Hot stuff

Secator: Open-source pentesting Swiss army knife

Don't miss, GitHub, Hot stuff, News, open source, penetration testing, software /

Secator: Open-source pentesting Swiss army knife 2024-07-03 at 07:01 By Help Net Security Secator is an open-source task and workflow runner tailored for security assessments. It facilitates the use of numerous security tools and aims to enhance the efficiency of pen testers and security researchers. Secator features Curated list of commands Unified input options Unified […]

React to this headline:

Loading spinner

Secator: Open-source pentesting Swiss army knife Read More »

Leveraging no-code automation for efficient network operations

automation, cybersecurity, Don't miss, Features, Hot stuff, NetBrain Technologies, network, network management, News, opinion /

Leveraging no-code automation for efficient network operations 2024-07-02 at 07:32 By Mirko Zorz In this Help Net Security interview, Lingping Gao, CEO at NetBrain, discusses the challenges NetOps teams face in maintaining production services due to outdated processes and growing infrastructures. No-code automation has the potential to address these challenges by allowing engineers to automate

React to this headline:

Loading spinner

Leveraging no-code automation for efficient network operations Read More »

The impossibility of “getting ahead” in cyber defense

Artificial Intelligence, Blancco Technology Group, cyber resilience, cyberattacks, cybersecurity, Don't miss, Expert analysis, Expert corner, generative AI, Hot stuff, News, opinion /

The impossibility of “getting ahead” in cyber defense 2024-07-02 at 07:01 By Help Net Security As a security professional, it can be tempting to believe that with sufficient resources we can achieve of state of parity, or even relative dominance, over cyber attackers. After all, if we got to an ideal state – fully staffed

React to this headline:

Loading spinner

The impossibility of “getting ahead” in cyber defense Read More »

Inside the minds of CISOs

Bugcrowd, CISO, cybersecurity, Don't miss, Hot stuff, News, strategy, tips, Video /

Inside the minds of CISOs 2024-07-02 at 06:31 By Help Net Security In this Help Net Security video, Nick McKenzie, CISO of Bugcrowd, discusses the key findings from their recent report, which comes at a crucial time as security leaders’ roles are being discussed more with the current risk landscape and the increasing need to

React to this headline:

Loading spinner

Inside the minds of CISOs Read More »

Why every company needs a DDoS response plan

attacks, cybercriminals, cybersecurity, DDoS, Don't miss, Features, Government, Hot stuff, Netscout, News, opinion, strategy, Threat Intelligence /

Why every company needs a DDoS response plan 2024-07-01 at 08:02 By Mirko Zorz In this Help Net Security interview, Richard Hummel, Senior Threat Intelligence Manager at NETSCOUT, discusses how companies can overcome the challenges of identifying and mitigating DDoS attacks. He stresses the need for adaptive, multilayered defense strategies and the inevitability of a

React to this headline:

Loading spinner

Why every company needs a DDoS response plan Read More »

Product showcase: Protect digital identities with Swissbit’s iShield Key Pro

authentication, Compliance, cybersecurity, Don't miss, Hot stuff, identity, News, Swissbit, Token /

Product showcase: Protect digital identities with Swissbit’s iShield Key Pro 2024-07-01 at 07:01 By Help Net Security In today’s fast-paced business world, protecting digital identities and optimizing daily workflows are crucial. The iShield Key Pro series from Swissbit addresses these challenges by offering top-notch security combined with effortless usability. Let’s delve into how the iShield

React to this headline:

Loading spinner

Product showcase: Protect digital identities with Swissbit’s iShield Key Pro Read More »

Preparing for Q-Day as NIST nears approval of PQC standards

CISO, cybersecurity, data security, Don't miss, Encryption, Expert analysis, Expert corner, Hot stuff, Lastwall, News, opinion, quantum computing, standards, threats /

Preparing for Q-Day as NIST nears approval of PQC standards 2024-07-01 at 06:32 By Help Net Security Q-Day—the day when a cryptographically relevant quantum computer can break most forms of modern encryption—is fast approaching, leaving the complex systems our societies rely on vulnerable to a new wave of cyberattacks. While estimates just a few years

React to this headline:

Loading spinner

Preparing for Q-Day as NIST nears approval of PQC standards Read More »

