Week in review: AWS S3 data encrypted without ransomware, data of 15k Fortinet firewalls leaked 2025-01-19 at 11:06 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Attackers are encrypting AWS S3 data without using ransomware A ransomware gang dubbed Codefinger is encrypting data stored […]
How Russian hackers went after NGOs’ WhatsApp accounts 2025-01-17 at 17:34 By Zeljka Zorz Star Blizzard, a threat actor tied to the Russian Federal Security Service (FSB), was spotted attempting to compromise targets’ WhatsApp accounts through a clever phishing campaign. The campaign The campaign started with a spear-phishing email that was made to look like
How Russian hackers went after NGOs’ WhatsApp accounts Read More »
Balancing usability and security in the fight against identity-based attacks 2025-01-17 at 08:04 By Mirko Zorz In this Help Net Security interview, Adam Bateman, CEO of Push Security, talks about the rise in identity-based attacks, how they’re becoming more sophisticated each year, and how AI and ML are both fueling these threats and helping to
Balancing usability and security in the fight against identity-based attacks Read More »
MSSqlPwner: Open-source tool for pentesting MSSQL servers 2025-01-17 at 07:48 By Help Net Security MSSqlPwner is an open-source pentesting tool tailored to interact with and exploit MSSQL servers. Built on Impacket, it enables users to authenticate with databases using various credentials, including clear-text passwords, NTLM hashes, and Kerberos tickets. The tool offers multiple methods for
MSSqlPwner: Open-source tool for pentesting MSSQL servers Read More »
Homeowners are clueless about how smart devices collect their data 2025-01-17 at 07:00 By Help Net Security Homeowners are increasingly concerned about data privacy in smart home products, according to Copeland. Homeowners see smart devices as boosting home security Homeowners are still generally comfortable in using new technology, but this year smart thermostat non-owners are
Homeowners are clueless about how smart devices collect their data Read More »
EU takes decisive action on healthcare cybersecurity 2025-01-17 at 06:39 By Help Net Security The Commission has presented an EU action plan aimed at strengthening the cybersecurity of hospitals and healthcare providers. The initiative is an essential step in shielding the healthcare sector from cyber threats. Digitalization is revolutionizing healthcare, enabling better patient services through
EU takes decisive action on healthcare cybersecurity Read More »
New infosec products of the week: January 17, 2025 2025-01-17 at 06:04 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Atsign, Cisco, Commvault, and IT-Harvest. Cisco AI Defense safeguards against the misuse of AI tools Cisco AI Defense is purpose-built for enterprises to develop,
New infosec products of the week: January 17, 2025 Read More »
Critical SimpleHelp vulnerabilities fixed, update your server instances! 2025-01-16 at 17:04 By Zeljka Zorz If you’re an organization using SimpleHelp for your remote IT support/access needs, you should update or patch your server installation without delay, to fix security vulnerabilities that may be exploited by remote attackers to execute code on the underlying host. About
Critical SimpleHelp vulnerabilities fixed, update your server instances! Read More »
Upcoming Trustwave SpiderLabs Report Investigates Threats Against the Energy and Utilities Sector 2025-01-16 at 16:03 By Trustwave SpiderLabs is continuing its multi-year research effort delving into the unique cybersecurity challenges that face different vertical sectors with a new report launching on January 22. This article is an excerpt from Trustwave Blog View Original Source
Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them? 2025-01-16 at 13:03 By Zeljka Zorz A threat actor has leaked configuration files (aka configs) for over 15,000 Fortinet Fortigate firewalls and associated admin and user credentials. The collection has been leaked on Monday and publicized on an underground forum by the threat actor
Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them? Read More »
New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344) 2025-01-16 at 12:03 By Help Net Security ESET researchers have identified a vulnerability (CVE-2024-7344) impacting most UEFI-based systems, which allows attackers to bypass UEFI Secure Boot. The issue was found in a UEFI application signed with Microsoft’s “Microsoft Corporation UEFI CA 2011” third-party certificate. Exploiting this vulnerability
