Collaborate Disseminate
GitHub is calling on maintainers of open source projects to apply for the newly opened Secure Open Source Fund, to get funding and knowledge to improve the security and sustainability of their software. The program is funded by companies (AmEx Chaingua… Continue reading GitHub Secure Open Source Fund: Project maintainers, apply now!
Apple has released emergency security updates for macOS Sequoia that fix two zero-day vulnerabilities (CVE-2024-44309, CVE-2024-44308) that “may have been actively exploited on Intel-based Mac systems”. About CVE-2024-44309 and CVE-2024-443… Continue reading Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308)
The ransomware attack on UnitedHealth earlier this year is quickly becoming the healthcare industry’s version of Colonial Pipeline, prompting congressional testimony, lawmaker scrutiny and potential legislation. Over the past few months, there have be… Continue reading Five backup lessons learned from the UnitedHealth ransomware attack
In this Help Net Security interview, Stephanie Domas, CISO at Canonical, discusses common misconceptions about open-source security and how the community can work to dispel them. She explains how open-source solutions, contrary to myths, offer enterpri… Continue reading Debunking myths about open-source security
The integrity of our online ecosystem heavily relies on domain registries, which serve as the foundation for secure and trusted digital experiences. However, threats like Domain Name System (DNS) abuse– manifesting as phishing, malware, and botnets – j… Continue reading Safeguarding the DNS through registries
Microsoft has implemented some and is working on delivering several other security-related features and improvements for Windows 11. Administrator protection will allow users to make system changes on their PCs without having administrator rights (that… Continue reading Microsoft announces new and improved Windows 11 security features
Microsoft has announced the Windows Resiliency Initiative, aimed at avoiding a repeat of the prolonged worldwide IT outage caused by a buggy CrowdStrike update that took down millions of Windows machines and rendered them remotely unfixable. As part of… Continue reading Microsoft plans to boot security vendors out of the Windows kernel
It’s not just North Korean hackers who reach out to targets via LinkedIn: since at least September 2023, Iranian threat actor TA455 has been trying to compromise workers in the aerospace industry by impersonating job recruiters on the popular emp… Continue reading Aerospace employees targeted with malicious “dream job” offers
In this Help Net Security interview, Daniel Schwalbe, CISO at DomainTools, discusses the intensifying regulatory demands that have reshaped CISO accountability and daily decision-making. He outlines the skill sets future CISOs need, their key prioritie… Continue reading CISOs in 2025: Balancing security, compliance, and accountability
AI can expose your work secrets. The same goes for AI-generated content, which has revolutionized workplace productivity but comes with hidden risks. As more employees use AI models to streamline tasks—whether drafting reports, building code, or design… Continue reading Cyber professionals face an IP loss reckoning in 2025