News

How to use Apple’s App Privacy Report to monitor data tracking

apple, cybersecurity, Don't miss, how-to, News, Privacy /

How to use Apple’s App Privacy Report to monitor data tracking 2025-01-27 at 06:03 By Help Net Security The App Privacy Report, which Apple introduced in iOS 15.2, allows users to monitor how apps access data and interact with third-party services. The report provides an in-depth analysis of the types of sensitive data accessed by […]

React to this headline:

Loading spinner

How to use Apple’s App Privacy Report to monitor data tracking Read More »

Week in review: 48k Fortinet firewalls open to attack, attackers “vishing” orgs via Microsoft Teams

News, Week in review /

Week in review: 48k Fortinet firewalls open to attack, attackers “vishing” orgs via Microsoft Teams 2025-01-26 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 48,000+ internet-facing Fortinet firewalls still open to attack Despite last week’s confirmation of and warnings about long-standing exploitation

React to this headline:

Loading spinner

Week in review: 48k Fortinet firewalls open to attack, attackers “vishing” orgs via Microsoft Teams Read More »

North Korean IT workers are extorting employers, FBI warns

data theft, Don't miss, enterprise, extortion, Hot stuff, News, North Korea, USA /

North Korean IT workers are extorting employers, FBI warns 2025-01-24 at 16:48 By Zeljka Zorz The FBI is on a mission to raise awareness about the threat that North Korean IT workers present to organizations in the US and around the world. While corporate espionage comes to mind first, the threat goes beyond that: “In

React to this headline:

Loading spinner

North Korean IT workers are extorting employers, FBI warns Read More »

Nearly half of CISOs now report to CEOs, showing their rising influence

boardroom, CISO, Hot stuff, News, report, Splunk, strategy, survey /

Nearly half of CISOs now report to CEOs, showing their rising influence 2025-01-24 at 07:33 By Industry News The CISO’s rise to the C-suite comes with more engagement with the boardroom, an audience with the CEO, and the power to make strategic decisions for the business, according to Splunk. CISOs report to the C-suite (Source:

React to this headline:

Loading spinner

Nearly half of CISOs now report to CEOs, showing their rising influence Read More »

GUI frontends for GnuPG, the free implementation of the OpenPGP standard

Don't miss, Encryption, GitHub, Linux, News, open source, software /

GUI frontends for GnuPG, the free implementation of the OpenPGP standard 2025-01-24 at 07:20 By Help Net Security GnuPG is a free and comprehensive implementation of the OpenPGP standard. It enables encryption and signing of data and communications, featuring a key management system and support for public key directories. While primarily a command-line tool, GnuPG

React to this headline:

Loading spinner

GUI frontends for GnuPG, the free implementation of the OpenPGP standard Read More »

Deepfakes force a new era in fraud detection, identity verification

cybersecurity, deepfakes, fraud, identity, identity verification, News, Regula, report, survey /

Deepfakes force a new era in fraud detection, identity verification 2025-01-24 at 06:32 By Help Net Security The rise in identity fraud over the past two years has significantly impacted all industries, especially finance, banking, fintech, and crypto, according to Regula. With deepfakes threatening every second company around the world, businesses won’t be able to

React to this headline:

Loading spinner

Deepfakes force a new era in fraud detection, identity verification Read More »

New infosec products of the week: January 24, 2025

BitSight, DataDome, DigitalOcean, Lookout, News, XONA Systems /

New infosec products of the week: January 24, 2025 2025-01-24 at 06:18 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Bitsight, DataDome, DigitalOcean, Lookout, and XONA Systems. Lookout Mobile Intelligence APIs identifies cross-platform attacks Lookout Mobile Intelligence APIs give security teams visibility into what’s

React to this headline:

Loading spinner

New infosec products of the week: January 24, 2025 Read More »

Juniper enterprise routers backdoored via “magic packet” malware

backdoor, Don't miss, enterprise, Hot stuff, Juniper Networks, Linux, Lumen, Malware, News, router /

