News – Help Net Security

For most public sector organizations, digital transformation is a work in progress, with the complexity of integrating new systems and privacy and security concerns remaining key barriers, according to a report by SolarWinds. Only 6% of respondents report having fully completed their digital transformation journey, while most indicate they are somewhere along the journey, with efforts either well underway (41%) or beginning implementation in some areas with limited progress (42%). “As the public sector navigates … More → The post Security and privacy concerns challenge public sector’s efforts to modernize appeared first on Help Net Security.

In this Help Net Security interview, Chester Wisniewski, Director and Global Field CISO at Sophos, discusses the shifting ransomware landscape, the risks posed by quantum decryption threats, and the role of vendor security validation. Wisniewski notes that cyber resilience is more crucial than mere defense, with AI playing a key role in managing threats, and calls for ongoing improvements, transparency, and proactive measures. With ransomware payments decreasing, some cybercriminals are shifting toward data-centric extortion rather … More → The post Mastering the cybersecurity tightrope of protection, detection, and response appeared first on Help Net Security.

Apple allows you to lock your notes using your iPhone passcode or a separate password, ensuring your private information stays protected across all your Apple devices, including iOS and macOS. Whether you’re using your iPhone, iPad, or Mac, here’s how to ensure your notes stay safe and accessible to you. How to lock Notes on macOS Set up a password Open the Notes app on your Mac. Go to Notes, then click Settings in the … More → The post How to secure Notes on iOS and macOS appeared first on Help Net Security.

Here’s a look at the most interesting products from the past week, featuring releases from 1Password, Fortinet, Pangea, Privacera, and Veeam Software. Fortinet enhances FortiAnalyzer to deliver accelerated threat hunting and incident response FortiAnalyzer offers a streamlined entry point to scale an organization’s security operations center (SOC), providing broad coverage for both on-premises and cloud environments from a single platform. With ready-to-deploy capabilities that deliver complete control with centralized visibility, advanced threat detection, and automated … More → The post New infosec products of the week: February 21, 2025 appeared first on Help Net Security.

Cybersecurity Analyst Messer | On-site – View job details As a Cybersecurity Analyst, you will utilize existing technology platforms to monitor security threats and incidents. Investigate on suspicious activities, gather evidence and document for traceability. Identify vulnerable assets (workstation, network device, IOT) and propose remediation actions or apply fix. Perform security assessment (penetration and vulnerability testing) and ensure all deficiencies are mitigated. Cybersecurity Engineer Modern Technology Solutions | On-site – View job details As a … More → The post Cybersecurity jobs available right now in the USA: February 20, 2025 appeared first on Help Net Security.

Apiiro security researchers have released open source tools that can help organizations detect malicious code as part of their software development lifecycle: PRevent (a scanner for pull requests), and a malicious code detection ruleset for Semgrep and Opengrep static code analysis tools. PRevent in action (Source: Apiiro) The tools work by detecting two anti-patterns the researchers pinpointed after analyzing thousands of malicious code instances in repositories and packages: obfuscated / unreadable source code, and dynamic … More → The post PRevent: Open-source tool to detect malicious code in pull requests appeared first on Help Net Security.

A new, improved version of Darcula, a cat-themed phishing-as-a-service (PhaaS) platform aimed at serving Chinese-speaking criminals, will be released this month and will allow malicious users to create customized phishing kits to target a wider variety of brands than ever before, Netcraft researchers are warning. Even users who have gotten wise to the fake “missed package” or “package confirmation” notices from their national post or delivery services may not be ready the variety of phishing … More → The post Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand appeared first on Help Net Security.

Since early 2024, ESET researchers have been tracking DeceptiveDevelopment, a series of malicious campaigns linked to North Korea-aligned operators. Disguising themselves as software development recruiters, these threat actors lure victims with fake job offers and deliver software projects embedded with infostealing malware. “As part of a fake job interview process, the DeceptiveDevelopment operators ask their targets to take a coding test, such as adding a feature to an existing project, with the files necessary for … More → The post Hackers pose as employers to steal crypto, login credentials appeared first on Help Net Security.

In this Help Net Security interview, Juliette Hudson, CTO of CybaVerse, discusses why asset visibility remains a critical cybersecurity challenge. She explains how to maintain security without slowing down operations, shares ways to improve visibility in OT environments, and explains how AI can be both a solution and a challenge. Hudson also provides actionable advice for security leaders seeking to enhance their organization’s security posture. Why is asset visibility still such a critical issue? You … More → The post Unknown and unsecured: The risks of poor asset visibility appeared first on Help Net Security.

The third quarter of 2024 saw a dramatic shift in the types of malware detected at network perimeters, according to a new WatchGuard report. The report’s key findings include a 300% increase quarter over quarter of endpoint malware detections, highlighted by growing threats that exploit legitimate websites or documents for malicious purposes as threat actors turn to more social engineering tactics to execute their attacks. While Microsoft documents like Word and Excel have long been … More → The post 300% increase in endpoint malware detections appeared first on Help Net Security.