News

Pig butchering scams are exploding

Chainalysis, Crypto, cybercrime, fraud, News, report, scams, survey /

Pig butchering scams are exploding 2025-02-14 at 07:03 By Help Net Security 2024 is set to be a record year for scammers who received at least US$9.9 billion in crypto revenues from their illicit activities, according to Chainalysis. This figure is projected to rise to an all-time high of $12.4 billion as ongoing analysis uncovers

React to this headline:

Loading spinner

Pig butchering scams are exploding Read More »

Inconsistent security strategies fuel third-party threats

cybersecurity, data breach, Imprivata, News, Ponemon Institute, report, survey, third party compromise, threat /

Inconsistent security strategies fuel third-party threats 2025-02-14 at 06:36 By Help Net Security 47% of organizations have experienced a data breach or cyberattack over the past 12 months that involved a third-party accessing their network, according to Imprivata and the Ponemon Institute. Third-party security incidents persist Notably, 64% of respondents say these types of third-party

React to this headline:

Loading spinner

Inconsistent security strategies fuel third-party threats Read More »

New infosec products of the week: February 14, 2025

Armor, EchoMark, Netwrix, News, Palo Alto Networks, Socure /

New infosec products of the week: February 14, 2025 2025-02-14 at 06:03 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Armor, EchoMark, Netwrix, Palo Alto Networks, and Socure. Palo Alto Networks Cortex Cloud applies AI-driven insights to reduce risk and prevent threats Palo Alto

React to this headline:

Loading spinner

New infosec products of the week: February 14, 2025 Read More »

North Korean hackers spotted using ClickFix tactic to deliver malware

Don't miss, Hot stuff, Malware, News, North Korea, PowerShell, social engineering, Windows /

North Korean hackers spotted using ClickFix tactic to deliver malware 2025-02-13 at 18:34 By Zeljka Zorz North Korean state-sponsored group Kimsuky (aka Emerald Sleet, aka VELVET CHOLLIMA) is attempting to deliver malware to South Korean targets by leveraging the so-called “ClickFix” tactic. A relatively new tactic The ClickFix social engineering tactic has been dubbed thus

React to this headline:

Loading spinner

North Korean hackers spotted using ClickFix tactic to deliver malware Read More »

Sandworm APT’s initial access subgroup hits organizations accross the globe

APT, Don't miss, energy sector, Hot stuff, Microsoft, News, Russian Federation, telecommunications /

Sandworm APT’s initial access subgroup hits organizations accross the globe 2025-02-13 at 15:34 By Zeljka Zorz A subgroup of Russia’s Sandworm APT has been working to achieve initial and persistent access to the IT networks of organizations working in economic sectors Russia is interested in. “In 2022, its primary focus was Ukraine, specifically targeting the

React to this headline:

Loading spinner

Sandworm APT’s initial access subgroup hits organizations accross the globe Read More »

PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108)

Assetnote, Don't miss, exploit, firewall, Hot stuff, News, Palo Alto Networks, PoC, security update /

PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108) 2025-02-13 at 13:17 By Zeljka Zorz Palo Alto Networks has fixed a high-severity authentication bypass vulnerability (CVE-2025-0108) in the management web interface of its next-gen firewalls, a proof-of-concept exploit (PoC) for which has been made public. “Palo Alto Networks is not aware of any malicious exploitation

React to this headline:

Loading spinner

PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108) Read More »

The UK’s secret iCloud backdoor request: A dangerous step toward Orwellian mass surveillance

apple, backdoor, cybersecurity, Don't miss, Encryption, Expert analysis, Expert corner, Foresight Cyber, Government, Hot stuff, News, opinion, Privacy, surveillance, UK /

The UK’s secret iCloud backdoor request: A dangerous step toward Orwellian mass surveillance 2025-02-13 at 07:30 By Help Net Security The United Kingdom government has secretly requested that Apple build a backdoor into its iCloud service, granting the government unrestricted access to users’ private data. This revelation deeply concerns me – it is a blatant

React to this headline:

Loading spinner

The UK’s secret iCloud backdoor request: A dangerous step toward Orwellian mass surveillance Read More »

Over 3 million Fortune 500 employee accounts compromised since 2022

credentials, cybercrime, Don't miss, Enzoic, Malware, News, report, survey /

Over 3 million Fortune 500 employee accounts compromised since 2022 2025-02-13 at 07:03 By Help Net Security More than three million employee-linked corporate accounts were compromised between 2022 and 2024 across Fortune 500 companies, according to Enzoic. This surge is fueled by the widespread use of corporate email addresses for personal accounts and the growing

React to this headline:

Loading spinner

Over 3 million Fortune 500 employee accounts compromised since 2022 Read More »

Making sense of database complexity

Data Protection, database management, database security, News, Redgate, report, survey /

Making sense of database complexity 2025-02-13 at 06:03 By Help Net Security IT leaders are grappling with increasingly complex database environments. According to a new survey from Redgate, key concerns include protecting sensitive data, navigating regulatory compliance, and managing the rise of multi-database platforms. 38% of IT teams are concerned about data security and access

React to this headline:

Loading spinner

Making sense of database complexity Read More »

It’s time to secure the extended digital supply chain

cyber resilience, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Illumio, News, opinion, regulation, supply chain /

It’s time to secure the extended digital supply chain 2025-02-12 at 07:35 By Help Net Security Organizations’ increasing reliance on third-party software and services has created an environment with more vulnerabilities and harder-to-detect risks. Attackers know they can increase efficiency and profitability by compromising the supply chain and are focusing their efforts accordingly. The commoditization

