Complying with PCI DSS requirements by 2025 2024-09-02 at 12:31 By Help Net Security Version 4.0.1 of the Payment Card Industry Data Security Standard (PCI DSS), which came into effect back in April, incorporates a few important changes to make it fit for the modern digital world, addressing how technologies, the threat landscape and payment […]
React to this headline:
Complying with PCI DSS requirements by 2025 Read More »
Damn Vulnerable UEFI: Simulate real-world firmware attacks 2024-09-02 at 07:31 By Help Net Security Damn Vulnerable UEFI (DVUEFI) is an open-source exploitation toolkit and learning platform for unveiling and fixing UEFI firmware vulnerabilities. Simulate real-world firmware attacks DVUEFI was created to assist ethical hackers, security researchers, and firmware enthusiasts in beginning their journey into UEFI
React to this headline:
Damn Vulnerable UEFI: Simulate real-world firmware attacks Read More »
How RansomHub went from zero to 210 victims in six months 2024-08-30 at 15:16 By Zeljka Zorz RansomHub, a ransomware-as-a-service (RaaS) outfit that “popped up” earlier this year, has already amassed at least 210 victims (that we know of). Its affiliates have hit government services, IT and communication companies, healthcare institutions, financial organizations, emergency services,
React to this headline:
How RansomHub went from zero to 210 victims in six months Read More »
Sinon: Open-source automatic generative burn-in for Windows deception hosts 2024-08-30 at 07:01 By Mirko Zorz Sinon is an open-source, modular tool for the automatic burn-in of Windows-based deception hosts. It aims to reduce the difficulty of orchestrating deception hosts at scale while enabling diversity and randomness through generative capabilities. Sinon is designed to automate the
React to this headline:
Sinon: Open-source automatic generative burn-in for Windows deception hosts Read More »
Midnight Blizzard delivered iOS, Chrome exploits via compromised government websites 2024-08-29 at 16:16 By Zeljka Zorz Suspected Russian hackers have been hitting iPhone and Android users visiting government websites with exploits first leveraged by commercial surveillance vendors, Google TAG researchers shared. The watering hole campaigns Between November 2023 and July 2024, threat actors have repeatedly
React to this headline:
Midnight Blizzard delivered iOS, Chrome exploits via compromised government websites Read More »
The NIS2 Directive: How far does it reach? 2024-08-29 at 07:31 By Help Net Security The NIS2 Directive is one of the most recent efforts of the EU legislator to boost cybersecurity across the bloc and to keep up with the challenges of an increasingly digitalized society and growing cyber threats. As the name implies,
React to this headline:
The NIS2 Directive: How far does it reach? Read More »
Pioneer Kitten: Iranian hackers partnering with ransomware affiliates 2024-08-28 at 19:46 By Zeljka Zorz A group of Iranian hackers – dubbed Pioneer Kitten by cybersecurity researchers – is straddling the line between state-contracted cyber espionage group and initial access provider (and partner in crime) for affiliates of several ransomware groups. “The FBI assesses these actors
React to this headline:
Pioneer Kitten: Iranian hackers partnering with ransomware affiliates Read More »
BlackByte affiliates use new encryptor and new TTPs 2024-08-28 at 13:16 By Zeljka Zorz BlackByte, the ransomware-as-a-service gang believed to be one of Conti’s splinter groups, has (once again) created a new iteration of its encryptor. “Talos observed some differences in the recent BlackByte attacks. Most notably, encrypted files across all victims were rewritten with
React to this headline:
BlackByte affiliates use new encryptor and new TTPs Read More »
Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633) 2024-08-28 at 12:02 By Zeljka Zorz Organizations using Fortra’s FileCatalyst Workflow are urged to upgrade their instances, so that attackers can’t access an internal HSQL database by exploiting known static credentials (CVE-2024-6633). “Once logged in to the HSQLDB, the attacker can perform malicious operations in the database. For
React to this headline:
Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633) Read More »
APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262) 2024-08-28 at 12:02 By Help Net Security ESET researchers discovered a remote code execution vulnerability in WPS Office for Windows (CVE-2024-7262). APT-C-60, a South Korea-aligned cyberespionage group, was exploiting it to target East Asian countries. When examining the root cause, ESET discovered another way to
React to this headline:
APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262) Read More »
