Hot stuff

Sinon: Open-source automatic generative burn-in for Windows deception hosts

Don't miss, GitHub, Hot stuff, News, open source, software /

Sinon: Open-source automatic generative burn-in for Windows deception hosts 2024-08-30 at 07:01 By Mirko Zorz Sinon is an open-source, modular tool for the automatic burn-in of Windows-based deception hosts. It aims to reduce the difficulty of orchestrating deception hosts at scale while enabling diversity and randomness through generative capabilities. Sinon is designed to automate the […]

React to this headline:

Loading spinner

Sinon: Open-source automatic generative burn-in for Windows deception hosts Read More »

Midnight Blizzard delivered iOS, Chrome exploits via compromised government websites

APT, Don't miss, exploit, Government, government-backed attacks, Hot stuff, Malware, News, Russian Federation /

Midnight Blizzard delivered iOS, Chrome exploits via compromised government websites 2024-08-29 at 16:16 By Zeljka Zorz Suspected Russian hackers have been hitting iPhone and Android users visiting government websites with exploits first leveraged by commercial surveillance vendors, Google TAG researchers shared. The watering hole campaigns Between November 2023 and July 2024, threat actors have repeatedly

React to this headline:

Loading spinner

Midnight Blizzard delivered iOS, Chrome exploits via compromised government websites Read More »

The NIS2 Directive: How far does it reach?

cybersecurity, Don't miss, EU, Expert analysis, Expert corner, Hot stuff, Hunton Andrews Kurth, legislation, News, opinion, regulation, strategy /

The NIS2 Directive: How far does it reach? 2024-08-29 at 07:31 By Help Net Security The NIS2 Directive is one of the most recent efforts of the EU legislator to boost cybersecurity across the bloc and to keep up with the challenges of an increasingly digitalized society and growing cyber threats. As the name implies,

React to this headline:

Loading spinner

The NIS2 Directive: How far does it reach? Read More »

Why ransomware attackers target Active Directory

Active Directory, CISO, cybersecurity, Hot stuff, how-to, News, strategy, tips, Video /

Why ransomware attackers target Active Directory 2024-08-29 at 07:02 By Help Net Security Ransomware attacks have surged 78% year-over-year, affecting various sectors and organizations and significantly impacting supply chains. In this Help, Net Security video, Craig Birch, Technology Evangelist, and Principal Security Engineer at Cayosoft, discusses the rise of ransomware attacks, why attackers often target

React to this headline:

Loading spinner

Why ransomware attackers target Active Directory Read More »

BlackByte affiliates use new encryptor and new TTPs

Cisco, cybercrime, Don't miss, Hot stuff, Malware, manufacturing sector, News, Ransomware, threats, transportation /

BlackByte affiliates use new encryptor and new TTPs 2024-08-28 at 13:16 By Zeljka Zorz BlackByte, the ransomware-as-a-service gang believed to be one of Conti’s splinter groups, has (once again) created a new iteration of its encryptor. “Talos observed some differences in the recent BlackByte attacks. Most notably, encrypted files across all victims were rewritten with

React to this headline:

Loading spinner

BlackByte affiliates use new encryptor and new TTPs Read More »

Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633)

credentials, Don't miss, Dynatrace, enterprise, file-sharing, Fortra, Hot stuff, News, SQL injection, Tenable, vulnerability /

Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633) 2024-08-28 at 12:02 By Zeljka Zorz Organizations using Fortra’s FileCatalyst Workflow are urged to upgrade their instances, so that attackers can’t access an internal HSQL database by exploiting known static credentials (CVE-2024-6633). “Once logged in to the HSQLDB, the attacker can perform malicious operations in the database. For

React to this headline:

Loading spinner

Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633) Read More »

APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262)

APT, CVE, cybercrime, Don't miss, ESET, exploit, Hot stuff, News, Windows /

APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262) 2024-08-28 at 12:02 By Help Net Security ESET researchers discovered a remote code execution vulnerability in WPS Office for Windows (CVE-2024-7262). APT-C-60, a South Korea-aligned cyberespionage group, was exploiting it to target East Asian countries. When examining the root cause, ESET discovered another way to

React to this headline:

