Hot stuff

Zscaler CISO on balancing security and user convenience in hybrid work environments

CISO, cybersecurity, data loss prevention, Don't miss, Features, Hot stuff, hybrid workforce, News, opinion, regulation, remote working, security controls, strategy, zero trust, Zscaler /

Zscaler CISO on balancing security and user convenience in hybrid work environments 2025-01-30 at 07:33 By Mirko Zorz In this Help Net Security interview, Sean Cordero, CISO at Zscaler, talks about securing hybrid work and the new challenges it presents to cybersecurity teams. He discusses how hybrid work has exposed gaps in traditional security models […]

React to this headline:

Loading spinner

Zscaler CISO on balancing security and user convenience in hybrid work environments Read More »

Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891)

Censys, Don't miss, GreyNoise, Hot stuff, News, VulnCheck, vulnerability, Zyxel /

Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) 2025-01-29 at 18:32 By Zeljka Zorz CVE-2024-40891, a command injection vulnerability in Zyxel CPE Series telecommunications devices that has yet to be fixed by the manufacturer, is being targeted by attackers, cybersecurity company Greynoise has warned. Successful exploitation would allow attackers to execute

React to this headline:

Loading spinner

Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) Read More »

DeepSeek’s popularity exploited by malware peddlers, scammers

Artificial Intelligence, China, consumer, data security, DeepSeek, Don't miss, enterprise, Hot stuff, KELA, LLMs, Malware, News, Privacy, threat /

DeepSeek’s popularity exploited by malware peddlers, scammers 2025-01-29 at 15:18 By Zeljka Zorz As US-based AI companies struggle with the news that the recently released Chinese-made open source DeepSeek-R1 reasoning model performs as well as theirs for a fraction of the cost, users are rushing to try out DeepSeek’s AI tool. In the process, they

React to this headline:

Loading spinner

DeepSeek’s popularity exploited by malware peddlers, scammers Read More »

Preparing financial institutions for the next generation of cyber threats

cybersecurity, Data Protection, Don't miss, Features, financial industry, fraud, Hot stuff, News, opinion, regulation, threats, Visa /

Preparing financial institutions for the next generation of cyber threats 2025-01-29 at 07:34 By Mirko Zorz In this Help Net Security interview, James Mirfin, SVP and Head of Risk and Identity Solutions at Visa, discusses key priorities for leaders combating fraud, the next-generation threats institutions must prepare for, and the role of collaboration between financial

React to this headline:

Loading spinner

Preparing financial institutions for the next generation of cyber threats Read More »

SEC and FCA fines: Issues jump

communication, Compliance, cybersecurity, Don't miss, financial industry, Hot stuff, MirrorWeb, Video /

SEC and FCA fines: Issues jump 2025-01-29 at 06:33 By Help Net Security The financial sector faces communication compliance challenges as organizations struggle to maintain oversight across communication channels. Adding to the complexity is the unexpected rise of unconventional platforms, such as Snapchat, used for business operations. In this Help Net Security video, David Clee,

React to this headline:

Loading spinner

SEC and FCA fines: Issues jump Read More »

Europeans targeted with new Tor-using backdoor and infostealers

Cisco, Don't miss, Europe, Hot stuff, Malware, News, phishing /

Europeans targeted with new Tor-using backdoor and infostealers 2025-01-28 at 15:04 By Zeljka Zorz A financially motivated threat actor has been targeting German and Polish-speaking users with info-stealing malware and TorNet, a previously undocumented .NET backdoor that leverages the Tor network to evade detection. The phishing email The attacker sends out fake money transfer confirmations

React to this headline:

Loading spinner

Europeans targeted with new Tor-using backdoor and infostealers Read More »

Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085)

0-day, apple, Don't miss, Hot stuff, iOS, iPad, macOS, News, security update /

Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085) 2025-01-28 at 13:18 By Zeljka Zorz Apple has shipped a fix for a zero-day vulnerability (CVE-2025-24085) that is being leveraged by attackers against iPhone users. About CVE-2025-24085 CVE-2025-24085 is a use after free bug in CoreMedia, a framework used by Apple devices for the processing of

React to this headline:

Loading spinner

Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085) Read More »

5,000+ SonicWall firewalls still open to attack (CVE-2024-53704)

Bishop Fox, CVE, Don't miss, enterprise, Hot stuff, News, security update, SMBs, SonicWall, vulnerability /

5,000+ SonicWall firewalls still open to attack (CVE-2024-53704) 2025-01-27 at 17:20 By Zeljka Zorz 5,000+ SonicWall firewalls are still vulnerable to attack via a high-severity vulnerability (CVE-2024-53704) that, according to SonicWall, should be considered “at imminent risk of exploitation”. The warning came last week from Bishop Fox researchers, after they successfully exploited the vulnerability on

React to this headline:

Loading spinner

5,000+ SonicWall firewalls still open to attack (CVE-2024-53704) Read More »

Don’t let these open-source cybersecurity tools slip under your radar

Android, cybersecurity, Don't miss, GitHub, Hot stuff, Linux, macOS, News, open source, software, Windows /

Don’t let these open-source cybersecurity tools slip under your radar 2025-01-27 at 07:07 By Help Net Security This article showcases free, open-source cybersecurity tools that help you identify and address vulnerabilities, detect intrusion, protect websites from cyber attacks, monitor and detect suspicious activities across your network. Am I Isolated: Open-source container security benchmark Am I

React to this headline:

Loading spinner

Don’t let these open-source cybersecurity tools slip under your radar Read More »

Cyber trends set to influence business strategies

boardroom, cyber risk, cybersecurity, data security, Diligent, Don't miss, fraud, generative AI, Hot stuff, predictions, strategy, Video /

Cyber trends set to influence business strategies 2025-01-27 at 06:42 By Help Net Security Diligent convened a group of 65 board members, C-suite executives, and leading subject matter experts to explore topics shaping the future of business: generative AI, cybersecurity and data privacy, geopolitical risk, and financial fraud and abuse. In this Help Net Security

React to this headline:

Loading spinner

Cyber trends set to influence business strategies Read More »

North Korean IT workers are extorting employers, FBI warns

data theft, Don't miss, enterprise, extortion, Hot stuff, News, North Korea, USA /

North Korean IT workers are extorting employers, FBI warns 2025-01-24 at 16:48 By Zeljka Zorz The FBI is on a mission to raise awareness about the threat that North Korean IT workers present to organizations in the US and around the world. While corporate espionage comes to mind first, the threat goes beyond that: “In

React to this headline:

Loading spinner

North Korean IT workers are extorting employers, FBI warns Read More »

Nearly half of CISOs now report to CEOs, showing their rising influence

boardroom, CISO, Hot stuff, News, report, Splunk, strategy, survey /

Nearly half of CISOs now report to CEOs, showing their rising influence 2025-01-24 at 07:33 By Industry News The CISO’s rise to the C-suite comes with more engagement with the boardroom, an audience with the CEO, and the power to make strategic decisions for the business, according to Splunk. CISOs report to the C-suite (Source:

React to this headline:

Loading spinner

Nearly half of CISOs now report to CEOs, showing their rising influence Read More »

Juniper enterprise routers backdoored via “magic packet” malware

backdoor, Don't miss, enterprise, Hot stuff, Juniper Networks, Linux, Lumen, Malware, News, router /

Juniper enterprise routers backdoored via “magic packet” malware 2025-01-23 at 20:05 By Zeljka Zorz A stealthy attack campaign turned Juniper enterprise-grade routers into entry points to corporate networks via the “J-magic” backdoor, which is loaded into the devices’ memory and spawns a reverse shell when instructed to do so. “Our telemetry indicates the J-magic campaign

React to this headline:

Loading spinner

Juniper enterprise routers backdoored via “magic packet” malware Read More »

Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw

Cisco, Don't miss, Hot stuff, News, PoC, security update, video conferencing, vulnerability /

Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw 2025-01-23 at 15:03 By Zeljka Zorz Cisco has released patches for a critical privilege escalation vulnerability in Meeting Management (CVE-2025-20156) and a heap-based buffer overflow flaw (CVE-2025-20128) that, when triggered, could terminate the ClamAV scanning process on endpoints running a Cisco Secure Endpoint

React to this headline:

Loading spinner

Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw Read More »

SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006)

0-day, Don't miss, enterprise, Hot stuff, Microsoft, News, secure access, security update, SonicWall /

SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006) 2025-01-23 at 11:03 By Zeljka Zorz A critical zero-day vulnerability (CVE-2025-23006) affecting SonicWall Secure Mobile Access (SMA) 1000 Series appliances is being exploited by attackers. “We strongly advises users of the SMA1000 product to upgrade to the hotfix release version to address the vulnerability,” the company said

React to this headline:

Loading spinner

SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006) Read More »

Defense strategies to counter escalating hybrid attacks

attacks, cybercriminals, cybersecurity, Don't miss, Features, Hot stuff, Malware, News, opinion, strategy, Threat Intelligence, Trellix /

Defense strategies to counter escalating hybrid attacks 2025-01-23 at 07:33 By Zeljka Zorz In this Help Net Security interview, Tomer Shloman, Sr. Security Researcher at Trellix, talks about attack attribution, outlines solutions for recognizing hybrid threats, and offers advice on how organizations can protect themselves against hybrid attacks. What are the most promising technologies or

React to this headline:

Loading spinner

Defense strategies to counter escalating hybrid attacks Read More »

Funding soars in a milestone year for Israeli cybersecurity

cybersecurity, Don't miss, Hot stuff, investment, security startup, Video, YL Ventures /

Funding soars in a milestone year for Israeli cybersecurity 2025-01-23 at 06:03 By Help Net Security In this Help Net Security video, Or Salom, Analyst at YL Ventures, discusses the State of the Cyber Nation Report 2024. The report reveals resilience and growth in the Israeli cybersecurity industry, with total investments reaching $4 billion across

React to this headline:

Loading spinner

Funding soars in a milestone year for Israeli cybersecurity Read More »

Mirai botnet behind the largest DDoS attack to date

attacks, botnet, cybercrime, DDoS, Don't miss, Hot stuff, Internet of Things, News /

Mirai botnet behind the largest DDoS attack to date 2025-01-22 at 17:20 By Zeljka Zorz Researchers have uncovered two Mirai-based botnets harnessing Internet of Things (IoT) devices to DDoS target organizations around the world. The Murdoc botnet Qualys researchers have laid bare the “Murdoc” botnet, consisting of some 1,300 IoT devices saddled with a variant

React to this headline:

Loading spinner

Mirai botnet behind the largest DDoS attack to date Read More »

48,000+ internet-facing Fortinet firewalls still open to attack

Arctic Wolf Networks, Asia, Don't miss, enterprise, firewall, Fortinet, Hot stuff, Kroll, News, Shadowserver, USA /

48,000+ internet-facing Fortinet firewalls still open to attack 2025-01-22 at 14:34 By Zeljka Zorz Despite last week’s confirmation of and warnings about long-standing exploitation of CVE-2024-55591, a critical vulnerability affecting Fortinet Fortigate firewalls, too many vulnerable devices are still accessible from the Internet and open to attack: over 48,000, according to data from the Shadowserver

React to this headline:

Loading spinner

48,000+ internet-facing Fortinet firewalls still open to attack Read More »

Acronis CISO on why backup strategies fail and how to make them resilient

Acronis, automation, backup, cybersecurity, disaster recovery, Don't miss, Features, Hot stuff, News, opinion, strategy, tips /

Acronis CISO on why backup strategies fail and how to make them resilient 2025-01-22 at 07:07 By Mirko Zorz In this Help Net Security interview, Gerald Beuchelt, CISO at Acronis, discusses common backup strategy pitfalls, reasons for backup failures, and offers actionable advice for organizations looking to improve their backup and recovery processes. The post

React to this headline:

Loading spinner

Acronis CISO on why backup strategies fail and how to make them resilient Read More »

Scroll to Top