Security News

Cybersecurity researchers have identified a malicious Python package that purports to be an offshoot of the popular requests library and has been found concealing a Golang-version of the Sliver...

Red teaming exercises are one of the best ways to find novel risk, making them ideal for finding security and safety concerns in emerging technologies like generative AI. This can be done using a combination of penetration testing, time-bound offensive hacking competitions, and bug bounty programs. With this clear focus on safety, security, and accountability, red teaming practices are likely to be considered favorably by regulators worldwide, as well as aligning with the UK government's vision for responsible AI development.

The OpenSSF community has developed open-source security tools and projects, aiming to make security the default and promote a collaborative effort to strengthen the security posture of open-source ecosystems. OpenSSF is working to combat that challenge by establishing a security baseline for open-source projects and aims to propagate it across the Linux Foundation.

"GenAI and AI have the potential to both disrupt and enhance security operations. As the acting gatekeepers - CISOs are under immense pressure," said Harold Rivas, CISO, Trellix. With cyberattacks on the rise, AI pressures mounting, and responsibilities growing, it's no surprise 90% of CISOs find themselves under increased pressure.

In this Help Net Security video, Itamar Sher, CEO of Seal Security, discusses how AI affects the risk and operational aspects of managing vulnerabilities in open-source software. One of the core issues around open-source vulnerability patch management has been the coupling between security patches and other code changes.

Over a third of organizations had at least one known vulnerability in 2023, with nearly a quarter of those facing five or more, and 60% of vulnerabilities remained unaddressed past CISA's deadlines, according to Bitsight. Organizations struggle to remediate critical vulnerabilities.

In this Help Net Security round-up, we present excerpts from previously recorded videos in which security experts talk about the cybersecurity talent shortage and the role STEM education can play...

Cloudflare’s Everywhere Security platform offers unified protection for on and off-premise applications Sponsored Post Organizations across the Asia Pacific need to urgently ramp up their IT...

The Ultimate Guide to the CISSP covers everything you need about the world’s premier cybersecurity leadership certification. Learn how CISSP and ISC2 will help you navigate your training path,...

Advertising presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type or which content you are interacting with. Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests.