News

Microsoft asks Windows Insiders to try out the controversial Recall feature

Artificial Intelligence, data security, Don't miss, endpoint management, enterprise, Hot stuff, Microsoft, News, Privacy, Windows /

Microsoft asks Windows Insiders to try out the controversial Recall feature 2024-11-25 at 16:33 By Zeljka Zorz Participants of the Windows Insider Program that have a Qualcomm Snapdragon-powered Copilot+ PC can now try out Recall, the infamous snapshot-taking, AI-powered feature that was met with much criticism when it was unveiled earlier this year. “We heard […]

React to this headline:

Loading spinner

Microsoft asks Windows Insiders to try out the controversial Recall feature Read More »

Wireshark 4.4.2: Security updates, bug fixes, updated protocol support

News /

Wireshark 4.4.2: Security updates, bug fixes, updated protocol support 2024-11-25 at 12:18 By Help Net Security Wireshark, the popular network protocol analyzer, has reached version 4.4.2. It is used for troubleshooting, analysis, development and education. The following vulnerabilities have been fixed: wnpa-sec-2024-14 FiveCo RAP dissector infinite loop. wnpa-sec-2024-15 ECMP dissector crash. Updated protocol support: ARTNET,

React to this headline:

Loading spinner

Wireshark 4.4.2: Security updates, bug fixes, updated protocol support Read More »

AI Kuru, cybersecurity and quantum computing

Artificial Intelligence, cybersecurity, Don't miss, Encryption, Expert analysis, Expert corner, Hot stuff, News, opinion, Qrypt, quantum computing /

AI Kuru, cybersecurity and quantum computing 2024-11-25 at 08:13 By Help Net Security As we continue to delegate more infrastructure operations to artificial intelligence (AI), quantum computers are advancing towards Q-day (i.e., the day when quantum computers can break current encryption methods). This could compromise the security of digital communications, as well as autonomous control

React to this headline:

Loading spinner

AI Kuru, cybersecurity and quantum computing Read More »

Overcoming legal and organizational challenges in ethical hacking

Artificial Intelligence, cybersecurity, Don't miss, Features, hacking, Hackrate, Hot stuff, News, open source, opinion, penetration testing, regulation, skill development, strategy, tips /

Overcoming legal and organizational challenges in ethical hacking 2024-11-25 at 07:33 By Mirko Zorz In this Help Net Security interview, Balázs Pózner, CEO at Hackrate, discusses the essential technical skills for ethical hackers and how they vary across different security domains. He explains how AI and machine learning enhance ethical hacking by streamlining vulnerability detection

React to this headline:

Loading spinner

Overcoming legal and organizational challenges in ethical hacking Read More »

Deploy a SOC using Kali Linux in AWS

AWS, cybersecurity, GitHub, Kali Linux, News, open source, SOC, Terraform /

Deploy a SOC using Kali Linux in AWS 2024-11-25 at 07:04 By Mirko Zorz The Kali SOC in AWS project enables the deployment of a Security Operations Center (SOC) in AWS, utilizing the Kali Linux toolset for purple team activities. This environment is ideal for honing skills in security operations, threat detection, incident response, and

React to this headline:

Loading spinner

Deploy a SOC using Kali Linux in AWS Read More »

Week in review: 0-days exploited in Palo Alto Networks firewalls, two unknown Linux backdoors identified

News, Week in review /

Week in review: 0-days exploited in Palo Alto Networks firewalls, two unknown Linux backdoors identified 2024-11-24 at 11:03 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 2,000 Palo Alto Networks devices compromised in latest attacks Attackers have compromised around 2,000 Palo Alto Networks firewalls

React to this headline:

Loading spinner

Week in review: 0-days exploited in Palo Alto Networks firewalls, two unknown Linux backdoors identified Read More »

SentinelOne AI-SPM detects misconfigurations and vulnerabilities in AI applications

News, SentinelOne /

SentinelOne AI-SPM detects misconfigurations and vulnerabilities in AI applications 2024-11-22 at 11:06 By Industry News SentinelOne announced new AI security posture management (AI-SPM) capabilities to protect and secure the use of AI services in the workplace. Built on SentinelOne’s Singularity cybersecurity platform, the new offering will expand SentinelOne’s top-rated Singularity Cloud Security portfolio to give

React to this headline:

Loading spinner

SentinelOne AI-SPM detects misconfigurations and vulnerabilities in AI applications Read More »

Proxmox Virtual Environment 8.3: SDN-firewall integration, faster container backups, and more!

News, open source, Proxmox, virtualization /

Proxmox Virtual Environment 8.3: SDN-firewall integration, faster container backups, and more! 2024-11-22 at 10:01 By Help Net Security The Proxmox Virtual Environment 8.3 enterprise virtualization solution features management tools and a user-friendly web interface, allowing you to deploy open-source solutions in clustered, highly available setups. This version is based on Debian 12.8 (Bookworm), but uses

React to this headline:

Loading spinner

Proxmox Virtual Environment 8.3: SDN-firewall integration, faster container backups, and more! Read More »

The limits of AI-based deepfake detection

Artificial Intelligence, cybersecurity, deepfakes, Don't miss, Features, Hot stuff, News, opinion, Reality Defender, social engineering /

The limits of AI-based deepfake detection 2024-11-22 at 08:03 By Mirko Zorz In this Help Net Security interview, Ben Colman, CEO of Reality Defender, discusses the challenges of detecting high-quality deepfakes in real-world applications. He addresses the effectiveness and limitations of watermarking, AI-based detection, and the potential of emerging technologies in securing media authenticity. Colman

React to this headline:

Loading spinner

The limits of AI-based deepfake detection Read More »

Cybercriminals turn to pen testers to test ransomware efficiency

Cato Networks, cybercrime, News, Ransomware, report, survey /

Cybercriminals turn to pen testers to test ransomware efficiency 2024-11-22 at 07:04 By Help Net Security Ransomware gangs recruit pen testers to improve attack reliability Threat actors employ pen testers to improve ransomware effectiveness Threat actors are recruiting pen testers to test and improve the reliability of their ransomware for affiliate programs, according to Cato

React to this headline:

Loading spinner

Cybercriminals turn to pen testers to test ransomware efficiency Read More »

Deepfake attacks occur every five minutes

cybercrime, Entrust, fraud, identity verification, News, report, survey /

Deepfake attacks occur every five minutes 2024-11-22 at 06:35 By Help Net Security As cybercriminals continue to adapt their techniques to find new ways through defenses, AI-assisted fraud is growing increasingly sophisticated and frequent, according to Entrust. The findings reveal a deepfake attack happened every five minutes in 2024, while digital document forgeries increased 244%

React to this headline:

Loading spinner

Deepfake attacks occur every five minutes Read More »

New infosec products of the week: November 22, 2024

Aon, Arkose Labs, HiddenLayer, Hornetsecurity, News, Radware, Tanium /

New infosec products of the week: November 22, 2024 2024-11-22 at 06:03 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Aon, Arkose Labs, HiddenLayer, Hornetsecurity, Radware, and Tanium. Arkose Device ID detects suspicious activity patterns By adding Arkose Device ID to the Arkose Labs’

React to this headline:

Loading spinner

New infosec products of the week: November 22, 2024 Read More »

US charges five alleged members of Scattered Spider gang

cybercrime, DOJ, law enforcement, News, phishing, scams /

US charges five alleged members of Scattered Spider gang 2024-11-21 at 18:03 By Help Net Security Law enforcement unsealed criminal charges against five alleged members of Scattered Spider, who allegedly targeted employees of companies nationwide with phishing text messages and then used the harvested employee credentials to log in and steal non-public company data and

React to this headline:

Loading spinner

US charges five alleged members of Scattered Spider gang Read More »

Active network of North Korean IT front companies exposed

China, Don't miss, Hot stuff, Insider Threat, News, North Korea, Palo Alto Networks, SentinelOne, software development, tips, USA /

