Don’t miss

Don’t let these open-source cybersecurity tools slip under your radar

Android, cybersecurity, Don't miss, GitHub, Hot stuff, Linux, macOS, News, open source, software, Windows /

Don’t let these open-source cybersecurity tools slip under your radar 2025-01-27 at 07:07 By Help Net Security This article showcases free, open-source cybersecurity tools that help you identify and address vulnerabilities, detect intrusion, protect websites from cyber attacks, monitor and detect suspicious activities across your network. Am I Isolated: Open-source container security benchmark Am I […]

React to this headline:

Loading spinner

Don’t let these open-source cybersecurity tools slip under your radar Read More »

Cyber trends set to influence business strategies

boardroom, cyber risk, cybersecurity, data security, Diligent, Don't miss, fraud, generative AI, Hot stuff, predictions, strategy, Video /

Cyber trends set to influence business strategies 2025-01-27 at 06:42 By Help Net Security Diligent convened a group of 65 board members, C-suite executives, and leading subject matter experts to explore topics shaping the future of business: generative AI, cybersecurity and data privacy, geopolitical risk, and financial fraud and abuse. In this Help Net Security

React to this headline:

Loading spinner

Cyber trends set to influence business strategies Read More »

How to use Apple’s App Privacy Report to monitor data tracking

apple, cybersecurity, Don't miss, how-to, News, Privacy /

How to use Apple’s App Privacy Report to monitor data tracking 2025-01-27 at 06:03 By Help Net Security The App Privacy Report, which Apple introduced in iOS 15.2, allows users to monitor how apps access data and interact with third-party services. The report provides an in-depth analysis of the types of sensitive data accessed by

React to this headline:

Loading spinner

How to use Apple’s App Privacy Report to monitor data tracking Read More »

North Korean IT workers are extorting employers, FBI warns

data theft, Don't miss, enterprise, extortion, Hot stuff, News, North Korea, USA /

North Korean IT workers are extorting employers, FBI warns 2025-01-24 at 16:48 By Zeljka Zorz The FBI is on a mission to raise awareness about the threat that North Korean IT workers present to organizations in the US and around the world. While corporate espionage comes to mind first, the threat goes beyond that: “In

React to this headline:

Loading spinner

North Korean IT workers are extorting employers, FBI warns Read More »

GUI frontends for GnuPG, the free implementation of the OpenPGP standard

Don't miss, Encryption, GitHub, Linux, News, open source, software /

GUI frontends for GnuPG, the free implementation of the OpenPGP standard 2025-01-24 at 07:20 By Help Net Security GnuPG is a free and comprehensive implementation of the OpenPGP standard. It enables encryption and signing of data and communications, featuring a key management system and support for public key directories. While primarily a command-line tool, GnuPG

React to this headline:

Loading spinner

GUI frontends for GnuPG, the free implementation of the OpenPGP standard Read More »

Juniper enterprise routers backdoored via “magic packet” malware

backdoor, Don't miss, enterprise, Hot stuff, Juniper Networks, Linux, Lumen, Malware, News, router /

Juniper enterprise routers backdoored via “magic packet” malware 2025-01-23 at 20:05 By Zeljka Zorz A stealthy attack campaign turned Juniper enterprise-grade routers into entry points to corporate networks via the “J-magic” backdoor, which is loaded into the devices’ memory and spawns a reverse shell when instructed to do so. “Our telemetry indicates the J-magic campaign

React to this headline:

Loading spinner

Juniper enterprise routers backdoored via “magic packet” malware Read More »

Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw

Cisco, Don't miss, Hot stuff, News, PoC, security update, video conferencing, vulnerability /

Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw 2025-01-23 at 15:03 By Zeljka Zorz Cisco has released patches for a critical privilege escalation vulnerability in Meeting Management (CVE-2025-20156) and a heap-based buffer overflow flaw (CVE-2025-20128) that, when triggered, could terminate the ClamAV scanning process on endpoints running a Cisco Secure Endpoint

React to this headline:

Loading spinner

Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw Read More »

SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006)