New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344) Read More »
Webinar: Amplifying SIEM with AI-driven NDR for IT/OT convergence 2025-01-16 at 10:18 By Help Net Security Join cybersecurity leader Erwin Eimers from Sumitomo Chemicals Americas to explore how AI-driven Network Detection and Response (NDR) enhances SIEM capabilities, bridging critical visibility gaps in converged IT/OT environments. Learn how NDR provides enriched telemetry, real-time insights, and faster
Webinar: Amplifying SIEM with AI-driven NDR for IT/OT convergence Read More »
How CISOs can elevate cybersecurity in boardroom discussions 2025-01-16 at 07:01 By Mirko Zorz Ross Young is the CISO in residence at Team8 and the creator of the OWASP Threat and Safeguard Matrix (TaSM). In this interview, he shares his perspective on how cybersecurity professionals can tailor their presentations to the board, aligning security strategies
How CISOs can elevate cybersecurity in boardroom discussions Read More »
A humble proposal: The InfoSec CIA triad should be expanded 2025-01-16 at 06:35 By Help Net Security The inconsistent and incomplete definitions of essential properties in information security create confusion within the InfoSec community, gaps in security controls, and may elevate the costs of incidents. In this article, I will analyze the CIA triad, point
A humble proposal: The InfoSec CIA triad should be expanded Read More »
Critical vulnerabilities remain unresolved due to prioritization gaps 2025-01-16 at 06:19 By Help Net Security Fragmented data from multiple scanners, siloed risk scoring and poor cross-team collaboration are leaving organizations increasingly exposed to breaches, compliance failures and costly penalties, according to Swimlane. The relentless surge of vulnerabilities is pushing security teams to their limits, forcing
Critical vulnerabilities remain unresolved due to prioritization gaps Read More »
Rsync vulnerabilities allow remote code execution on servers, patch quickly! 2025-01-15 at 16:46 By Zeljka Zorz Six vulnerabilities have been fixed in the newest versions of Rsync (v3.4.0), two of which could be exploited by a malicious client to achieve arbitrary code execution on a machine with a running Rsync server. “The client requires only
Rsync vulnerabilities allow remote code execution on servers, patch quickly! Read More »
FBI removed PlugX malware from U.S. computers 2025-01-15 at 14:24 By Help Net Security The Justice Department announced on Tuesday that, alongside international partners, the FBI deleted “PlugX” malware from thousands of infected computers worldwide. As described in court documents unsealed in the Eastern District of Pennsylvania, a group of hackers sponsored by the People’s
FBI removed PlugX malware from U.S. computers Read More »
Contextal Platform: Open-source threat detection and intelligence 2025-01-15 at 07:34 By Mirko Zorz Contextal Platform is an open-source cybersecurity solution for contextual threat detection and intelligence. Developed by the original authors of ClamAV, it offers advanced features such as contextual threat analysis, custom detection scenarios through the ContexQL language, and AI-powered data processing—all operating locally
Contextal Platform: Open-source threat detection and intelligence Read More »
Using cognitive diversity for stronger, smarter cyber defense 2025-01-15 at 07:03 By Mirko Zorz In this Help Net Security interview, Mel Morris, CEO of Corpora.ai, discusses how cognitive biases affect decision-making during cybersecurity incidents. Morris shares insights on the challenges of designing user-friendly cybersecurity tools that consider human cognitive processes. How do cognitive biases impact
Using cognitive diversity for stronger, smarter cyber defense Read More »
Cybersecurity is stepping into a new era of complexity 2025-01-15 at 06:01 By Help Net Security Cybersecurity is entering a new era of complexity, according to the World Economic Forum’s Global Cybersecurity Outlook 2025 report. Growing complexity intensifies cyber inequity This complexity arises from the rapid growth of emerging technologies, prevailing geopolitical uncertainty, the evolution
Cybersecurity is stepping into a new era of complexity Read More »