Keeping up with automated threats is becoming harder 2024-09-02 at 06:31 By Help Net Security 98% of organizations attacked by bots in the past year lost revenue as a result, according to Kasada. Web scraping (web crawling) is a significant threat followed closely by account fraud, with more than one third of IT/IS specialists reporting […]
Keeping up with automated threats is becoming harder Read More »
Infosec products of the month: August 2024 2024-09-02 at 06:01 By Help Net Security Here’s a look at the most interesting products from the past month, featuring releases from: Adaptive Shield, AppOmni, ArmorCode, Bitwarden, Cequence Security, ClearSale, Clutch Security, Contrast Security, Dragos, Elastic, Endor Labs, Entrust, Fortanix, Fortinet, Guardio, HYCU, Ivanti, McAfee, Nucleus Security, Own,
Infosec products of the month: August 2024 Read More »
Week in review: SonicWall critical firewalls flaw fixed, APT exploits WPS Office for Windows RCE 2024-09-01 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766) SonicWall has patched a critical vulnerability (CVE-2024-40766) in its next-gen
How RansomHub went from zero to 210 victims in six months 2024-08-30 at 15:16 By Zeljka Zorz RansomHub, a ransomware-as-a-service (RaaS) outfit that “popped up” earlier this year, has already amassed at least 210 victims (that we know of). Its affiliates have hit government services, IT and communication companies, healthcare institutions, financial organizations, emergency services,
How RansomHub went from zero to 210 victims in six months Read More »
A macro look at the most pressing cybersecurity risks 2024-08-30 at 07:31 By Help Net Security Forescout’s 2024H1 Threat Review is a new report that reviews the current state of vulnerabilities, threat actors, and ransomware attacks in the first half of 2024 and compares them to H1 2023. “Attackers are looking for any weak point
A macro look at the most pressing cybersecurity risks Read More »
Sinon: Open-source automatic generative burn-in for Windows deception hosts 2024-08-30 at 07:01 By Mirko Zorz Sinon is an open-source, modular tool for the automatic burn-in of Windows-based deception hosts. It aims to reduce the difficulty of orchestrating deception hosts at scale while enabling diversity and randomness through generative capabilities. Sinon is designed to automate the
Sinon: Open-source automatic generative burn-in for Windows deception hosts Read More »
Cyber threats that shaped the first half of 2024 2024-08-30 at 06:31 By Help Net Security Global cybercrime has shown no sign of decline and is expected to grow strong per year over the next five years. To identify the most urgent cybersecurity threats of the first half of 2024, the Critical Start Cyber Research
Cyber threats that shaped the first half of 2024 Read More »
New infosec products of the week: August 30, 2024 2024-08-30 at 06:01 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Bitwarden, Dragos, Fortinet, HYCU, and Rezonate. Fortinet introduces sovereign SASE and GenAI capabilities Fortinet announced the addition of sovereign SASE and GenAI capabilities to
New infosec products of the week: August 30, 2024 Read More »
Midnight Blizzard delivered iOS, Chrome exploits via compromised government websites 2024-08-29 at 16:16 By Zeljka Zorz Suspected Russian hackers have been hitting iPhone and Android users visiting government websites with exploits first leveraged by commercial surveillance vendors, Google TAG researchers shared. The watering hole campaigns Between November 2023 and July 2024, threat actors have repeatedly
Midnight Blizzard delivered iOS, Chrome exploits via compromised government websites Read More »
The NIS2 Directive: How far does it reach? 2024-08-29 at 07:31 By Help Net Security The NIS2 Directive is one of the most recent efforts of the EU legislator to boost cybersecurity across the bloc and to keep up with the challenges of an increasingly digitalized society and growing cyber threats. As the name implies,
The NIS2 Directive: How far does it reach? Read More »
