News

Drozer: Open-source Android security assessment framework

Android, Application Security, Don't miss, GitHub, Hot stuff, mobile security, News, open source, penetration testing, software, WithSecure /

Drozer: Open-source Android security assessment framework 2024-03-27 at 06:32 By Mirko Zorz Drozer is an open-source security testing framework for Android, whose primary purpose is to make the life of mobile application security testers easier. Drozer features The solution enables the identification of security vulnerabilities in applications and devices by taking on the role of […]

Drozer: Open-source Android security assessment framework Read More »

17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns

BSI, Don't miss, enterprise, Germany, Hot stuff, Microsoft Exchange, News, Shadowserver, vulnerability /

17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns 2024-03-26 at 15:31 By Zeljka Zorz Around 12% of the 45,000 or so Microsoft Exchange servers in Germany that can be accessed from the Internet without restrictions “are so outdated that security updates are no longer offered for them,” the German Federal Office

17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns Read More »

Apps secretly turning devices into proxy network nodes removed from Google Play

consumer, Don't miss, enterprise, Hot stuff, HUMAN Security, mobile apps, News, Orange Cyberdefense, Proxy, research, Sekoia.io /

Apps secretly turning devices into proxy network nodes removed from Google Play 2024-03-26 at 12:16 By Zeljka Zorz Your smartphone might be part of a proxy network, and you might not even know it: all it takes is for you to download apps whose developers have included the functionality and didn’t mention it. If that

Apps secretly turning devices into proxy network nodes removed from Google Play Read More »

Reinforcement learning is the path forward for AI integration into cybersecurity

Artificial Intelligence, CISO, cybersecurity, data, Don't miss, Expert analysis, Expert corner, Groupe SEB, Hot stuff, machine learning, News, opinion, predictions, SOC /

Reinforcement learning is the path forward for AI integration into cybersecurity 2024-03-26 at 08:01 By Help Net Security AI’s algorithms and machine learning can cull through immense volumes of data efficiently and in a relatively short amount of time. This is instrumental to helping network defenders sift through a never-ending supply of alerts and identify

Reinforcement learning is the path forward for AI integration into cybersecurity Read More »

Strengthening critical infrastructure cybersecurity is a balancing act

access control, attacks, critical infrastructure, cybersecurity, Don't miss, Features, Hot stuff, information sharing, News, opinion, regulation, resilience, strategy, zero trust /

Strengthening critical infrastructure cybersecurity is a balancing act 2024-03-26 at 07:31 By Mirko Zorz In this Help Net Security interview, Aaron Crow, Senior Director at MorganFranklin Consulting, discusses critical infrastructure cybersecurity strategies, barriers to threat information sharing, and innovative technologies enhancing resilience against cyberattacks. How do current cybersecurity strategies address the critical infrastructure sectors’ unique

Strengthening critical infrastructure cybersecurity is a balancing act Read More »

Scammers exploit tax season anxiety with AI tools

cybercrime, cybersecurity, McAfee, News, report, scams, survey /

Scammers exploit tax season anxiety with AI tools 2024-03-26 at 06:31 By Help Net Security 25% of Americans has lost money to online tax scams, according to McAfee. Of the people who clicked on fraudulent links from supposed tax services, 68% lost money. Among those, 29% lost more than $2,500, and 17% lost more than

Scammers exploit tax season anxiety with AI tools Read More »

Tech industry’s focus on innovation leaves security behind

cybercrime, cybersecurity, digital transformation, News, report, survey, Trustwave /

Tech industry’s focus on innovation leaves security behind 2024-03-26 at 06:04 By Help Net Security The rapid digital transformation and technological progress within the technology sector have enlarged the attack surface for companies operating in this space, according to Trustwave. As the sector evolves, the proliferation of Software-as-a-Service (SaaS) providers, cloud infrastructure, and internet-connected systems

Tech industry’s focus on innovation leaves security behind Read More »

Scammers steal millions from FTX, BlockFi claimants

Cryptocurrency, Cryptocurrency Exchange, Don't miss, Hot stuff, News, phishing, scams /

Scammers steal millions from FTX, BlockFi claimants 2024-03-25 at 14:56 By Zeljka Zorz Customers of bankrupt crypto platform BlockFi have been targeted with a very convincing phishing email impersonating the platform, asking them to connect their wallet to complete the withdrawal of remaining funds. Judging by this Reddit thread, many have fallen for the scam

Scammers steal millions from FTX, BlockFi claimants Read More »

APT29 hit German political parties with bogus invites and malware

Don't miss, Germany, Hot stuff, Malware, Mandiant, News, phishing, Russian Federation, Zscaler /

APT29 hit German political parties with bogus invites and malware 2024-03-25 at 11:46 By Zeljka Zorz APT29 (aka Cozy Bear, aka Midnight Blizzard) has been spotted targeting German political parties for the first time, Mandiant researchers have shared. Phishing leading to malware The attack started in late February 2024, with phishing emails containing bogus invitations

APT29 hit German political parties with bogus invites and malware Read More »

20 essential open-source cybersecurity tools that save you time

cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, penetration testing, software /

20 essential open-source cybersecurity tools that save you time 2024-03-25 at 08:01 By Mirko Zorz Open-source software’s adaptive nature ensures its durability, relevance, and compatibility with new technologies. When I started digging deeper into the open-source cybersecurity ecosystem, I discovered an engaged community of developers working to find practical solutions to many problems, one of