Leveraging AI and automation for enhanced security operations

Artificial Intelligence, automation, cyber resilience, cybersecurity, Don't miss, Features, Hot stuff, Kyndryl, MSP, News, opinion, security operations, strategy /

Leveraging AI and automation for enhanced security operations 2024-06-28 at 07:01 By Mirko Zorz In this Help Net Security interview, Michelle Weston, VP of Security & Resiliency at Kyndryl, discusses the key challenges in security operations and how to address them. The top issues are increasing cyber resilience risks, changing regulatory conditions, and implementing emerging

React to this headline:

Loading spinner

Leveraging AI and automation for enhanced security operations Read More »

Largest Croatian hospital under cyberattack

critical infrastructure, Croatia, cyberattack, DDoS, Diverto, Don't miss, Europe, healthcare, Hot stuff, News /

Largest Croatian hospital under cyberattack 2024-06-27 at 14:31 By Zeljka Zorz The University Hospital Centre Zagreb (KBC Zagreb) is under cyberattack that started on Wednesday night, the Croatian Radiotelevision has reported. Because of the attack, the hospital has shut down its information system and will be switching parts of it online once they are sure

React to this headline:

Loading spinner

Largest Croatian hospital under cyberattack Read More »

PoC exploit for critical Fortra FileCatalyst flaw published (CVE-2024-5276)

CVE, Don't miss, exploit, file-sharing, Fortra, Hot stuff, MFT, News, PoC, SQL injection, Tenable, vulnerability /

PoC exploit for critical Fortra FileCatalyst flaw published (CVE-2024-5276) 2024-06-27 at 12:31 By Zeljka Zorz A critical SQL injection vulnerability in Fortra FileCatalyst Workflow (CVE-2024-5276) has been patched; a PoC exploit is already available online. While there’s currently no reports of in-the-wild exploitation, enterprise admins are advised to patch their installations as soon as possible.

React to this headline:

Loading spinner

PoC exploit for critical Fortra FileCatalyst flaw published (CVE-2024-5276) Read More »

Gitleaks: Open-source solution for detecting secrets in your code

Data leak, Don't miss, GitHub, Hot stuff, News, open source, software /

Gitleaks: Open-source solution for detecting secrets in your code 2024-06-27 at 07:37 By Mirko Zorz Gitleaks is an open-source SAST tool designed to detect and prevent hardcoded secrets such as passwords, API keys, and tokens in Git repositories. With more than 15 million Docker downloads, 16,200 GitHub stars, 7 million GitHub downloads, thousands of weekly

React to this headline:

Loading spinner

Gitleaks: Open-source solution for detecting secrets in your code Read More »

Enterprises increasingly turn to cloud and AI for database management

Artificial Intelligence, Cloud, cybersecurity, database management, Don't miss, Hot stuff, News, Redgate, Video /

Enterprises increasingly turn to cloud and AI for database management 2024-06-27 at 06:01 By Help Net Security Across various tasks, from predictive analytics to code generation, organizations in all sectors are exploring how AI can add value and increase efficiency. In this Help Net Security video, Ryan Booz, PostgreSQL Advocate at Redgate, discusses the key

React to this headline:

Loading spinner

Enterprises increasingly turn to cloud and AI for database management Read More »

Malware peddlers experimenting with BPL sideloading and masking malicious payloads as PGP keys

Don't miss, Hot stuff, Kroll, Malware, malware detection, News /

Malware peddlers experimenting with BPL sideloading and masking malicious payloads as PGP keys 2024-06-26 at 15:46 By Zeljka Zorz A newly spotted campaign is leveraging BPL sideloading and other uncommon tricks to deliver the IDAT Loader (aka HijackLoader) malware and prevent its detection. The campaign Spotted by Kroll’s incident responders and analyzed by the company’s

React to this headline:

Loading spinner

Malware peddlers experimenting with BPL sideloading and masking malicious payloads as PGP keys Read More »

Compromised plugins found on WordPress.org

backdoor, Don't miss, Hot stuff, News, plugin, supply chain compromise, Wordfence, WordPress /

Compromised plugins found on WordPress.org 2024-06-26 at 11:46 By Zeljka Zorz An unknown threat actor has compromised five (and possibly more) WordPress plugins and injected them with code that creates a new admin account, effectively allowing them complete control over WordPress installations / websites. “In addition, it appears the threat actor also injected malicious JavaScript

