News

Fresh perspectives needed to manage growing vulnerabilities

Cloud, NetSPI, News, NIST, penetration testing, remediation, report, vulnerability /

Fresh perspectives needed to manage growing vulnerabilities 26/05/2023 at 06:03 By Help Net Security In its inaugural 2023 Offensive Security Vision Report, NetSPI unveils findings that highlight vulnerability trends across applications, cloud, and networks. Vulnerability patterns The report offers a look back — and forward — at some of the most significant vulnerability patterns of […]

React to this headline:

Loading spinner

Fresh perspectives needed to manage growing vulnerabilities Read More »

Five Eyes agencies detail how Chinese hackers breached US infrastructure

critical infrastructure, government-backed attacks, Hot stuff, Microsoft, News, NSA, SecureWorks, USA /

Five Eyes agencies detail how Chinese hackers breached US infrastructure 25/05/2023 at 14:16 By Help Net Security The National Security Agency (NSA) and Five Eyes partner agencies have identified indicators of compromise associated with a People’s Republic of China (PRC) state-sponsored cyber actor dubbed Volt Typhoon, which is using living off the land techniques to

React to this headline:

Loading spinner

Five Eyes agencies detail how Chinese hackers breached US infrastructure Read More »

Phishing campaign targets ChatGPT users

ChatGPT, Don't miss, Hot stuff, identity theft, Inky, News, phishing /

Phishing campaign targets ChatGPT users 25/05/2023 at 14:05 By Helga Labus A clever phishing campaign aimed at stealing users’ business email account credentials by impersonating OpenAI, the company behind the ChatGPT chatbot, has been spotted by Inky researchers. The attack ChatGPT has quickly gained popularity and is used widely by individuals and organizations. That’s enough

React to this headline:

Loading spinner

Phishing campaign targets ChatGPT users Read More »

Barracuda email security appliances hacked via zero-day vulnerability (CVE-2023-2868)

0-day, Barracuda Networks, Don't miss, email security, Hot stuff, News, vulnerability /

Barracuda email security appliances hacked via zero-day vulnerability (CVE-2023-2868) 25/05/2023 at 13:07 By Zeljka Zorz A vulnerability (CVE-2023-2868) in Barracuda Networks’ Email Security Gateway (ESG) appliances has been exploited by attackers, the company has warned. About CVE-2023-2868 CVE-2023-2868 is a critical remote command injection vulnerability affecting only physical Barracuda Email Security Gateway appliances, versions 5.1.3.001

React to this headline:

Loading spinner

Barracuda email security appliances hacked via zero-day vulnerability (CVE-2023-2868) Read More »

12 vulnerabilities newly associated with ransomware

Cyware, dark web, exploit, Ivanti, News, Ransomware, report, Securin, vulnerability /

12 vulnerabilities newly associated with ransomware 25/05/2023 at 06:04 By Help Net Security In March 2023, the total number of breaches reported was higher than those reported in the previous three years combined, according to Ivanti. Ransomware groups are continuously weaponizing vulnerabilities and adding them to their arsenal to mount crippling and disruptive attacks on

React to this headline:

Loading spinner

12 vulnerabilities newly associated with ransomware Read More »

IT employee piggybacked on cyberattack for personal gain

Don't miss, Hot stuff, Insider Threat, News, Ransomware, UK /

IT employee piggybacked on cyberattack for personal gain 24/05/2023 at 14:34 By Helga Labus A 28-year-old former IT employee of an Oxford-based company has been convicted of blackmailing his employer and unauthorized access to a computer with intent to commit other offences, after pleading guilty during a hearing at Reading Crown Court, England. IT employee

React to this headline:

Loading spinner

IT employee piggybacked on cyberattack for personal gain Read More »

Microsoft, GitHub announce application security testing tools for Azure DevOps

Application Security, Azure, DevOps, Don't miss, GitHub, News, scanning, software development /

Microsoft, GitHub announce application security testing tools for Azure DevOps 24/05/2023 at 14:34 By Zeljka Zorz GitHub has announced that its application security testing tools are now more widely available for subscribers of Microsoft’s Azure DevOps Services. Enabling GitHub Advanced Security for Azure DevOps (Source: Microsoft) What is GitHub Advanced Security for Azure DevOps? GitHub

