Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)

The maintainers of the Exim mail transfer agent (MTA) have fixed a critical vulnerability (CVE-2024-39929) that currently affects around 1.5 million public-facing servers and can help attackers deliver malware to users. About CVE-2024-39929 The vulnera… Continue reading Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)

Risk related to non-human identities: Believe the hype, reject the FUD

The hype surrounding unmanaged and exposed non-human identities (NHIs), or machine-to-machine credentials – such as service accounts, system accounts, certificates and API keys – has recently skyrocketed. A steady stream of NHI-related brea… Continue reading Risk related to non-human identities: Believe the hype, reject the FUD

Discover the growing threats to data security

In this Help Net Security interview, Pranava Adduri, CEO at Bedrock Security, discusses how businesses can identify and prioritize their data security risks. Adduri emphasizes the necessity of ongoing monitoring and automation to keep up with evolving … Continue reading Discover the growing threats to data security

Encrypted traffic: A double-edged sword for network defenders

Organizations are ramping up their use of encrypted traffic to lock down data. Could they be making it easier to hide threats in the process? On one hand, encryption means enhanced privacy, but it can also make the job of security analysts much harder…. Continue reading Encrypted traffic: A double-edged sword for network defenders

How to design a third-party risk management framework

Most organizations focus on securing routers, servers, firewalls, and other endpoints, but threats can also arise from unfamiliar sources such as third-party networks, which can be used by hackers to attack an organization. Through a strong TPRM framew… Continue reading How to design a third-party risk management framework

Managing cyberattack fallout: Financial and operational damage

In this Help Net Security, Ashley Harrington, Director of Cybersecurity at Aspida, discusses the impact of cyberattack on business operations and financial health. Beyond immediate disruptions and financial burdens, cyber incident can severely damage a… Continue reading Managing cyberattack fallout: Financial and operational damage