Security News
![Top Security Posture Vulnerabilities Revealed](/static/build/img/news/top-security-posture-vulnerabilities-revealed-small.jpg)
Each New Year introduces a new set of challenges and opportunities for strengthening our cybersecurity posture. It's the nature of the field – the speed at which malicious actors carry out...
![Italian Data Protection Watchdog Accuses ChatGPT of Privacy Violations](/static/build/img/news/italian-data-protection-watchdog-accuses-chatgpt-of-privacy-violations-small.jpg)
Italy's data protection authority (DPA) has notified ChatGPT-maker OpenAI of supposedly violating privacy laws in the region. "The available evidence pointed to the existence of breaches of the...
![UK biometrics boss bows out, bemoaning bureaucratic blunders](/static/build/img/news/uk-biometrics-boss-bows-out-bemoaning-bureaucratic-blunders-small.jpg)
The farewell report written by the UK's biometrics and surveillance commissioner highlights a litany of failings in the Home Office's approach to governing the technology. "My time as the biometrics and surveillance camera commissioner has been interesting, challenging, and at times frustrating, in part because of a lack of engagement across Whitehall and often an absence of support in obtaining the resources needed to fulfill my functions: at no time have I had a full complement of staff," Sampson wrote.
![New ZLoader Malware Variant Surfaces with 64-bit Windows Compatibility](/static/build/img/news/new-zloader-malware-variant-surfaces-with-64-bit-windows-compatibility-small.jpg)
Threat hunters have identified a new campaign that delivers the ZLoader malware, resurfacing nearly two years after the botnet's infrastructure was dismantled in April 2022. A new variant of the...
![Hundreds of network operators’ credentials found circulating in Dark Web](/static/build/img/news/hundreds-of-network-operators-credentials-found-circulating-in-dark-web-small.jpg)
After the recent incident involving Orange España and the leakage of credentials from the RIPE NCC portal, which led to a major outage, the cybersecurity community needs to reconsider the digital identity protection for staff engaged in network engineering and IT infrastructure management. Cybersecurity experts outlined the risks originating from Dark Web actors leveraging compromised credentials belonging to ISP/Telcom engineers, Data-Center Technicians, Network Engineers, IT Infrastructure Managers and Outsourcing companies.
![Great security or great UX? Both, please](/static/build/img/news/great-security-or-great-ux-both-please-small.jpg)
It's the classic battle fought over every app: UX designers hate security measures because they feel these measures inject complexity and make it harder for users to get what they want. Security teams feel like UX teams design for streamlined workflows and familiar processes at the cost of better security.
![Faction: Open-source pentesting report generation and collaboration framework](/static/build/img/news/faction-open-source-pentesting-report-generation-and-collaboration-framework-small.jpg)
Faction is an open-source solution that enables pentesting report generation and assessment collaboration. Josh Summitt, the creator of Faction, has always disliked the process of writing reports, preferring to focus on uncovering bugs.
![Juniper Networks Releases Urgent Junos OS Updates for High-Severity Flaws](/static/build/img/news/juniper-networks-releases-urgent-junos-os-updates-for-high-severity-flaws-small.jpg)
Juniper Networks has released out-of-band updates to address high-severity flaws in SRX Series and EX Series that could be exploited by a threat actor to take control of susceptible systems. The...
![Ransomware recap 2023 highlights cybersecurity crisis](/static/build/img/news/ransomware-recap-2023-highlights-cybersecurity-crisis-small.jpg)
In this Help Net Security video, Yochai Corem, CEO of Cyberint, explores the ransomware environment's development, effects, and emerging patterns throughout the previous year. 2023 marked a historic high for ransomware groups, with a 55.5% increase in attacks, reaching 4,368 victims globally, according to Cyberint.
![Unlocking sustainable security practices with secure coding education](/static/build/img/news/unlocking-sustainable-security-practices-with-secure-coding-education-small.jpg)
Despite stringent regulations and calls for 'security by design', organizations are still failing to equip teams with the knowledge to secure code, according to Security Journey. The survey reveals a reactive approach when it comes to security education programs, with 68% of respondents only undertaking secure coding training because of a compliance need or in response to an exploit.