Microsoft introduces protection against email bombing 2025-07-01 at 18:54 By Zeljka Zorz By the end of July 2025, all Microsoft Defender for Office 365 customers should be protected from email bombing attacks by default, Microsoft has announced on Monday. What is email bombing? Email bombing (aka spam bombing) is an attack technique that results in […]
Microsoft introduces protection against email bombing Read More »
Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) 2025-07-01 at 16:11 By Zeljka Zorz If you haven’t recently updated the Sudo utility on your Linux box(es), you should do so now, to patch two local privilege escalation vulnerabilities (CVE-2025-32462, CVE-2025-32463) that have been disclosed on Monday. What is Sudo? Sudo is command-line utility in Unix-like
Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) Read More »
Trustwave’s Next Chapter: Joining Forces with LevelBlue to Create the World’s Biggest MSSP 2025-07-01 at 15:02 By Eric Harmon As CEO of Trustwave, I’m excited to share a pivotal development in our journey to deliver world-class cybersecurity to our clients: Trustwave has signed a definitive agreement to be acquired by LevelBlue, a global leader in
Google patches actively exploited Chrome (CVE‑2025‑6554) 2025-07-01 at 13:15 By Zeljka Zorz Google has released a security update for Chrome to address a zero‑day vulnerability (CVE-2025-6554) that its Threat Analysis Group (TAG) discovered and reported last week. “Google is aware that an exploit for CVE-2025-6554 exists in the wild,” the company said. About CVE-2025-6554 CVE-2025-6554
Google patches actively exploited Chrome (CVE‑2025‑6554) Read More »
Scam centers are spreading, and so is the human cost 2025-07-01 at 11:17 By Sinisa Markovic Human trafficking tied to online scam centers is spreading across the globe, according to a new crime trend update from INTERPOL. Human trafficking victims by country of origin (Source: INTERPOL) By March 2025, people from 66 countries had been
Scam centers are spreading, and so is the human cost Read More »
Federal Reserve System CISO on aligning cyber risk management with transparency, trust 2025-07-01 at 09:08 By Mirko Zorz In this Help Net Security interview, Tammy Hornsby-Fink, CISO at Federal Reserve System, shares how the Fed approaches cyber risk with a scenario-based, intelligence-driven strategy. She explains how the Fed assesses potential disruptions to financial stability and
Federal Reserve System CISO on aligning cyber risk management with transparency, trust Read More »
How cybercriminals are weaponizing AI and what CISOs should do about it 2025-07-01 at 08:31 By Mirko Zorz In a recent case tracked by Flashpoint, a finance worker at a global firm joined a video call that seemed normal. By the end of it, $25 million was gone. Everyone on the call except the employee
How cybercriminals are weaponizing AI and what CISOs should do about it Read More »
GenAI is everywhere, but security policies haven’t caught up 2025-07-01 at 08:07 By Help Net Security Nearly three out of four European IT and cybersecurity professionals say staff are already using generative AI at work, up ten points in a year, but just under a third of organizations have put formal policies in place, according
GenAI is everywhere, but security policies haven’t caught up Read More »
How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics 2025-07-01 at 07:34 By Help Net Security This article shares initial findings from internal Bitdefender Labs research into Living off the Land (LOTL) techniques. Our team at Bitdefender Labs, comprised of hundreds of security researchers with close ties to academia, conducted
Cybersecurity jobs available right now: July 1, 2025 2025-07-01 at 07:01 By Anamarija Pogorelec Application Security Engineer Fireblocks | Israel | Hybrid – View job details As an Application Security Engineer, you will improve and secure the company’s continuous integration and deployment pipelines through CI/CD security hardening. You will operate, fine-tune, and customize security tooling
Cybersecurity jobs available right now: July 1, 2025 Read More »
