Blog

Phishers send corrupted documents to bypass email security

Phishers have come up with a new trick for bypassing email security systems: corrupted MS Office documents. The spam campaign Malware hunting service Any.Run has warned last week about email campaigns luring users with promises of payments, benefits and end-of-the-year bonuses. Recipients are instructed to dowload the attached document – an archive file (ZIP) or an MS Office file (e.g., DOCX) – and open it, but the file is corrupted. The recipients are then prompted … More → The post Phishers send corrupted documents to bypass email security appeared first on Help Net Security.
http://news.poseidon-us.com/TGYfPm

Push Security introduces verified stolen credentials detection capability

Push Security unveiled verified stolen credentials detection capability, a new feature designed to reshape how security teams combat identity threats. By analyzing threat intelligence (TI) on stolen credentials and comparing it against active credentials in customer environments, the Push platform eliminates false positives, delivering only actionable alerts to help organizations protect compromised workforce identities. This paradigm shift promises to drastically reduce the noise security teams face, empowering them to act swiftly on verified threats without … More → The post Push Security introduces verified stolen credentials detection capability appeared first on Help Net Security.
http://news.poseidon-us.com/TGYfJw

Skills-based hiring is helping tech companies dig out of a talent shortage, report finds

Most IT companies have tackled skills-based hiring by gauging existing abilities, according to IT staffing firm Motion Recruitment.
http://news.poseidon-us.com/TGYXTr

US government, energy sector contractor hit by ransomware

ENGlobal, a Texas-based engineering and automation contractor for companies in the energy sector, has had its data encrypted by attackers. “On November 25, 2024, ENGlobal Corporation (the “Company”) became aware of a cybersecurity incident. The preliminary investigation has revealed that a threat actor illegally accessed the Company’s information technology (“IT”) system and encrypted some of its data files,” the company shared in an 8-K filed on Monday with the US Securities and Exchange Commission. The … More → The post US government, energy sector contractor hit by ransomware appeared first on Help Net Security.
http://news.poseidon-us.com/TGYRx5

Nextcloud Talk: Open-source, GDPR-compliant alternative to Microsoft Teams

Nextcloud has unveiled Nextcloud Talk, an open-source alternative to Microsoft Teams. It’s a privacy-compliant collaboration platform for hybrid teams that gives companies complete control over their data. Nextcloud Talk collaboration software delivers highly secure, GDPR-compliant communication while providing all the essential features modern teams require, from chat and video conferencing to webinars. Its open architecture enables integration with existing systems and allows for the customization of solutions tailored to specific needs. Nextcloud Talk highlights High-security … More → The post Nextcloud Talk: Open-source, GDPR-compliant alternative to Microsoft Teams appeared first on Help Net Security.
http://news.poseidon-us.com/TGYNKz

Thales Data Risk Intelligence identifies risks to sensitive data

Thales launched Data Risk Intelligence, an Imperva Data Security Fabric (DSF) solution that proactively addresses the risks to data wherever it resides. This is the first solution uniting the risk and threat identification capabilities of the Imperva Data Security Fabric with the data protection capabilities of the Thales CipherTrust Data Security Platform, following Thales’s strategic acquisition of Imperva in December 2023. With data and operations spread across cloud, on-premises and hybrid systems, security teams require … More → The post Thales Data Risk Intelligence identifies risks to sensitive data appeared first on Help Net Security.
http://news.poseidon-us.com/TGYNJ7

Extracting Files Embedded Inside Word Documents, (Tue, Dec 3rd)

I found a sample that is a Word document with an embedded executable. I'll explain how to extract the embedded executable with my tools.
http://news.poseidon-us.com/TGYHhl

Treat AI like a human: Redefining cybersecurity

In this Help Net Security interview, Doug Kersten, CISO of Appfire, explains how treating AI like a human can change the way cybersecurity professionals use AI tools. He discusses how this shift encourages a more collaborative approach while acknowledging AI’s limitations. Kersten also discusses the need for strong oversight and accountability to ensure AI aligns with business goals and remains secure. Treating AI like a human can accelerate its development. Could you elaborate on how … More → The post Treat AI like a human: Redefining cybersecurity appeared first on Help Net Security.
http://news.poseidon-us.com/TGY8DP

Best practices for staying cyber secure during the holidays

In this Help Net Security video, Sean Tufts, managing partner for critical infrastructure and operational technology at Optiv, discusses best practices for keeping businesses secure amidst a barrage of threats during the holiday season. Pause large changes in your security stack: IT and security changes that may not have been fully tested can create vulnerabilities. So, while it might be tempting to rush things out the door to achieve a clean slate going into the … More → The post Best practices for staying cyber secure during the holidays appeared first on Help Net Security.
http://news.poseidon-us.com/TGY8Ch

Cybersecurity jobs available right now: December 3, 2024

Application Security Engineer TE Connectivity | USA | Remote – View job details As an Application Security Engineer, you will design, develop, and implement a robust Application Security program. Create and maintain application security policies, standards, and procedures. Participate in the incident response process, focusing on application-related security incidents. Investigate and analyze security breaches and provide actionable recommendations to prevent recurrence. Cryptography engineer Leonar | France | On-site – View job details As a Cryptography … More → The post Cybersecurity jobs available right now: December 3, 2024 appeared first on Help Net Security.
http://news.poseidon-us.com/TGY63G