Why ransomware attackers target Active Directory 2024-08-29 at 07:02 By Help Net Security Ransomware attacks have surged 78% year-over-year, affecting various sectors and organizations and significantly impacting supply chains. In this Help, Net Security video, Craig Birch, Technology Evangelist, and Principal Security Engineer at Cayosoft, discusses the rise of ransomware attacks, why attackers often target
Why ransomware attackers target Active Directory Read More »
Deepfakes: Seeing is no longer believing 2024-08-29 at 06:35 By Help Net Security The threat of deepfakes lies not in the technology itself, but in people’s natural tendency to trust what they see. As a result, deepfakes don’t need to be highly advanced or convincing to effectively spread misinformation and disinformation. While many organizations have
Deepfakes: Seeing is no longer believing Read More »
Third-party risk management is under the spotlight 2024-08-29 at 06:01 By Help Net Security In the aftermath of the CrowdStrike IT outage, new research has uncovered a critical vulnerability within financial institutions regarding supply chain resilience. The outage has demonstrated the need for greater digital supply chain resilience, particularly in vital sectors such as financial
Third-party risk management is under the spotlight Read More »
Pioneer Kitten: Iranian hackers partnering with ransomware affiliates 2024-08-28 at 19:46 By Zeljka Zorz A group of Iranian hackers – dubbed Pioneer Kitten by cybersecurity researchers – is straddling the line between state-contracted cyber espionage group and initial access provider (and partner in crime) for affiliates of several ransomware groups. “The FBI assesses these actors
Pioneer Kitten: Iranian hackers partnering with ransomware affiliates Read More »
Trustwave Named the Innovation Leader by Frost & Sullivan for the Americas and Europe 2024-08-28 at 16:01 By The analyst firm Frost & Sullivan has recognized Trustwave with the dual honors of being positioned as the Innovation leader in its 2024 Managed Security Services (MSS) Radar, Americas, and 2024 MSS Radar, Europe, the second time
Trustwave Named the Innovation Leader by Frost & Sullivan for the Americas and Europe Read More »
BlackByte affiliates use new encryptor and new TTPs 2024-08-28 at 13:16 By Zeljka Zorz BlackByte, the ransomware-as-a-service gang believed to be one of Conti’s splinter groups, has (once again) created a new iteration of its encryptor. “Talos observed some differences in the recent BlackByte attacks. Most notably, encrypted files across all victims were rewritten with
BlackByte affiliates use new encryptor and new TTPs Read More »
Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633) 2024-08-28 at 12:02 By Zeljka Zorz Organizations using Fortra’s FileCatalyst Workflow are urged to upgrade their instances, so that attackers can’t access an internal HSQL database by exploiting known static credentials (CVE-2024-6633). “Once logged in to the HSQLDB, the attacker can perform malicious operations in the database. For
Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633) Read More »
APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262) 2024-08-28 at 12:02 By Help Net Security ESET researchers discovered a remote code execution vulnerability in WPS Office for Windows (CVE-2024-7262). APT-C-60, a South Korea-aligned cyberespionage group, was exploiting it to target East Asian countries. When examining the root cause, ESET discovered another way to
APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262) Read More »
Cryptomator: Open-source cloud storage encryption 2024-08-28 at 07:31 By Mirko Zorz Cryptomator offers open-source, client-side encryption of your files in the cloud. It’s available for Windows, Linux, macOS and iOS. Cryptomator works with Dropbox, Google Drive, OneDrive, MEGA, pCloud, ownCloud, Nextcloud, and any other cloud storage service that synchronizes with a local directory. Key features
Cryptomator: Open-source cloud storage encryption Read More »
Cybersecurity jobs available right now: August 28, 2024 2024-08-28 at 07:01 By Mirko Zorz Business Information Security Officer Toyota North America | USA | On-site – View job details Acting as an Information Security ambassador to the business, this role works with technology, data, risk, business, and the larger TFS Information Security team to provide
Cybersecurity jobs available right now: August 28, 2024 Read More »