Juniper enterprise routers backdoored via “magic packet” malware 2025-01-23 at 20:05 By Zeljka Zorz A stealthy attack campaign turned Juniper enterprise-grade routers into entry points to corporate networks via the “J-magic” backdoor, which is loaded into the devices’ memory and spawns a reverse shell when instructed to do so. “Our telemetry indicates the J-magic campaign

React to this headline:

Loading spinner

Juniper enterprise routers backdoored via “magic packet” malware Read More »

Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw

Cisco, Don't miss, Hot stuff, News, PoC, security update, video conferencing, vulnerability /

Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw 2025-01-23 at 15:03 By Zeljka Zorz Cisco has released patches for a critical privilege escalation vulnerability in Meeting Management (CVE-2025-20156) and a heap-based buffer overflow flaw (CVE-2025-20128) that, when triggered, could terminate the ClamAV scanning process on endpoints running a Cisco Secure Endpoint

React to this headline:

Loading spinner

Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw Read More »

SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006)

0-day, Don't miss, enterprise, Hot stuff, Microsoft, News, secure access, security update, SonicWall /

SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006) 2025-01-23 at 11:03 By Zeljka Zorz A critical zero-day vulnerability (CVE-2025-23006) affecting SonicWall Secure Mobile Access (SMA) 1000 Series appliances is being exploited by attackers. “We strongly advises users of the SMA1000 product to upgrade to the hotfix release version to address the vulnerability,” the company said

React to this headline:

Loading spinner

SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006) Read More »

Defense strategies to counter escalating hybrid attacks

attacks, cybercriminals, cybersecurity, Don't miss, Features, Hot stuff, Malware, News, opinion, strategy, Threat Intelligence, Trellix /

Defense strategies to counter escalating hybrid attacks 2025-01-23 at 07:33 By Zeljka Zorz In this Help Net Security interview, Tomer Shloman, Sr. Security Researcher at Trellix, talks about attack attribution, outlines solutions for recognizing hybrid threats, and offers advice on how organizations can protect themselves against hybrid attacks. What are the most promising technologies or

React to this headline:

Loading spinner

Defense strategies to counter escalating hybrid attacks Read More »

Web Cache Vulnerability Scanner: Open-source tool for detecting web cache poisoning

Don't miss, GitHub, News, open source, software /

Web Cache Vulnerability Scanner: Open-source tool for detecting web cache poisoning 2025-01-23 at 07:03 By Help Net Security The Web Cache Vulnerability Scanner (WCVS) is an open-source command-line tool for detecting web cache poisoning and deception. The scanner, developed by Maximilian Hildebrand, offers extensive support for various web cache poisoning and deception techniques. It features

React to this headline:

Loading spinner

Web Cache Vulnerability Scanner: Open-source tool for detecting web cache poisoning Read More »

CISOs are juggling security, responsibility, and burnout

BlackFog, CISO, cybersecurity, Cycode, DirectDefense, Gigamon, Google, Ivanti, LevelBlue, News, Onyxia, report, strategy, survey /

CISOs are juggling security, responsibility, and burnout 2025-01-23 at 06:34 By Help Net Security This article gathers excerpts from multiple reports, presenting statistics and insights that may be valuable for CISOs, helping them with informed decision-making, risk management, and developing strategies to enhance their organization’s cybersecurity posture. CISOs don’t invest enough in code security 72%

React to this headline:

Loading spinner

CISOs are juggling security, responsibility, and burnout Read More »

Stratoshark: Wireshark for the cloud – now available!

