News

Week in review: Atlassian Confluence RCE PoC, new Kali Linux, Patch Tuesday forecast

News, Week in review /

Week in review: Atlassian Confluence RCE PoC, new Kali Linux, Patch Tuesday forecast 2024-06-09 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: High-risk Atlassian Confluence RCE fixed, PoC available (CVE-2024-21683) If you’re self-hosting an Atlassian Confluence Server or Data Center installation, you […]

Week in review: Atlassian Confluence RCE PoC, new Kali Linux, Patch Tuesday forecast Read More »

Windows Recall will be opt-in and the data more secure, Microsoft says

data security, Don't miss, Encryption, Hot stuff, Microsoft, News, Privacy, Windows /

Windows Recall will be opt-in and the data more secure, Microsoft says 2024-06-07 at 22:02 By Zeljka Zorz The insistent public complaints and proof-of-concept tools have have borne fruit: Microsoft has realized that the security of its recently previewed Windows Recall feature leaves much to be desired, and has announced important changes. About Windows Recall

Windows Recall will be opt-in and the data more secure, Microsoft says Read More »

SolarWinds fixes severe Serv-U vulnerability (CVE-2024-28995)

CVE, Don't miss, enterprise, file-sharing, Hot stuff, News, SolarWinds, vulnerability /

SolarWinds fixes severe Serv-U vulnerability (CVE-2024-28995) 2024-06-07 at 20:01 By Zeljka Zorz SolarWinds has fixed a high-severity vulnerability (CVE-2024-28995) affecting its Serv-U managed file transfer (MFT) server solution, which could be exploited by unauthenticated attackers to access sensitive files on the host machine. About CVE-2024-28995 Serv-U MFT Server is a widely used enterprise solution that

SolarWinds fixes severe Serv-U vulnerability (CVE-2024-28995) Read More »

June 2024 Patch Tuesday forecast: Multiple announcements from Microsoft

Adobe, apple, cybersecurity, Don't miss, Hot stuff, Microsoft, Mozilla, News, opinion, Patch Tuesday, predictions, security update, Windows /

June 2024 Patch Tuesday forecast: Multiple announcements from Microsoft 2024-06-07 at 08:16 By Help Net Security May 2024 Patch Tuesday was unusual because we had security updates from Adobe, Apple, Google, Mozilla, and Microsoft on the same day. While individually from each vendor, the updates weren’t that large, managing them together was more challenging. On

June 2024 Patch Tuesday forecast: Multiple announcements from Microsoft Read More »

Cyber insurance isn’t the answer for ransom payments

cyberattacks, cybersecurity, News, Ransomware, report, survey, Veeam Software /

Cyber insurance isn’t the answer for ransom payments 2024-06-07 at 07:31 By Help Net Security Ransomware remains an ongoing threat for organizations and is the largest single cause of IT outages and downtime as 41% of data is compromised during a cyberattack, according to Veeam. “Ransomware is endemic, impacting 3 out of 4 organizations in

Cyber insurance isn’t the answer for ransom payments Read More »

26% of organizations lack any form of IT security training

cybersecurity, Hornetsecurity, News, report, strategy, survey /

26% of organizations lack any form of IT security training 2024-06-07 at 06:33 By Help Net Security 26% of organizations don’t provide IT security training to end-users, according to Hornetsecurity. The Hornetsecurity survey, which compiled feedback from industry professionals worldwide, also reveals that 8% of organizations offer adaptive training that evolves based on the results

26% of organizations lack any form of IT security training Read More »

New infosec products of the week: June 7, 2024

Appdome, News, SailPoint, Tines, Trend Micro, Verimatrix, Zyxel /

New infosec products of the week: June 7, 2024 2024-06-07 at 06:01 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Appdome, SailPoint, Tines, Trend Micro, Verimatrix, and Zyxel Networks. Zyxel Networks USG LITE 60AX improves network security Zyxel Networks launched USG LITE 60AX–an AX6000

New infosec products of the week: June 7, 2024 Read More »