React to this headline:

Loading spinner

Microsoft, GitHub announce application security testing tools for Azure DevOps Read More »

Legitimate Android app transforms into data-snooping malware

Android, cybercrime, Don't miss, ESET, Google Play, Malware, News, Privacy, trojan /

Legitimate Android app transforms into data-snooping malware 24/05/2023 at 11:16 By Help Net Security ESET researchers have discovered a trojanized Android app named iRecorder – Screen Recorder. It was available on Google Play as a legitimate app in September 2021, with malicious functionality most likely added in August 2022. During its existence, the app was

React to this headline:

Loading spinner

Legitimate Android app transforms into data-snooping malware Read More »

Navigating the quantum leap in cybersecurity

CISO, cyber risk, cybersecurity, Don't miss, Features, Hot stuff, ISARA, News, opinion, quantum computing /

Navigating the quantum leap in cybersecurity 24/05/2023 at 07:17 By Mirko Zorz In this Help Net Security interview, we sit down with Dr. Atsushi Yamada, the newly appointed CEO of ISARA, a security solutions company specializing in creating quantum-safe cryptography. With over two decades of experience in cryptography and cybersecurity, Dr. Yamada discusses his vision

React to this headline:

Loading spinner

Navigating the quantum leap in cybersecurity Read More »

6 ChatGPT risks for legal and compliance leaders

Artificial Intelligence, ChatGPT, Compliance, cybersecurity, Gartner, News, Privacy, risk /

6 ChatGPT risks for legal and compliance leaders 24/05/2023 at 06:12 By Help Net Security Legal and compliance leaders should address their organization’s exposure to six specific ChatGPT risks, and what guardrails to establish to ensure responsible enterprise use of generative AI tools, according to Gartner. “The output generated by ChatGPT and other large language

React to this headline:

Loading spinner

6 ChatGPT risks for legal and compliance leaders Read More »

Simple OSINT techniques to spot AI-fueled disinformation, fake reviews

Artificial Intelligence, ChatGPT, Don't miss, Hot stuff, News, OSINT, ShadowDragon /

Simple OSINT techniques to spot AI-fueled disinformation, fake reviews 23/05/2023 at 12:20 By Helga Labus Error messages that ChatGPT and other AI language models generate can be used to uncover disinformation campaigns, hate speech and fake reviews via OSINT collection and analysis, says Nico Dekens, director of intelligence at ShadowDragon. AI-generated content found via Google

React to this headline:

Loading spinner

Simple OSINT techniques to spot AI-fueled disinformation, fake reviews Read More »

Online scams target bargain-hunting holiday travelers

cybercrime, cybersecurity, fraud, McAfee, News /

Online scams target bargain-hunting holiday travelers 23/05/2023 at 06:01 By Help Net Security 30% of adults have fallen victim or know someone who has fallen victim to an online scam while trying to save money when booking travel, according to McAfee. 34% of those who had money stolen have lost over $1,000 before their trip

React to this headline:

Loading spinner

Online scams target bargain-hunting holiday travelers Read More »

Vulnerability in Zyxel firewalls may soon be widely exploited (CVE-2023-28771)

Don't miss, enterprise, firewall, firmware, Hot stuff, News, PoC, Rapid7, security update, SMBs, vulnerability, Zyxel /

Vulnerability in Zyxel firewalls may soon be widely exploited (CVE-2023-28771) 22/05/2023 at 14:05 By Zeljka Zorz A recently fixed command injection vulnerability (CVE-2023-28771) affecting a variety Zyxel firewalls may soon be exploited in the wild, Rapid7 researchers have warned, after publishing a technical analysis and a PoC script that triggers the vulnerability and achieves a

React to this headline:

Loading spinner

Vulnerability in Zyxel firewalls may soon be widely exploited (CVE-2023-28771) Read More »

Wireless Broadband Alliance CEO on key drivers for Wi-Fi adoption in enterprise networks

5G, Don't miss, Features, Hot stuff, networking, News, opinion, wireless, Wireless Broadband Alliance /

