A smorgasbord of knowledge and news -

View this email in your browser (IN)SECURE Newsletter September 24, 2024 A smorgasbord of knowledge and news What's new?   Many organizations are considering changing cybersecurity providers following the massive worldwide outage caused by a faulty CrowdStrike sensor content update, a recent report by the German Federal Office for Information Security (BSI) and Germany's digital association Bitkom has revealed. Paid open-source maintainers are 55% more likely to implement critical security and maintenance practices than unpaid maintainers and are dedicating more time to implementing security practices, according to Tidelift. For organizations affected by ransomware in the past year, MFA bypass via session hijacking is seen as the greatest emerging threat for ransomware, according to SpyCloud. Recent regulatory actions and high-profile legal incidents involving cybersecurity leaders have greatly influenced CISO reporting. (Video) Ideas to consider, practices to implement How to make Infrastructure as Code secure by default The growing danger of visual hacking and how to protect against it Best practices for implementing the Principle of Least Privilege Top priorities for federal cybersecurity: Infrastructure, zero trust, and AI-driven defense Benefits and best practices of leveraging AI for cybersecurity (video) Get our news via e-mail Subscribe to get regular updates from Help Net Security. Choose between our daily and weekly newsletters, or you can also opt for specialized newsletters: Breaking news – sent for major events Cybersecurity jobs – sent weekly Open-source cybersecurity tools – sent monthly Open-source tools you should check out Certainly - An offensive security toolkit that captures extensive traffic in bit-flip and typosquatting scenarios CrowdSec - A security sloution that offers crowdsourced protection against malicious IPs EchoStrike - A tool that generates undetectable reverse shells and performs process injection DockerSpy - A tool that scans Docker Hub for images and retrieves sensitive information OpenZiti - A project that embeds zero-trust networking principles directly into applications Broaden your knowledge and resolve issues (registration may be required): eBook: How CISSP turns career goals into reality eBook: Keep assets secure after cloud migratione eBook: Navigating compliance with a security-first approach Copyright © 2024 Help Net Security (Astus d.o.o.), All rights reserved. You are receiving (IN)SECURE Newsletter because you opted in at our web site located on https://www.helpnetsecurity.com. Note: Sometimes we send promotional maildrops to our list. We never share your details with anyone! We really send a limited number of maildrops per year, so we hope you won't unsbscribe because of them. Thanks in advance! Our mailing address is: Help Net Security (Astus d.o.o.) Kastav Kastav 51215 Croatia Add us to your address book Want to change how you receive these emails? You can update your preferences or unsubscribe from this list.