Zyxel patches critical flaws in EOL NAS devices

CVE, Don't miss, Hot stuff, NAS, News, Outpost24, patch, PoC, vulnerability, Zyxel /

Zyxel patches critical flaws in EOL NAS devices 2024-06-06 at 14:46 By Zeljka Zorz Zyxel has released patches for three critical vulnerabilities (CVE-2024-29972, CVE-2024-29973, and CVE-2024-29974) affecting two network-attached storage (NAS) devices that have recently reached end-of-vulnerability-support. About the vulnerabilities The three vulnerabilities are: A command injection vulnerability in the CGI program that could allow

Zyxel patches critical flaws in EOL NAS devices Read More »

Webinar: Exposure management and your attack surface

Don't miss, Intruder, News, Whitepapers and webinars /

Webinar: Exposure management and your attack surface 2024-06-06 at 11:01 By Help Net Security Your business, attack surface, and threat landscape are not static—they are constantly changing. New vulnerabilities are disclosed hourly, new exploits for old vulnerabilities are publicly released, and threat actors update their techniques continuously. Knowing where and how to prioritize your security

Webinar: Exposure management and your attack surface Read More »

Sniffnet: Free, open-source network monitoring

cybersecurity, Don't miss, GitHub, Hot stuff, monitoring, network monitoring, networking, News, open source, penetration testing, scanning, software /

Sniffnet: Free, open-source network monitoring 2024-06-06 at 07:01 By Mirko Zorz Sniffnet is a free, open-source network monitoring tool to help you easily track your Internet traffic. What sets it apart is its strong focus on user experience. Unlike most network analyzers, Sniffnet is built to be easily usable by everyone, regardless of technical expertise.

Sniffnet: Free, open-source network monitoring Read More »

78% of SMBs fear cyberattacks could shut down their business

ConnectWise, cyberattacks, cybersecurity, News, report, SMBs, survey /

78% of SMBs fear cyberattacks could shut down their business 2024-06-06 at 06:01 By Help Net Security 94% of SMBs have experienced at least one cyberattack, a dramatic rise from 64% in 2019, according to ConnectWise. This increase in cyberattacks is exacerbated by the fact that 76% of SMBs lack the in-house skills to properly

78% of SMBs fear cyberattacks could shut down their business Read More »

Chinese attackers leverage previously unseen malware for espionage

China, cyber espionage, cybercrime, cybersecurity, Malware, News, report, Sophos, survey /

Chinese attackers leverage previously unseen malware for espionage 2024-06-06 at 05:46 By Help Net Security Sophos released its report, “Operation Crimson Palace: Threat Hunting Unveils Multiple Clusters of Chinese State-Sponsored Activity Targeting Southeast Asia,” which details a highly sophisticated, nearly two-year long espionage campaign against a high-level government target. During Sophos X-Ops’ investigation, which began

Chinese attackers leverage previously unseen malware for espionage Read More »

Vulnerability in Cisco Webex cloud service exposed government authorities, companies

Cisco, cloud security, Don't miss, enterprise, Europe, Germany, Government, Hot stuff, News, research, video conferencing, vulnerability, Webex /

Vulnerability in Cisco Webex cloud service exposed government authorities, companies 2024-06-05 at 22:33 By Zeljka Zorz The vulnerability that allowed a German journalist to discover links to video conference meetings held by Bundeswehr (the German armed forces) and the Social Democratic Party of Germany (SPD) via their self-hosted Cisco Webex instances similarly affected the Webex

Vulnerability in Cisco Webex cloud service exposed government authorities, companies Read More »

Kali Linux 2024.2 released: 18 new tools, countless updates

Don't miss, Hot stuff, Kali Linux, Linux, News, OffSec, open source, penetration testing, software /

Kali Linux 2024.2 released: 18 new tools, countless updates 2024-06-05 at 21:31 By Help Net Security Kali Linux 2024.2 is now available. It includes future package compatibility for 32-bit platforms, improvements to GNOME 46 and Xfce, and 18 new tools. Desktop changes Kali 2024.2 introduces GNOME 46, offering a refined experience that builds on the

Kali Linux 2024.2 released: 18 new tools, countless updates Read More »