Active network of North Korean IT front companies exposed 2024-11-21 at 16:18 By Zeljka Zorz An analysis of the websites belonging to companies that served as a front for getting North Korean IT workers remote jobs with businesses worldwide has revealed an active network of such companies originating in China. Unearthing North Korean IT front

React to this headline:

Loading spinner

Active network of North Korean IT front companies exposed Read More »

2,000 Palo Alto Networks devices compromised in latest attacks

CVE, Don't miss, enterprise, firewall, Hot stuff, India, News, Palo Alto Networks, Shadowserver, USA /

2,000 Palo Alto Networks devices compromised in latest attacks 2024-11-21 at 13:27 By Zeljka Zorz Attackers have compromised around 2,000 Palo Alto Networks firewalls by leveraging the two recently patched zero-days (CVE-2024-0012 and CVE-2024-9474), Shadowserver Foundation’s internet-wide scanning has revealed. Compromised devices are predominantly located in the US and India, the nonprofit says. Manual and

React to this headline:

Loading spinner

2,000 Palo Alto Networks devices compromised in latest attacks Read More »

Researchers unearth two previously unknown Linux backdoors

APT, backdoor, cybersecurity, Don't miss, ESET, Hot stuff, Linux, Malware, News, threat, VirusTotal /

Researchers unearth two previously unknown Linux backdoors 2024-11-21 at 12:12 By Help Net Security ESET researchers have identified multiple samples of two previously unknown Linux backdoors: WolfsBane and FireWood. The goal of the backdoors and tools discovered is cyberespionage that targets sensitive data such as system information, user credentials, and specific files and directories. These

React to this headline:

Loading spinner

Researchers unearth two previously unknown Linux backdoors Read More »

Ukrainian cyberwar experience becomes blueprint for TRYZUB cyber training service

CERT, CERT-UA, News, skill development, Ukraine /

Ukrainian cyberwar experience becomes blueprint for TRYZUB cyber training service 2024-11-21 at 10:58 By Help Net Security The Computer Emergency Response Team of Ukraine (CERT-UA), part of the State Service of Special Communications and Information Protection (SSSCIP), has joined forces with the simulation training platform Cyber Ranges to unveil TRYZUB, a cyber resilience training and

React to this headline:

Loading spinner

Ukrainian cyberwar experience becomes blueprint for TRYZUB cyber training service Read More »

AxoSyslog: Open-source scalable security data processor

cybersecurity, Don't miss, GitHub, News, open source, software /

AxoSyslog: Open-source scalable security data processor 2024-11-21 at 08:52 By Mirko Zorz AxoSyslog is a syslog-ng fork, created and maintained by the original creator of syslog-ng, Balazs Scheidler, and his team. “We first started by making syslog-ng more cloud-ready: we packaged syslog-ng in a container, added helm charts, and made it more suitable for use

React to this headline:

Loading spinner

AxoSyslog: Open-source scalable security data processor Read More »

Product showcase: Augmenting penetration testing with Plainsea

cybersecurity, Don't miss, Hot stuff, News, penetration testing, Plainsea, Product showcase /

Product showcase: Augmenting penetration testing with Plainsea 2024-11-21 at 08:03 By Help Net Security Human-led penetration testing is an essential practice for any organization seeking to proactively address potential attack vectors. However, this indispensable pentesting method is often limited by several factors: high resource demands, project time constraints, dispersed communication, and lack of continuous visibility

React to this headline:

Loading spinner

Product showcase: Augmenting penetration testing with Plainsea Read More »

CWE top 25 most dangerous software weaknesses

CVE, cybersecurity, Don't miss, Hot stuff, News, vulnerability /

CWE top 25 most dangerous software weaknesses 2024-11-21 at 07:33 By Help Net Security The CWE list of the 25 most dangerous software weaknesses demonstrates the currently most common and impactful software flaws. Identifying the root causes of these vulnerabilities provides insights to shape investments, policies, and practices that proactively prevent their occurrence. The CWE

React to this headline:

Loading spinner

CWE top 25 most dangerous software weaknesses Read More »

Scroll to Top