React to this headline:

Loading spinner

Compromised plugins found on WordPress.org Read More »

Future trends in cyber warfare: Predictions for AI integration and space-based operations

Artificial Intelligence, attacks, cybersecurity, Cyberwarfare, Don't miss, Features, Hot stuff, News, opinion, SentinelOne, strategy /

Future trends in cyber warfare: Predictions for AI integration and space-based operations 2024-06-26 at 06:36 By Mirko Zorz In this Help Net Security interview, Morgan Wright, Chief Security Advisor at SentinelOne, discusses how AI is utilized in modern cyber warfare by state and non-state actors. AI enhances decision-making speed and precision for state actors, facilitating

React to this headline:

Loading spinner

Future trends in cyber warfare: Predictions for AI integration and space-based operations Read More »

Progress quietly fixes MOVEit auth bypass flaws (CVE-2024-5805, CVE-2024-5806)

Don't miss, enterprise, file-sharing, Hot stuff, MFT, News, PoC, Progress, security update, WatchTowr /

Progress quietly fixes MOVEit auth bypass flaws (CVE-2024-5805, CVE-2024-5806) 2024-06-25 at 21:16 By Zeljka Zorz Progress Software has patched one critical (CVE-2024-5805) and one high-risk (CVE-2024-5806) vulnerability in MOVEit, its widely used managed file transfer (MFT) software product. According to WatchTowr Labs researchers, the company has been privately instructing users to implement the hotfixes before

React to this headline:

Loading spinner

Progress quietly fixes MOVEit auth bypass flaws (CVE-2024-5805, CVE-2024-5806) Read More »

Ransomware disrupts Indonesia’s national data centre, LockBit gang claims US Federal Reserve breach

Asia, disruption, Don't miss, Hot stuff, News, Ransomware, USA /

Ransomware disrupts Indonesia’s national data centre, LockBit gang claims US Federal Reserve breach 2024-06-25 at 14:46 By Zeljka Zorz Ransomware attackers wielding a LockBit variant dubbed Brain Cipher have disrupted a temporary national data center facility which supports the operations of 200+ Indonesian government agencies and public services. The attackers are asking for a $8

React to this headline:

Loading spinner

Ransomware disrupts Indonesia’s national data centre, LockBit gang claims US Federal Reserve breach Read More »

New security loophole allows spying on internet users’ online activity

attacks, cybersecurity, Don't miss, Graz University of Technology, Hot stuff, News, Privacy, research, vulnerability /

New security loophole allows spying on internet users’ online activity 2024-06-25 at 13:16 By Help Net Security Researchers at Graz University of Technology were able to spy on users’ online activities simply by monitoring fluctuations in the speed of their internet connection. This vulnerability, known as SnailLoad, does not require malicious code to exploit, and

React to this headline:

Loading spinner

New security loophole allows spying on internet users’ online activity Read More »

Zeek: Open-source network traffic analysis, security monitoring

cybersecurity, Don't miss, GitHub, Hot stuff, monitoring, network analysis, network monitoring, News, open source, software /

Zeek: Open-source network traffic analysis, security monitoring 2024-06-25 at 07:01 By Mirko Zorz Zeek is an open-source network analysis framework. Unlike an active security device such as a firewall, Zeek operates on a versatile ‘sensor’ that can be a hardware, software, virtual, or cloud platform. This flexibility allows Zeek to quietly monitor network traffic, interpret

React to this headline:

Loading spinner

Zeek: Open-source network traffic analysis, security monitoring Read More »

CISOs’ new ally: Qualys CyberSecurity Asset Management 3.0

asset discovery, CISO, cybersecurity, Don't miss, Features, Hot stuff, IT assets, News, opinion, Qualys /

CISOs’ new ally: Qualys CyberSecurity Asset Management 3.0 2024-06-25 at 06:31 By Mirko Zorz In this Help Net Security interview, Kunal Modasiya, VP of Product Management and Growth at Qualys, explores the key features, significant advantages, and innovative technologies behind Qualys CyberSecurity Asset Management 3.0. Can you explain the key features of Qualys CyberSecurity Asset

React to this headline:

Loading spinner

CISOs’ new ally: Qualys CyberSecurity Asset Management 3.0 Read More »

Scroll to Top