20 essential open-source cybersecurity tools that save you time Read More »

8 cybersecurity predictions shaping the future of cyber defense

access management, CISO, cybersecurity, data loss prevention, Gartner, generative AI, identity management, News, regulation, report, Risk Management, strategy, zero trust /

8 cybersecurity predictions shaping the future of cyber defense 2024-03-25 at 07:32 By Help Net Security Among Gartner’s top predictions are the collapse of the cybersecurity skills gap and the reduction of employee-driven cybersecurity incidents through the adoption of generative AI (GenAI). Two-thirds of global 100 organizations are expected to extend directors’ and officers’ insurance

8 cybersecurity predictions shaping the future of cyber defense Read More »

Scams are becoming more convincing and costly

cybercrime, fraud, News, report, scams, survey, Visa /

Scams are becoming more convincing and costly 2024-03-25 at 06:33 By Help Net Security Scams directly targeting consumers continue to increase in both complexity and volume, according to Visa. Consumers are increasingly targeted by scammers, who rely on heightened emotions to create fraud opportunities. While the number of individual scam reports from June to December

Scams are becoming more convincing and costly Read More »

Week in review: Ivanti fixes RCE vulnerability, Nissan breach affects 100,000 individuals

News, Week in review /

Week in review: Ivanti fixes RCE vulnerability, Nissan breach affects 100,000 individuals 2024-03-24 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Outsmarting cybercriminal innovation with strategies for enterprise resilience In this Help Net Security interview, Pedro Cameirão, Head of Cyber Defense Center

Week in review: Ivanti fixes RCE vulnerability, Nissan breach affects 100,000 individuals Read More »

US organizations targeted with emails delivering NetSupport RAT

Don't miss, Hot stuff, Malware, News, Perception Point, phishing, Remote Access Trojan, social engineering /

US organizations targeted with emails delivering NetSupport RAT 2024-03-22 at 15:08 By Helga Labus Employees at US-based organizations are being targeted with emails delivering NetSupport RAT malware via “nuanced” exploitation and by using an advanced detection evasion method. The malware campaign The campaign, dubbed PhantomBlu, takes the form of email messages purportedly coming from a

US organizations targeted with emails delivering NetSupport RAT Read More »

CISA: Here’s how you can foil DDoS attacks

CISA, DDoS, Don't miss, guide, News /

CISA: Here’s how you can foil DDoS attacks 2024-03-22 at 13:46 By Zeljka Zorz In light of the rise of “DDoS hacktivism” and the recent DDoS attacks aimed at disrupting French and Alabama government websites, the Cybersecurity and Infrastructure Security Agency (CISA) has updated its guidance of how governmental entities (but also other organizations) should

CISA: Here’s how you can foil DDoS attacks Read More »

Attackers are targeting financial departments with SmokeLoader malware

Don't miss, finance, Government, Hot stuff, Malware, News, Palo Alto Networks, phishing, spear-phishing, Ukraine /

Attackers are targeting financial departments with SmokeLoader malware 2024-03-22 at 08:31 By Helga Labus Financially motivated hackers have been leveraging SmokeLoader malware in a series of phishing campaigns predominantly targeting Ukrainian government and administration organizations. The phishing campaign The Ukrainian SSSCIP State Cyber Protection Center (SCPC), together with the Palo Alto Networks Unit 42 research

Attackers are targeting financial departments with SmokeLoader malware Read More »

Shadow AI is the latest cybersecurity threat you need to prepare for

Artificial Intelligence, cybersecurity, Don't miss, Expert analysis, Expert corner, generative AI, Hot stuff, News, opinion, risk, shadow IT, Snow Software /

Shadow AI is the latest cybersecurity threat you need to prepare for 2024-03-22 at 08:01 By Help Net Security Shadow IT – the use of software, hardware, systems and services that haven’t been approved by an organization’s IT/IT Sec departments – has been a problem for the last couple of decades, and a difficult area

Shadow AI is the latest cybersecurity threat you need to prepare for Read More »

Organizations under pressure to modernize their IT infrastructures

data, hybrid cloud, News, Nutanix, report, strategy, survey /

Organizations under pressure to modernize their IT infrastructures 2024-03-22 at 07:34 By Help Net Security The use of hybrid multicloud models is forecasted to double over the next one to three years as IT decision makers are facing new pressures to modernize IT infrastructures because of drivers like AI, security, and sustainability, according to Nutanix.

Organizations under pressure to modernize their IT infrastructures Read More »

95% of companies face API security problems

API security, CISO, cybersecurity, Don't miss, Fastly, News, report, survey, threats /

95% of companies face API security problems 2024-03-22 at 06:31 By Help Net Security Despite the critical role of APIs, the vast majority of commercial decision-makers are ignoring the burgeoning security risk for businesses, according to Fastly. Application Programming Interfaces (APIs) have long been recognised as a bedrock of the digital economy and recent figures

95% of companies face API security problems Read More »

New infosec products of the week: March 22, 2024

Appdome, Drata, GlobalSign, News, Ordr, Portnox, Sonatype, Tufin, Zoom /

New infosec products of the week: March 22, 2024 2024-03-22 at 06:02 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Appdome, Drata, GlobalSign, Ordr, Portnox, Sonatype, Tufin, and Zoom. GlobalSign PKIaaS Connector enhances ServiceNow certificate lifecycle management With the upgrades in GlobalSign’s PKIaaS Connector,

New infosec products of the week: March 22, 2024 Read More »

Scroll to Top