity.....»»
Week in review: Cybersecurity job openings, hackers use 1-day flaws to drop custom Linux malware
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Transitioning to memory-safe languages: Challenges and considerations In this Help Net Security interview, Omkhar Arasaratnam, General Manager at th.....»»
New infosec products of the week: March 15, 2024
Here’s a look at the most interesting products from the past week, featuring releases from AuditBoard, Cynerio, DataDome, Regula, and Tenable. AuditBoard unveils AI, analytics, and annotation capabilities to deliver more timely insights AuditBoard.....»»
AI and the future of corporate security
In this Help Net Security video, Tracy Reinhold, CSO at Everbridge, discusses why AI technology must be embraced while also exploring some guardrails that must be in place to protect organizations against threats using AI to penetrate facilities. The.....»»
Human risk factors remain outside of cybersecurity pros’ control
Cyber threats are growing at an unprecedented pace, and the year ahead is fraught with cybercrime and incidents anticipated ahead of the busy election year where over 50 countries head to the polls, according to Mimecast. With new threats like AI and.....»»
90% of exposed secrets on GitHub remain active for at least five days
12.8 million new secrets occurrences were leaked publicly on GitHub in 2023, +28% compared to 2022, according to GitGuardian. Remarkably, the incidence of publicly exposed secrets has quadrupled since the company started reporting in 2021. Companies.....»»
Key MITRE ATT&CK techniques used by cyber attackers
While the threat landscape continues to shift and evolve, attackers’ motivations do not, according to a Red Canary report. The classic tools and techniques adversaries deploy remain consistent–with some notable exceptions. The report tracked MITR.....»»
Halo Security Dark Web Monitoring identifies and mitigates potential exposures
Halo Security intoduced its new Dark Web Monitoring feature. This addition further enhances the company’s external security platform, allowing security teams to gain insights into potential threats originating from the dark web. With the new Da.....»»
Critical FortiClient EMS vulnerability fixed, (fake?) PoC for sale (CVE-2023-48788)
A recently fixed SQL injection vulnerability (CVE-2023-48788) in Fortinet’s FortiClient Endpoint Management Server (EMS) solution has apparently piqued the interest of many: Horizon3’s Attack Team means to publish technical details and a.....»»
Perception Point GPThreat Hunter allows cybersecurity experts to focus on in-depth investigations
Perception Point launched its latest innovation, GPThreat Hunter, an addition to the company’s comprehensive security stack. Leveraging the capabilities of OpenAI’s GPT-4 model, GPThreat Hunterre presents a significant leap forward in Per.....»»
PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800)
Arcserve has fixed critical security vulnerabilities (CVE-2024-0799, CVE-2024-0800) in its Unified Data Protection (UDP) solution that can be chained to upload malicious files to the underlying Windows system. Tenable researchers have published a PoC.....»»
Concentric AI introduces Copilot data risk module
Concentric AI announced its new Copilot data risk module that delivers data security governance of Copilot data inputs and outputs to ensure that sensitive data – from financial information to IP to business data – remains protected within the or.....»»