Loading spinner

APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262) Read More »

Cryptomator: Open-source cloud storage encryption

Cloud, cloud security, Don't miss, Encryption, Hot stuff, News, open source, Privacy, software /

Cryptomator: Open-source cloud storage encryption 2024-08-28 at 07:31 By Mirko Zorz Cryptomator offers open-source, client-side encryption of your files in the cloud. It’s available for Windows, Linux, macOS and iOS. Cryptomator works with Dropbox, Google Drive, OneDrive, MEGA, pCloud, ownCloud, Nextcloud, and any other cloud storage service that synchronizes with a local directory. Key features

React to this headline:

Loading spinner

Cryptomator: Open-source cloud storage encryption Read More »

Cybersecurity jobs available right now: August 28, 2024

cybersecurity jobs, Don't miss, Hot stuff, News /

Cybersecurity jobs available right now: August 28, 2024 2024-08-28 at 07:01 By Mirko Zorz Business Information Security Officer Toyota North America | USA | On-site – View job details Acting as an Information Security ambassador to the business, this role works with technology, data, risk, business, and the larger TFS Information Security team to provide

React to this headline:

Loading spinner

Cybersecurity jobs available right now: August 28, 2024 Read More »

Versa Director zero-day exploited to compromise ISPs, MSPs (CVE-2024-39717)

0-day, APT, Don't miss, Hot stuff, ISP, Lumen, Malware, misconfiguration, MSP, News, USA, Versa Networks, web shell /

Versa Director zero-day exploited to compromise ISPs, MSPs (CVE-2024-39717) 2024-08-27 at 19:01 By Zeljka Zorz Advanced, persistent attackers have exploited a zero-day vulnerability (CVE-2024-39717) in Versa Director to compromise US-based managed service providers with a custom-made web shell dubbed VersaMem by the researchers. The malware harvests credentials enabling the attackers to access the providers’ downstream

React to this headline:

Loading spinner

Versa Director zero-day exploited to compromise ISPs, MSPs (CVE-2024-39717) Read More »

How to prioritize data privacy in core customer-facing systems

cybersecurity, data, Don't miss, Expert analysis, Expert corner, Hot stuff, MetaRouter, News, opinion, Privacy, strategy /

How to prioritize data privacy in core customer-facing systems 2024-08-27 at 07:45 By Help Net Security Evolving global data privacy regulations are keeping marketers on their toes. In April 2024, the American Privacy Rights Act (APRA) was introduced in the Senate. The proposed bill would create a federal consumer privacy framework akin to the GDPR,

React to this headline:

Loading spinner

How to prioritize data privacy in core customer-facing systems Read More »

Behind the scenes of Serious Cryptography

books, cybersecurity, Don't miss, Encryption, Features, Hot stuff, how-to, News, No Starch Press, opinion, tips /

Behind the scenes of Serious Cryptography 2024-08-27 at 07:45 By Mirko Zorz In this Help Net Security interview, Jean-Philippe Aumasson, discusses the writing and research process for Serious Cryptography, his latest book. With a career steeped in research and practical cryptography, Aumasson offers a rare glimpse into the efforts required to distill complex concepts into

React to this headline:

Loading spinner

Behind the scenes of Serious Cryptography Read More »

SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766)

access control, CVE, Don't miss, firewall, Hot stuff, News, security update, SonicWall, vulnerability /

SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766) 2024-08-26 at 21:32 By Zeljka Zorz SonicWall has patched a critical vulnerability (CVE-2024-40766) in its next-gen firewalls that could allow remote attackers unauthorized access to resources and, in specific conditions, to crash the appliances. About CVE-2024-40766 CVE-2024-40766 is an improper access control vulnerability in the “SonicWall SonicOS

React to this headline:

Loading spinner

SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766) Read More »

Two strategies to protect your business from the next large-scale tech failure

cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, InkBridge Networks, News, opinion, software, strategy /

Two strategies to protect your business from the next large-scale tech failure 2024-08-26 at 06:47 By Help Net Security The CrowdStrike event in July clearly demonstrated the risks of allowing a software vendor deep access to network infrastructure. It also raised concerns about the concentration of digital services in the hands of a few companies.

React to this headline:

Loading spinner

Two strategies to protect your business from the next large-scale tech failure Read More »

Nuclei: Open-source vulnerability scanner

Don't miss, GitHub, Hot stuff, News, open source, penetration testing, scanning, software, vulnerability assessment /

Nuclei: Open-source vulnerability scanner 2024-08-26 at 06:31 By Help Net Security Nuclei is a fast and customizable open-source vulnerability scanner powered by YAML-based templates. With its flexible templating system, Nuclei can be adapted to perform various security checks. It can send requests to multiple targets using customizable templates, ensuring zero false positives and enabling rapid

React to this headline:

Loading spinner

Nuclei: Open-source vulnerability scanner Read More »

Rebrand, regroup, ransomware, repeat

cybercrime, Don't miss, HackerOne, Hot stuff, News, Ransomware, Video /

Rebrand, regroup, ransomware, repeat 2024-08-26 at 06:01 By Help Net Security Changes witnessed over the last few years have led to larger ransomware groups breaking into smaller units, posing more considerable challenges for law enforcement. Ransomware actors are evading arrest more easily and adapting methods with innovative technologies. In this Help Net Security video, Shobhit

React to this headline:

Loading spinner

Rebrand, regroup, ransomware, repeat Read More »

Another critical SolarWinds Web Help Desk bug fixed (CVE-2024-28987)

CVE, Don't miss, enterprise, Hot stuff, MSP, News, SMBs, SolarWinds, vulnerability /

Another critical SolarWinds Web Help Desk bug fixed (CVE-2024-28987) 2024-08-23 at 13:31 By Zeljka Zorz A week after SolarWinds released a fix for a critical code-injection-to-RCE vulnerability (CVE-2024-28986) in Web Help Desk (WHD), another patch for another critical flaw (CVE-2024-28987) in the company’s IT help desk solution has been pushed out. CVE-2024-28987 CVE-2024-28987 stems from

React to this headline:

Loading spinner

Another critical SolarWinds Web Help Desk bug fixed (CVE-2024-28987) Read More »

Vulnerability prioritization is only the beginning

cybersecurity, Don't miss, Expert analysis, Expert corner, Gutsy, Hot stuff, News, opinion, strategy, vulnerability management /

Vulnerability prioritization is only the beginning 2024-08-23 at 07:30 By Help Net Security To date, most technology solutions focused on vulnerability management have focused on the prioritization of risks. That usually took the shape of some risk-ranking structure displayed in a table with links out to the CVEs and other advisory or threat intelligence information.

React to this headline:

Loading spinner

Vulnerability prioritization is only the beginning Read More »

Critical GitHub Enterprise Server auth bypass flaw fixed (CVE-2024-6800)

CVE, Don't miss, enterprise, GitHub, Hot stuff, News, security update, software development, vulnerability /

Critical GitHub Enterprise Server auth bypass flaw fixed (CVE-2024-6800) 2024-08-22 at 15:31 By Zeljka Zorz A critical vulnerability (CVE-2024-6800) affecting all currently supported versions of GitHub Enterprise Server (GHES) may allow attackers to gain unrestricted access to the instance’s contents. The issue, reported via the GitHub Bug Bounty program, has been addressed and administrators are

React to this headline:

Loading spinner

Critical GitHub Enterprise Server auth bypass flaw fixed (CVE-2024-6800) Read More »

New Chrome zero-day actively exploited, patch quickly! (CVE-2024-7971)

0-day, Chrome, CVE, Don't miss, Google, Hot stuff, Microsoft, Microsoft Edge, News /

New Chrome zero-day actively exploited, patch quickly! (CVE-2024-7971) 2024-08-22 at 12:01 By Zeljka Zorz A new Chrome zero-day vulnerability (CVE-2024-7971) exploited by attackers in the wild has been fixed by Google. About CVE-2024-7971 CVE-2024-7971 is a high-severity vulnerability caused by a type confusion weakness in V8, the open-source JavaScript and WebAssembly engine developed by Google

React to this headline:

Loading spinner

New Chrome zero-day actively exploited, patch quickly! (CVE-2024-7971) Read More »

Scroll to Top