Collaborate Disseminate
The frequency, sophistication, and impact of cyber-attacks on financial institutions have been rising. Given the economic system’s interconnected nature, disruptions in one institution can have cascading effects on the broader financial market, l… Continue reading DORA regulation’s nuts and bolts
In this Help Net Security interview, Glen Leonhard, Director of Key Management at Cryptomathic, discusses the role of cryptographic agility in mitigating risks posed by quantum computing. Cryptographic agility enables organizations to seamlessly transi… Continue reading Unlocking the power of cryptographic agility in a quantum world
Mozilla has pushed out an emergency update for its Firefox and Firefox ESR browsers to fix a vulnerability (CVE-2024-9680) that is being exploited in the wild. About CVE-2024-9680 Reported by ESET malware researcher Damien Schaeffer, CVE-2024-9680 is a… Continue reading Actively exploited Firefox zero-day fixed, update ASAP! (CVE-2024-9680)
The Internet Archive has suffered a data breach, leading to the compromise of email addresses, screen names and bcrypt password hashes of some 31 million users. The compromise was revealed on Wednesday afternoon, when the digital library’s websit… Continue reading Internet Archive data breach, defacement, and DDoS: Users’ data compromised
Filling roles within the cyber sector is an ongoing battle. The shortfall of workers risks creating a vicious cycle within existing cyber teams: With fewer team members to spread the workload on, you risk burning out security professionals. Many make t… Continue reading Widening talent pool in cyber with on-demand contractors
In this Help Net Security interview, Bojan Belušić, Head of Information Security & IT Operations at Microblink, discusses the relationship between Privacy by Design and regulatory frameworks like GDPR. Integrating privacy principles from the outse… Continue reading Investing in Privacy by Design for long-term compliance
In this Help Net Security interview, Tom McAndrew, CEO at Coalfire, discusses the balance organizations must strike between legal compliance and effective enterprise security governance in the context of evolving regulatory frameworks. McAndrew also ad… Continue reading Balancing legal frameworks and enterprise security governance
If you run a self-managed GitLab installation with configured SAML-based authentication and you haven’t upgraded it since mid-September, do it now, because security researchers have published an analysis of CVE-2024-45409 and an exploit script th… Continue reading Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409)
YARA is a powerful tool designed primarily to aid malware researchers in identifying and categorizing malware samples, though its applications are broader. The tool enables users to create detailed descriptions, or “rules,” for malware fami… Continue reading YARA: Open-source tool for malware research
In this Help Net Security interview, Emily Wienhold, Cyber Education Specialist at Optiv, discusses how business leaders can promote a security-first culture within their organizations. Wienhold also discusses strategies for maintaining ongoing cyberse… Continue reading Cultivating a security-first mindset: Key leadership actions