React to this headline:

Loading spinner

It’s time to secure the extended digital supply chain Read More »

SysReptor: Open-source penetration testing reporting platform

Don't miss, GitHub, News, penetration testing, software /

SysReptor: Open-source penetration testing reporting platform 2025-02-12 at 07:05 By Mirko Zorz SysReptor is a customizable open-source penetration testing reporting platform built for pentesters, red teamers, and cybersecurity professionals. You can optimize your workflow by simplifying, automating, and personalizing your reports. “SysReptor is an easy-to-use tool for pentesters and simplifies pentest reporting. Reports are designed

React to this headline:

Loading spinner

SysReptor: Open-source penetration testing reporting platform Read More »

Silent breaches are happening right now, most companies have no clue

Black Kite, cybersecurity, data breach, News, report, survey /

Silent breaches are happening right now, most companies have no clue 2025-02-12 at 06:33 By Help Net Security The breaches and ransomware attacks of 2024 highlighted systemic vulnerabilities, demonstrating how third-party and fourth-party dependencies amplify risks across industries, according to a Black Kite report. Researchers revealed how silent breaches underscore the risk posed by unseen

React to this headline:

Loading spinner

Silent breaches are happening right now, most companies have no clue Read More »

CEOs must act now to embrace AI or risk falling behind

Artificial Intelligence, CEO, Cisco, News, report, strategy, survey /

CEOs must act now to embrace AI or risk falling behind 2025-02-12 at 06:04 By Help Net Security While 4 out of 5 CEOs recognize AI’s potential, many worry gaps in their understanding will impact strategic decisions, risking missed opportunities and falling behind competitors, according to Cisco. Yet, CEOs are not standing still. With support

React to this headline:

Loading spinner

CEOs must act now to embrace AI or risk falling behind Read More »

Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391)

Action1, Don't miss, Hot stuff, Microsoft, News, Patch Tuesday, security update, Tenable, Trend Micro, Windows, Windows Server /

Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) 2025-02-11 at 22:21 By Zeljka Zorz February 2025 Patch Tuesday is here, and Microsoft has delivered fixes for 56 vulnerabilities, including two zero-days – CVE-2025-21418 and CVE-2025-21391 – under active exploitation. CVE-2025-21418 and CVE-2025-21391 CVE-2025-21418 is a vulnerability in the Windows Ancillary Function Driver (AFD.sys), which interfaces

React to this headline:

Loading spinner

Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) Read More »

8Base ransomware group leaders arrested, leak site seized

arrest, cybercriminals, Don't miss, Europol, Hot stuff, law enforcement, News, Ransomware /

8Base ransomware group leaders arrested, leak site seized 2025-02-11 at 15:31 By Zeljka Zorz The Thai police has arrested four individuals suspected of being the leaders of the 8Base ransomware group and of stealing approximately $16 million from 1,000+ victims they targeted with the Phobos ransomware. “Officers from Cyber Crime Investigation Bureau, led by Police

React to this headline:

Loading spinner

8Base ransomware group leaders arrested, leak site seized Read More »

Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200)

0-day, apple, Don't miss, Hot stuff, iOS, iPad, News, security update /

Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) 2025-02-11 at 12:48 By Zeljka Zorz Users of iPhones and iPads that run iOS/iPadOS 18 and iPadOS 17 are urged to implement the latest updates to plug a security feature bypass vulnerability (CVE-2025-24200) exploited in the wild in “an extremely sophisticated” attack. The vulnerability (CVE-2025-24200)

React to this headline:

Loading spinner

Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) Read More »

Arvest Bank CISO on building a strong cybersecurity culture in banking

Arvest Bank, Banks, cybersecurity, Don't miss, Features, financial industry, Fintech, Hot stuff, News, opinion /

Arvest Bank CISO on building a strong cybersecurity culture in banking 2025-02-11 at 07:31 By Mirko Zorz In this Help Net Security interview, Mike Calvi, CISO at Arvest Bank, discusses building a strong cybersecurity culture within the banking sector. He explains how leadership, effective reporting, and proactive engagement with associates are key in strengthening security.

React to this headline:

Loading spinner

Arvest Bank CISO on building a strong cybersecurity culture in banking Read More »

Review: Inside Cyber Warfare, 3rd Edition

books, cybersecurity, Don't miss, Hot stuff, News, Review, Reviews /

Review: Inside Cyber Warfare, 3rd Edition 2025-02-11 at 07:00 By Mirko Zorz Inside Cyber Warfare, 3rd Edition by Jeffrey Caruso explores how nation-states, corporations, and hackers engage in digital warfare. It offers insights into the intersection of cybersecurity, geopolitics, and emerging technology. About the author Jeffrey Caruso is a globally recognized cybersecurity adviser, author, and

React to this headline:

Loading spinner

Review: Inside Cyber Warfare, 3rd Edition Read More »

How to detect and disable Apple AirTags that might be tracking you

apple, cybersecurity, Don't miss, how-to, News, Privacy /

How to detect and disable Apple AirTags that might be tracking you 2025-02-11 at 06:39 By Help Net Security Apple’s AirTags are a convenient way to track personal items like keys and bags, but they also raise concerns about unwanted tracking and stalking. To help users stay safe, Apple has implemented several anti-stalking protections, including

React to this headline:

Loading spinner

How to detect and disable Apple AirTags that might be tracking you Read More »

Scroll to Top