Security News > 2024 > June

In this Help Net Security interview, Jenn Markey, Advisor to The Entrust Cybersecurity Institute, discusses the increasing adoption of enterprise-wide zero trust strategies in response to evolving cyber threats. Two-thirds of organizations featured in the 2024 State of Zero Trust & Encryption study cited cyber-risk concerns as the main drivers for implementing a zero-trust strategy.

As a Cyber Security Specialist, you will manage security incidents within the Blue Team or Security Operations, develop Python scripts to automate security operations, create and automate incident response playbooks on SOAR platforms. As a Head of the Security Department, you will be responsible for advising the Director General on security for space matters and on the general security strategy for the Agency, proposing, establishing and maintaining a security strategy and policy for ESA corporate security and ESA space projects and programmes.

In a year of growing insider threats and people-driven data loss, more CISOs than ever see human risk, in particular negligent employees as a key cybersecurity concern over the next two years. Cloud security incidents are alarmingly on the rise, with 61% of organizations reporting breaches within the last year, marking a significant increase from 24% the year before.

Northern Minerals issued an announcement earlier today warning that it suffered a cybersecurity breach resulting in some of its stolen data being published on the dark web. The firm is publicly traded on the Australian Securities Exchange under the ticker 'NTU,' so it is legally obliged to disclose any data breach incidents promptly.

Over the past week, attackers have hijacked high-profile TikTok accounts belonging to multiple companies and celebrities, exploiting a zero-day vulnerability in the social media's direct messages feature. As Forbes reported today, the exploit used by the attackers to hack the accounts via DMs only needs the targets to open the malicious message and doesn't require downloading a payload or clicking embedded links.

Today, the FBI issued a warning about scammers using fake remote job ads to steal cryptocurrency from job seekers across the United States while posing as recruiters for legitimate companies. The FBI says that red flags that should warn those targeted by these scams they're dealing with fraudsters coming for their money include being asked to make cryptocurrency payments to the employer as part of a work task, job descriptions involving simple tasks, and not being asked to provide references from previous jobs during the hiring process.

ARRL is the national association for amateur radio in the United States, representing amateur radio interests to government regulatory bodies and promoting events and educational programs for enthusiasts around the country. "We still don't know what they haven't told us and maybe it is important, maybe not," a member posted to the 'My ARRL Voice' Facebook group.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Microsoft has reopened the Windows 10 beta channel and is asking Insiders to join or switch to receive a new beta build in the coming weeks. The announcement comes three years after the last Windows 10 build was released for Insiders in the Beta and Release Preview channels.

Cybercriminals are promoting a new phishing kit named 'V3B' on Telegram, which currently targets customers of 54 major financial institutes in Ireland, the Netherlands, Finland, Austria, Germany, France, Belgium, Greece, Luxembourg, and Italy. The phishing kit, priced between $130-$450 per month depending on what is purchased, features advanced obfuscation, localization options, OTP/TAN/2FA support, live chat with victims, and various evasion mechanisms.