Here’s a summary of some of the most interesting articles, videos, and news from last week:
JetBrains IDE users at risk of GitHub token compromise (CVE-2024-3711)
JetBrains fixed a critical vulnerability, CVE-2024-37051, that could expose users to GitHub token compromise.
20,000 FortiGate appliances hacked by Chinese hackers
Coathanger, a piece malware designed to persist on Fortinet FortiGate appliances, may still be lurking in too many devices around the world.
How businesses can incorporate token technology into existing payment systems
Mark Nelsen discusses the integration and token technology in existing payment systems.
Security strategies and privacy for CISOs working in a mobile first world
In this Help Net Security Interview, Jim Dolce CEO of Lookout discusses how to secure mobile devices in order to mitigate the escalating cloud threat.
Radare: Open-source reverse engineering framework
Radare is a reverse engineering framework and command line toolset that is open-source, UNIX-like. It can be scripted and modified for batch analysis.
Cybersecurity jobs are available now: June 12, 2020
We’ve scoured all the available roles in the cybersecurity industry to bring you the best selection. Check out the latest cybersecurity jobs.
Microsoft delays Windows Recall launch, more security testing is needed
Microsoft has delayed the release of Recall. This controversial Windows 11 feature will allow users to search for specific content they have previously viewed.
YetiHunter is an open-source threat hunting tool for Snowflake environments
Cloud identity protection company Permiso created YetiHunter. This tool is a threat detection tool that can be used by companies to search their Snowflake environments and find evidence of compromise.
Exploitation of a PHP command injection vulnerability to deliver ransomware CVE-2024-4577
TellYouThePass is exploiting a Windows-based PHP CVE-20244577 vulnerability (OS command injection) in CGI mode.
AWS introduces new and improved security features
Amazon Web Services (AWS), at its annual re-Inforce conference, announced new and enhanced tools and security features.
Microsoft fixes RCE vulnerability in MSMQ and Outlook (CVE-2024-3080, CVE-2024-30103).
Microsoft’s June 2024 Patch Tuesday has arrived. Microsoft has released fixes for critical MSMQ flaws (CVE-2024-3080) and RCE vulnerabilities in Microsoft Outlook (CVE-2024-30103).
The number of Snowflake customers whose data has been compromised is increasing
The attackers are attempting to sell stolen data from Snowflake hosted cloud databases.
Modern Fraud Detection Does Not Rely on PII
Online fraud detection trends are often the canary in a coal mine for understanding and combating online scams, frauds and cybersecurity threats.
Solving the systemic issue of recurring vulnerabilities
In this video from Help Net Security, Dr. Pedram Haiati, CEO of SecDim and Fil Filiposki founder of AttackForge discuss how they have formed a strategic partnership to tackle the challenge of resurfacing vulnerability.
Are you preparing for a career as a cybersecurity professional? Check out these statistics
This article contains excerpts from reports that provide statistics, insights, and data on cybersecurity jobs, skill shortages, and workforce dynamics.
Urgently needed AI governance in cyberwarfare
There will always be gaps in policy and regulation despite government efforts to regulate AI.
Maximizing productivity using Copilot for Microsoft 365 from a security perspective
In this video from Help Net Security, Brian Vecci, Field Chief Technology Officer at Varonis, discusses how to maximize the potential of Microsoft Copilot 365.
Cybersecurity professionals change strategies to combat AI-powered cyber threats
According to Deep Instinct, 75% of security professionals have had to change their cybersecurity strategies in the past year due to the increase in AI-powered cyber attacks. 73% are putting more emphasis on prevention capabilities.
Open source security in AI
New AI products are being introduced to the market at a faster rate than any other technology revolution.
Six months after SEC’s cyber-disclosure rules
Mark Millender, Senior advisor of Global Executive Engagement for Tanium, discusses in this Help Net Security video the general sentiment of CISOs from large, public companies regarding the effectiveness and understanding SEC’s Cyber Disclosure Rules and common misconceptions.
Major cybersecurity upgrades announced for American healthcare
The Biden-Harris administration is working tirelessly to improve the resilience and security of the healthcare sector against cyberattacks.
Cloud migration expands CISO’s role
CISOs used to focus primarily on information and cyber security. They would create and implement policies to protect an organization’s IT infrastructure and data from cyber threats.
GDPR turns six: Expert discusses AI impact
In this video from Help Net Security, Chris Denbigh White, CSO of Next DLP, discusses the new data protection challenges that emerging technologies such as AI have created and how organizations need to balance deployment with legality.
AI’s role in accelerating vulnerability Management
AI’s ability to analyze, predict and automate will reshape business in many areas, including cybersecurity.
New infosec Products of the Week: June 14, 2024
Here’s a look back at the most exciting products released in the past week. These include releases from Acronis Diligent Entrust KELA Plainsea SentinelOne.