Photos: Infosecurity Europe 2024

Adaptive Shield, Akamai, conferences, Jamf, Microsoft, News, Plainsea, Qualys /

Photos: Infosecurity Europe 2024 2024-06-05 at 16:01 By Help Net Security Infosecurity Europe is taking place at ExCel London from 4-6 June 2024. Help Net Security is on-site. This gallery takes you inside the event. The featured vendors are: Plainsea, Qualys, Akamai, Microsoft, Bridewell, Adaptive Shield, Jamf. The post Photos: Infosecurity Europe 2024 appeared first

Photos: Infosecurity Europe 2024 Read More »

TotalRecall shows how easily data collected by Windows Recall can be stolen

Artificial Intelligence, data security, data theft, Don't miss, GitHub, Hot stuff, Microsoft, News, PoC, Privacy, software, Windows /

TotalRecall shows how easily data collected by Windows Recall can be stolen 2024-06-05 at 13:16 By Zeljka Zorz Ethical hacker Alexander Hagenah has created TotalRecall, a tool that demonstrates how malicious individuals could abuse Windows’ newly announced Recall feature to steal sensitive information. TotalRecall results (Source: Alexander Hagenah) Copilot+ Recall and its security pitfalls On

TotalRecall shows how easily data collected by Windows Recall can be stolen Read More »

No summer break for cybercrime: Why educational institutions need better cyber resilience

cyber resilience, cybercrime, cybersecurity, Don't miss, education, Endpoint Security, Expert analysis, Expert corner, Hot stuff, News, opinion, Tanium /

No summer break for cybercrime: Why educational institutions need better cyber resilience 2024-06-05 at 07:31 By Help Net Security The education system isn’t equipped to handle today’s cyberthreats. I’m not just talking about cybersecurity education in schools shaping the technical workforce of the future – America’s schools themselves are prime targets for cybercrime today. In

No summer break for cybercrime: Why educational institutions need better cyber resilience Read More »

How AI-powered attacks are accelerating the shift to zero trust strategies

Artificial Intelligence, cybersecurity, deepfakes, Don't miss, Entrust, Features, generative AI, Hot stuff, identity, News, opinion, strategy, zero trust /

How AI-powered attacks are accelerating the shift to zero trust strategies 2024-06-05 at 07:01 By Mirko Zorz In this Help Net Security interview, Jenn Markey, Advisor to The Entrust Cybersecurity Institute, discusses the increasing adoption of enterprise-wide zero trust strategies in response to evolving cyber threats. Markey discusses the impact of emerging threats like AI-generated

How AI-powered attacks are accelerating the shift to zero trust strategies Read More »

Cybersecurity jobs available right now: June 5, 2024

cybersecurity jobs, News /

Cybersecurity jobs available right now: June 5, 2024 2024-06-05 at 06:31 By Anamarija Pogorelec Corporate Data Protection Manager GLS | Germany | Hybrid – View job details As a Corporate Data Protection Manager, you will develop the Corporate Data Protection Framework with a special focus on compliance with the EU General Data Protection Regulation. Develop

Cybersecurity jobs available right now: June 5, 2024 Read More »

Find out which cyber threats you should be concerned about

Abnormal Security, Arctic Wolf Networks, At-Bay, BitSight, Cato Networks, Check Point, Cisco, Claroty, Corvus Insurance, cybercrime, cybersecurity, Delinea, Don't miss, Egress, GitGuardian, Hot stuff, Imperva, Mimecast, News, NTT Security, Proofpoint, ReliaQuest, report, SecurityScorecard, Socure, Sophos, SpyCloud, survey, Thales, threat, Trustpair, Verizon, VikingCloud, VIPRE Security, Zscaler /

Find out which cyber threats you should be concerned about 2024-06-05 at 06:01 By Help Net Security This article includes excerpts from various reports that offer statistics and insights into the current cyber threat landscape. Human error still perceived as the Achilles’ heel of cybersecurity Proofpoint | 2024 Voice of the CISO | May 2024

Find out which cyber threats you should be concerned about Read More »

Scroll to Top