Fraudsters behind €460 million crypto scam arrested in Spain 2025-06-30 at 18:31 By Anamarija Pogorelec Spanish authorities arrested five members of a criminal network responsible for laundering €460 million stolen through global cryptocurrency investment fraud schemes. Source: Europol The operation, led by the Guardia Civil with support from Europol and law enforcement in Estonia, France,
Fraudsters behind €460 million crypto scam arrested in Spain Read More »
Trustwave DbProtect Expands to Secure Snowflake: Strengthening AI Repository Protection 2025-06-30 at 16:03 By Discover how Trustwave DbProtect enhances database security for cloud-based platforms like Snowflake, ensuring your AI repositories remain safe from potential threats. Learn how Trustwave’s database activity monitoring and threat detection capabilities provide real-time insights into database activities and potential vulnerabilities. Understand the importance
Trustwave DbProtect Expands to Secure Snowflake: Strengthening AI Repository Protection Read More »
CitrixBleed 2 might be actively exploited (CVE-2025-5777) 2025-06-30 at 15:47 By Zeljka Zorz While Citrix has observed some instances where CVE-2025-6543 has been exploited on vulnerable NetScaler networking appliances, the company still says that they don’t have evidence of exploitation for CVE-2025-5349 or CVE-2025-5777, both of which have been patched earlier this month. CVE-2025-5777, in
CitrixBleed 2 might be actively exploited (CVE-2025-5777) Read More »
RIFT: New open-source tool from Microsoft helps analyze Rust malware 2025-06-30 at 13:01 By Mirko Zorz Microsoft’s Threat Intelligence Center has released a new tool called RIFT to help malware analysts identify malicious code hidden in Rust binaries. While Rust is becoming more popular for its speed and memory safety, those same qualities make malware
RIFT: New open-source tool from Microsoft helps analyze Rust malware Read More »
Are we securing AI like the rest of the cloud? 2025-06-30 at 09:01 By Mirko Zorz In this Help Net Security interview, Chris McGranahan, Director of Security Architecture & Engineering at Backblaze, discusses how AI is shaping both offensive and defensive cybersecurity tactics. He talks about how AI is changing the threat landscape, the complications
Are we securing AI like the rest of the cloud? Read More »
How exposure-enriched SOC data can cut cyberattacks in half by 2028 2025-06-30 at 08:33 By Help Net Security Gartner projects that by 2028, organizations enriching their Security Operations Center (SOC) data with exposure insights will reduce the frequency and impact of cyberattacks by 50%. This bold forecast underscores a crucial shift: proactive exposure management is
How exposure-enriched SOC data can cut cyberattacks in half by 2028 Read More »
Europe’s AI strategy: Smart caution or missed opportunity? 2025-06-30 at 08:03 By Mirko Zorz Europe is banking on AI to help solve its economic problems. Productivity is stalling, and tech adoption is slow. Global competitors, especially the U.S., are pulling ahead. A new report from Accenture says AI could help reverse that trend, but only
Europe’s AI strategy: Smart caution or missed opportunity? Read More »
Why AI agents could be the next insider threat 2025-06-30 at 07:37 By Help Net Security In this Help Net Security video, Arun Shrestha, CEO of BeyondID, explains how AI agents, now embedded in daily operations, are often over-permissioned, under-monitored, and invisible to identity governance systems. With a special focus on the healthcare sector, Shrestha
Why AI agents could be the next insider threat Read More »
Third-party breaches double, creating ripple effects across industries 2025-06-30 at 07:04 By Help Net Security Supply chain risks remain top-of-mind for the vast majority of CISOs and cybersecurity leaders, according to SecurityScorecard. Their findings reveal that the way most organizations manage supply chain cyber risk isn’t keeping pace with expanding threats. The expanding web of
Third-party breaches double, creating ripple effects across industries Read More »
Week in review: Backdoor found in SOHO devices running Linux, high-risk WinRAR RCE flaw patched 2025-06-29 at 10:45 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Stealthy backdoor found hiding in SOHO devices running Linux SecurityScorecard’s STRIKE team has uncovered a network of compromised