0-day, Don't miss, enterprise, Hot stuff, Microsoft, News, secure access, security update, SonicWall /

SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006) 2025-01-23 at 11:03 By Zeljka Zorz A critical zero-day vulnerability (CVE-2025-23006) affecting SonicWall Secure Mobile Access (SMA) 1000 Series appliances is being exploited by attackers. “We strongly advises users of the SMA1000 product to upgrade to the hotfix release version to address the vulnerability,” the company said

React to this headline:

Loading spinner

SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006) Read More »

Defense strategies to counter escalating hybrid attacks

attacks, cybercriminals, cybersecurity, Don't miss, Features, Hot stuff, Malware, News, opinion, strategy, Threat Intelligence, Trellix /

Defense strategies to counter escalating hybrid attacks 2025-01-23 at 07:33 By Zeljka Zorz In this Help Net Security interview, Tomer Shloman, Sr. Security Researcher at Trellix, talks about attack attribution, outlines solutions for recognizing hybrid threats, and offers advice on how organizations can protect themselves against hybrid attacks. What are the most promising technologies or

React to this headline:

Loading spinner

Defense strategies to counter escalating hybrid attacks Read More »

Web Cache Vulnerability Scanner: Open-source tool for detecting web cache poisoning

Don't miss, GitHub, News, open source, software /

Web Cache Vulnerability Scanner: Open-source tool for detecting web cache poisoning 2025-01-23 at 07:03 By Help Net Security The Web Cache Vulnerability Scanner (WCVS) is an open-source command-line tool for detecting web cache poisoning and deception. The scanner, developed by Maximilian Hildebrand, offers extensive support for various web cache poisoning and deception techniques. It features

React to this headline:

Loading spinner

Web Cache Vulnerability Scanner: Open-source tool for detecting web cache poisoning Read More »

Funding soars in a milestone year for Israeli cybersecurity

cybersecurity, Don't miss, Hot stuff, investment, security startup, Video, YL Ventures /

Funding soars in a milestone year for Israeli cybersecurity 2025-01-23 at 06:03 By Help Net Security In this Help Net Security video, Or Salom, Analyst at YL Ventures, discusses the State of the Cyber Nation Report 2024. The report reveals resilience and growth in the Israeli cybersecurity industry, with total investments reaching $4 billion across

React to this headline:

Loading spinner

Funding soars in a milestone year for Israeli cybersecurity Read More »

Stratoshark: Wireshark for the cloud – now available!

Cloud, Don't miss, News, open source, penetration testing, software, Sysdig, wireless, Wireshark /

Stratoshark: Wireshark for the cloud – now available! 2025-01-22 at 20:33 By Help Net Security Stratoshark is an innovative open-source tool that brings Wireshark’s detailed network visibility to the cloud, providing users with a standardized approach to cloud observability. Stratoshark incorporates much of Wireshark’s codebase, including its user interface elements. The interface and workflows will

React to this headline:

Loading spinner

Stratoshark: Wireshark for the cloud – now available! Read More »

Mirai botnet behind the largest DDoS attack to date

attacks, botnet, cybercrime, DDoS, Don't miss, Hot stuff, Internet of Things, News /

Mirai botnet behind the largest DDoS attack to date 2025-01-22 at 17:20 By Zeljka Zorz Researchers have uncovered two Mirai-based botnets harnessing Internet of Things (IoT) devices to DDoS target organizations around the world. The Murdoc botnet Qualys researchers have laid bare the “Murdoc” botnet, consisting of some 1,300 IoT devices saddled with a variant

React to this headline:

Loading spinner

Mirai botnet behind the largest DDoS attack to date Read More »

48,000+ internet-facing Fortinet firewalls still open to attack

Arctic Wolf Networks, Asia, Don't miss, enterprise, firewall, Fortinet, Hot stuff, Kroll, News, Shadowserver, USA /

48,000+ internet-facing Fortinet firewalls still open to attack 2025-01-22 at 14:34 By Zeljka Zorz Despite last week’s confirmation of and warnings about long-standing exploitation of CVE-2024-55591, a critical vulnerability affecting Fortinet Fortigate firewalls, too many vulnerable devices are still accessible from the Internet and open to attack: over 48,000, according to data from the Shadowserver