Cloud, Don't miss, News, open source, penetration testing, software, Sysdig, wireless, Wireshark /

Stratoshark: Wireshark for the cloud – now available! 2025-01-22 at 20:33 By Help Net Security Stratoshark is an innovative open-source tool that brings Wireshark’s detailed network visibility to the cloud, providing users with a standardized approach to cloud observability. Stratoshark incorporates much of Wireshark’s codebase, including its user interface elements. The interface and workflows will

React to this headline:

Loading spinner

Stratoshark: Wireshark for the cloud – now available! Read More »

Mirai botnet behind the largest DDoS attack to date

attacks, botnet, cybercrime, DDoS, Don't miss, Hot stuff, Internet of Things, News /

Mirai botnet behind the largest DDoS attack to date 2025-01-22 at 17:20 By Zeljka Zorz Researchers have uncovered two Mirai-based botnets harnessing Internet of Things (IoT) devices to DDoS target organizations around the world. The Murdoc botnet Qualys researchers have laid bare the “Murdoc” botnet, consisting of some 1,300 IoT devices saddled with a variant

React to this headline:

Loading spinner

Mirai botnet behind the largest DDoS attack to date Read More »

48,000+ internet-facing Fortinet firewalls still open to attack

Arctic Wolf Networks, Asia, Don't miss, enterprise, firewall, Fortinet, Hot stuff, Kroll, News, Shadowserver, USA /

48,000+ internet-facing Fortinet firewalls still open to attack 2025-01-22 at 14:34 By Zeljka Zorz Despite last week’s confirmation of and warnings about long-standing exploitation of CVE-2024-55591, a critical vulnerability affecting Fortinet Fortigate firewalls, too many vulnerable devices are still accessible from the Internet and open to attack: over 48,000, according to data from the Shadowserver

React to this headline:

Loading spinner

48,000+ internet-facing Fortinet firewalls still open to attack Read More »

China-aligned PlushDaemon APT compromises supply chain of Korean VPN

APT, backdoor, China, cyber espionage, cybercrime, ESET, Malware, News, report, VPN /

China-aligned PlushDaemon APT compromises supply chain of Korean VPN 2025-01-22 at 08:04 By Help Net Security ESET researchers have uncovered a supply chain attack targeting a South Korean VPN provider, carried out by PlushDaemon, a newly identified China-aligned APT group. In this cyberespionage campaign, the attackers compromised the legitimate installer, replacing it with a malicious

React to this headline:

Loading spinner

China-aligned PlushDaemon APT compromises supply chain of Korean VPN Read More »

Acronis CISO on why backup strategies fail and how to make them resilient

Acronis, automation, backup, cybersecurity, disaster recovery, Don't miss, Features, Hot stuff, News, opinion, strategy, tips /

Acronis CISO on why backup strategies fail and how to make them resilient 2025-01-22 at 07:07 By Mirko Zorz In this Help Net Security interview, Gerald Beuchelt, CISO at Acronis, discusses common backup strategy pitfalls, reasons for backup failures, and offers actionable advice for organizations looking to improve their backup and recovery processes. The post

React to this headline:

Loading spinner

Acronis CISO on why backup strategies fail and how to make them resilient Read More »

Privacy professionals feel more stressed than ever

Compliance, ISACA, News, Privacy, report, survey /

Privacy professionals feel more stressed than ever 2025-01-22 at 06:38 By Help Net Security Despite progress made in privacy staffing and strategy alignment, privacy professionals are feeling increasingly stressed on the job within a complex compliance and risk landscape, according to new research from ISACA. Top three obstacles facing privacy programs ISACA’s State of Privacy

React to this headline:

Loading spinner

Privacy professionals feel more stressed than ever Read More »

Cybersecurity books on ransomware you shouldn’t miss

books, cybersecurity, News, Ransomware /

Cybersecurity books on ransomware you shouldn’t miss 2025-01-22 at 06:18 By Help Net Security This list of ransomware-focused cybersecurity books is tailored for professionals seeking practical insights and deeper knowledge. Covering technical strategies, real-world cases, and the evolving tactics of attackers, these books offer valuable perspectives to help strengthen defenses and refine incident response plans.

React to this headline:

Loading spinner

Cybersecurity books on ransomware you shouldn’t miss Read More »

Scroll to Top