Debunking compliance myths in the digital era

Despite recent economic fluctuations, the software-as-a-service (SaaS) market isn’t letting up. The industry is set to grow annually by over 18% and be valued at $908.21 billion by 2030. It’s evident the industry is fueled by an increasing reliance on … Continue reading Debunking compliance myths in the digital era

How CISOs tackle business payment fraud

In this Help Net Security video, Shai Gabay, CEO of Trustmi, discusses why payments are a source of cyber worry for CISOs. CISOs are worried about Business Email Compromise (BEC), cyber attackers’ use of AI, and securing the supply chain. These a… Continue reading How CISOs tackle business payment fraud

AI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022)

Attackers are leveraging a vulnerability (CVE-2023-48022) in Anyscale’s Ray AI software to compromise enterprise servers and saddle them with cryptominers and reverse shells. “To our knowledge, the attack started 7 months ago,” Avi Lu… Continue reading AI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022)

Attackers leverage weaponized iMessages, new phishing-as-a-service platform

Scammers are leveraging the Darcula phishing-as-a-service platform, iMessages and Google Messages to great effect. The platform allows them to impersonate a variety of brands based in over 100 different countries: postal services, public and private ut… Continue reading Attackers leverage weaponized iMessages, new phishing-as-a-service platform

How security leaders can ease healthcare workers’ EHR-related burnout

Staff experiencing burnout in healthcare settings is not something that security leaders typically worry about – unless, maybe, it is the security team itself that is suffering from it. Healthcare CISOs and privacy officers worry more about the confide… Continue reading How security leaders can ease healthcare workers’ EHR-related burnout

Essential elements of a strong data protection strategy

In this Help Net Security interview, Matt Waxman, SVP and GM for data protection at Veritas Technologies, discusses the components of a robust data protection strategy, emphasizing the escalating threat of ransomware. He highlights the importance of ba… Continue reading Essential elements of a strong data protection strategy

Drozer: Open-source Android security assessment framework

Drozer is an open-source security testing framework for Android, whose primary purpose is to make the life of mobile application security testers easier. Drozer features The solution enables the identification of security vulnerabilities in application… Continue reading Drozer: Open-source Android security assessment framework

17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns

Around 12% of the 45,000 or so Microsoft Exchange servers in Germany that can be accessed from the Internet without restrictions “are so outdated that security updates are no longer offered for them,” the German Federal Office for Informati… Continue reading 17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns