Security News > 2024 > April
Most businesses see offensive AI fast becoming a standard tool for cybercriminals, with 93% of security leaders expecting to face daily AI-driven attacks, according to Netacea. The research, "Cyber security in the age of offensive AI", surveyed security leaders in the UK and US about their experience with AI as a tool in cybersecurity.
The results were unanimous across markets and career levels: cybersecurity, cloud, and software development, which are considered the most imperative tech skills to learn, are the top areas where skills gaps persist. 65% of respondents said cybersecurity skills were lacking most within their organizations, followed by cloud and software development.
In this Help Net Security round-up, we present excerpts from previously recorded videos in which security experts talk about how increased adoption of cloud technology, remote work, and the proliferation of IoT devices present significant challenges for organizations. To tackle them, cybersecurity professionals are increasingly focusing on incident response, multicloud security, and IoT protection.
Data moves constantly between networks, including to and from on-premise systems and remote cloud platforms that were built to be shared utilities rather than corporate security systems. Organizations have reacted with more management layers to lock down data, and a growing volume of security such as multi-factor authentication that is always easier to plan than manage in reality.
Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.
Security researchers analyzing phishing campaigns that target United States Postal Service saw that the traffic to the fake domains is typically similar to what the legitimate site records and it is even higher during holidays. "The amount of traffic to the illegitimate domains was almost equal to the amount of traffic to legitimate domains on a normal day - and greatly exceeded legitimate traffic during the holidays." - Akamai.
Some Google Chrome users report having issues connecting to websites, servers, and firewalls after Chrome 124 was released last week with the new quantum-resistant X25519Kyber768 encapsulation mechanism enabled by default. Google started testing the post-quantum secure TLS key encapsulation mechanism in August and has now enabled it in the latest Chrome version for all users.
Identity and access management (IAM) services provider Okta has warned of a spike in the "frequency and scale" of credential stuffing attacks aimed at online services. These unprecedented attacks,...
Hackers backdoored Cisco ASA devices via two zero-daysA state-sponsored threat actor has managed to compromise Cisco Adaptive Security Appliances used on government networks across the globe and use two zero-day vulnerabilities to install backdoors on them, Cisco Talos researchers have shared on Wednesday. How to optimize your bug bounty programsIn this Help Net Security interview, Roy Davis, Manager - Vulnerability Management & Bug Bounty at Zoom, discusses the role bug bounty programs play in identifying security vulnerabilities and facilitating collaboration with researchers.
Japanese police placed fake payment cards in convenience stores to protect the elderly targeted by tech support scams or unpaid money fraud. The cards are labeled "Virus Trojan Horse Removal Payment Card" and "Unpaid Bill Late Fee Payment Card," and were created by the Echizen Police in the Fukui prefecture in Japan as an alert mechanism.