React to this headline:

Loading spinner

48,000+ internet-facing Fortinet firewalls still open to attack Read More »

Acronis CISO on why backup strategies fail and how to make them resilient

Acronis, automation, backup, cybersecurity, disaster recovery, Don't miss, Features, Hot stuff, News, opinion, strategy, tips /

Acronis CISO on why backup strategies fail and how to make them resilient 2025-01-22 at 07:07 By Mirko Zorz In this Help Net Security interview, Gerald Beuchelt, CISO at Acronis, discusses common backup strategy pitfalls, reasons for backup failures, and offers actionable advice for organizations looking to improve their backup and recovery processes. The post

React to this headline:

Loading spinner

Acronis CISO on why backup strategies fail and how to make them resilient Read More »

Ransomware attackers are “vishing” organizations via Microsoft Teams

Don't miss, enterprise, Hot stuff, Microsoft 365, Microsoft Teams, News, Ransomware, remote access, SMBs, social engineering, Sophos /

Ransomware attackers are “vishing” organizations via Microsoft Teams 2025-01-21 at 14:10 By Zeljka Zorz The “email bombing + posing as tech support via Microsoft Teams” combination is proving fruitful for two threat actors looking to deliver ransomware to organizations, and they seem to be ramping up their efforts. “Sophos MDR has observed more than 15

React to this headline:

Loading spinner

Ransomware attackers are “vishing” organizations via Microsoft Teams Read More »

Scam Yourself attacks: How social engineering is evolving

cybersecurity, Don't miss, Expert analysis, Expert corner, Fortra, Hot stuff, News, opinion, scams, social engineering, threats /

Scam Yourself attacks: How social engineering is evolving 2025-01-21 at 07:30 By Help Net Security We’ve entered a new era where verification must come before trust, and for good reason. Cyber threats are evolving rapidly, and one of the trends getting a fresh reboot in 2025 is the “scam yourself” attacks. These aren’t your run-of-the-mill

React to this headline:

Loading spinner

Scam Yourself attacks: How social engineering is evolving Read More »

Addressing the intersection of cyber and physical security threats

Artificial Intelligence, Bitdefender, Compliance, critical infrastructure, cybersecurity, Don't miss, Features, Hot stuff, IoT, News, opinion, quantum computing, standards, strategy, threats, tips /

Addressing the intersection of cyber and physical security threats 2025-01-21 at 07:05 By Mirko Zorz In this Help Net Security, Nicholas Jackson, Director of Cyber Operations at Bitdefender, discusses how technologies like AI, quantum computing, and IoT are reshaping cybersecurity. He shares his perspective on the new threats these advancements bring and offers practical advice

React to this headline:

Loading spinner

Addressing the intersection of cyber and physical security threats Read More »

Fleet: Open-source platform for IT and security teams

Don't miss, News /

Fleet: Open-source platform for IT and security teams 2025-01-21 at 06:33 By Mirko Zorz Fleet is an open-source platform for IT and security teams managing thousands of computers. It’s designed to work seamlessly with APIs, GitOps, webhooks, and YAML configurations. Fleet provides a single platform to secure and maintain all computing devices over the air.

React to this headline:

Loading spinner

Fleet: Open-source platform for IT and security teams Read More »

CERT-UA warns against “security audit” requests via AnyDesk

AnyDesk, CERT-UA, Don't miss, Hot stuff, News, remote access, social engineering, Ukraine /

CERT-UA warns against “security audit” requests via AnyDesk 2025-01-20 at 11:34 By Zeljka Zorz Attackers are impersonating the Computer Emergency Response Team of Ukraine (CERT-UA) via AnyDesk to gain access to target computers. The request (Source: CERT-UA) “Unidentified individuals are sending connection requests via AnyDesk under the pretext of conducting a ‘security audit to verify

React to this headline:

Loading spinner

CERT-UA warns against “security audit” requests via AnyDesk Read More »

Scroll to Top