Wireless Broadband Alliance CEO on key drivers for Wi-Fi adoption in enterprise networks 22/05/2023 at 07:47 By Mirko Zorz The demand for robust, reliable, and high-speed connectivity is increasing rapidly in the era of relentless digital transformation. This Help Net Security interview with Tiago Rodrigues, CEO at Wireless Broadband Alliance (WBA), delves into the future

React to this headline:

Loading spinner

Wireless Broadband Alliance CEO on key drivers for Wi-Fi adoption in enterprise networks Read More »

Malicious links and misaddressed emails slip past security controls

Armorblox, cybercrime, Email, email security, ESG, News, survey, threats /

Malicious links and misaddressed emails slip past security controls 22/05/2023 at 06:33 By Help Net Security The majority of organizations use six or more communication tools, across channels, with email remaining the channel seen as the most vulnerable to attacks (38%), according to Armorblox. Respondents mentioned multi-channel attacks are gaining momentum and frequency. More than

React to this headline:

Loading spinner

Malicious links and misaddressed emails slip past security controls Read More »

What flying a plane can teach you about cybersecurity

CISO, cybersecurity, News, podcast, strategy, tips, travel industry /

What flying a plane can teach you about cybersecurity 22/05/2023 at 06:12 By Help Net Security Before taking on the role as GM of IAI’s cyber division, Esti Peshin was a member of Israel’s parliament, wielding both legislation and regulation to strengthen the country’s renowned high-tech ecosystem. Despite her commitments, Esti shared with the Left

React to this headline:

Loading spinner

What flying a plane can teach you about cybersecurity Read More »

Week in review: KeePass vulnerability, Apple fixes exploited WebKit 0-days

News, Week in review /

Week in review: KeePass vulnerability, Apple fixes exploited WebKit 0-days 21/05/2023 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Apple fixes WebKit 0-days under attack (CVE-2023-28204, CVE-2023-32373, CVE-2023-32409) Apple has released security updates for iOS and iPadOS, macOS, tvOS and watchOS, delivering

React to this headline:

Loading spinner

Week in review: KeePass vulnerability, Apple fixes exploited WebKit 0-days Read More »

Apple fixes WebKit 0-days under attack (CVE-2023-28204, CVE-2023-32373, CVE-2023-32409)

0-day, apple, Don't miss, Hot stuff, iOS, iPad, macOS, News, security update /

Apple fixes WebKit 0-days under attack (CVE-2023-28204, CVE-2023-32373, CVE-2023-32409) 19/05/2023 at 14:19 By Zeljka Zorz Apple has released security updates for iOS and iPadOS, macOS, tvOS and watchOS, delivering fixes for many vulnerabilities but, most importantly, for CVE-2023-32409, a WebKit 0-day that “may have been actively exploited.” The notes accompanying the updates also revealed that

React to this headline:

Loading spinner

Apple fixes WebKit 0-days under attack (CVE-2023-28204, CVE-2023-32373, CVE-2023-32409) Read More »

DarkBERT could help automate dark web mining for cyber threat intelligence

Artificial Intelligence, dark web, Don't miss, Hot stuff, News, research, Threat Intelligence /

DarkBERT could help automate dark web mining for cyber threat intelligence 19/05/2023 at 13:05 By Helga Labus Researchers have developed DarkBERT, a language model pretrained on dark web data, to help cybersecurity pros extract cyber threat intelligence (CTI) from the Internet’s virtual underbelly. DarkBERT pretraining process and evaluated use case scenarios (Source: KAIST/S2W) DarkBERT: A

React to this headline:

Loading spinner

DarkBERT could help automate dark web mining for cyber threat intelligence Read More »

New infosec products of the week: May 19, 2023

Bitwarden, Cloudflare, ComplyAdvantage, Enzoic, Neurotechnology, News, Nozomi Networks, Satori /

New infosec products of the week: May 19, 2023 19/05/2023 at 07:30 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Bitwarden, Cloudflare, ComplyAdvantage, Enzoic, Neurotechnology, Nozomi Networks, and Satori. ComplyAdvantage Fraud Detection identifies and prevents transaction fraud Fraud Detection uses AI and machine learning

React to this headline:

Loading spinner

New infosec products of the week: May 19, 2023 Read More »

Scroll to Top