Cryptomator: Open-source cloud storage encryption 2024-08-28 at 07:31 By Mirko Zorz Cryptomator offers open-source, client-side encryption of your files in the cloud. It’s available for Windows, Linux, macOS and iOS. Cryptomator works with Dropbox, Google Drive, OneDrive, MEGA, pCloud, ownCloud, Nextcloud, and any other cloud storage service that synchronizes with a local directory. Key features
React to this headline:
Cryptomator: Open-source cloud storage encryption Read More »
Cybersecurity jobs available right now: August 28, 2024 2024-08-28 at 07:01 By Mirko Zorz Business Information Security Officer Toyota North America | USA | On-site – View job details Acting as an Information Security ambassador to the business, this role works with technology, data, risk, business, and the larger TFS Information Security team to provide
React to this headline:
Cybersecurity jobs available right now: August 28, 2024 Read More »
Versa Director zero-day exploited to compromise ISPs, MSPs (CVE-2024-39717) 2024-08-27 at 19:01 By Zeljka Zorz Advanced, persistent attackers have exploited a zero-day vulnerability (CVE-2024-39717) in Versa Director to compromise US-based managed service providers with a custom-made web shell dubbed VersaMem by the researchers. The malware harvests credentials enabling the attackers to access the providers’ downstream
React to this headline:
Versa Director zero-day exploited to compromise ISPs, MSPs (CVE-2024-39717) Read More »
How to prioritize data privacy in core customer-facing systems 2024-08-27 at 07:45 By Help Net Security Evolving global data privacy regulations are keeping marketers on their toes. In April 2024, the American Privacy Rights Act (APRA) was introduced in the Senate. The proposed bill would create a federal consumer privacy framework akin to the GDPR,
React to this headline:
How to prioritize data privacy in core customer-facing systems Read More »
Behind the scenes of Serious Cryptography 2024-08-27 at 07:45 By Mirko Zorz In this Help Net Security interview, Jean-Philippe Aumasson, discusses the writing and research process for Serious Cryptography, his latest book. With a career steeped in research and practical cryptography, Aumasson offers a rare glimpse into the efforts required to distill complex concepts into
React to this headline:
Behind the scenes of Serious Cryptography Read More »
SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766) 2024-08-26 at 21:32 By Zeljka Zorz SonicWall has patched a critical vulnerability (CVE-2024-40766) in its next-gen firewalls that could allow remote attackers unauthorized access to resources and, in specific conditions, to crash the appliances. About CVE-2024-40766 CVE-2024-40766 is an improper access control vulnerability in the “SonicWall SonicOS
React to this headline:
SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766) Read More »
Two strategies to protect your business from the next large-scale tech failure 2024-08-26 at 06:47 By Help Net Security The CrowdStrike event in July clearly demonstrated the risks of allowing a software vendor deep access to network infrastructure. It also raised concerns about the concentration of digital services in the hands of a few companies.
React to this headline:
Two strategies to protect your business from the next large-scale tech failure Read More »
Nuclei: Open-source vulnerability scanner 2024-08-26 at 06:31 By Help Net Security Nuclei is a fast and customizable open-source vulnerability scanner powered by YAML-based templates. With its flexible templating system, Nuclei can be adapted to perform various security checks. It can send requests to multiple targets using customizable templates, ensuring zero false positives and enabling rapid
React to this headline:
Nuclei: Open-source vulnerability scanner Read More »
Rebrand, regroup, ransomware, repeat 2024-08-26 at 06:01 By Help Net Security Changes witnessed over the last few years have led to larger ransomware groups breaking into smaller units, posing more considerable challenges for law enforcement. Ransomware actors are evading arrest more easily and adapting methods with innovative technologies. In this Help Net Security video, Shobhit
React to this headline:
Rebrand, regroup, ransomware, repeat Read More »
Another critical SolarWinds Web Help Desk bug fixed (CVE-2024-28987) 2024-08-23 at 13:31 By Zeljka Zorz A week after SolarWinds released a fix for a critical code-injection-to-RCE vulnerability (CVE-2024-28986) in Web Help Desk (WHD), another patch for another critical flaw (CVE-2024-28987) in the company’s IT help desk solution has been pushed out. CVE-2024-28987 CVE-2024-28987 stems from
React to this headline:
Another critical SolarWinds Web Help Desk bug fixed (CVE-2024-28987) Read More »