News

Wireshark 4.4.3 released: Updated protocol support, bug fixes

News, open source, software, Wireshark /

Wireshark 4.4.3 released: Updated protocol support, bug fixes 2025-01-09 at 11:07 By Help Net Security Wireshark, the popular network protocol analyzer, has reached version 4.4.3. Wireshark offers deep inspection across hundreds of protocols, live and offline analysis, and display filters. With multi-platform support, VoIP analysis, and capture file compatibility, it’s perfect for professionals seeking intuitive […]

React to this headline:

Loading spinner

Wireshark 4.4.3 released: Updated protocol support, bug fixes Read More »

The ongoing evolution of the CIS Critical Security Controls

Center for Internet Security, News /

The ongoing evolution of the CIS Critical Security Controls 2025-01-09 at 09:46 By Help Net Security For decades, the CIS Critical Security Controls (CIS Controls) have simplified enterprises’ efforts to strengthen their cybersecurity posture by prescribing prioritized security measures for defending against common cyber threats. In this article, we’ll review the story of the CIS

React to this headline:

Loading spinner

The ongoing evolution of the CIS Critical Security Controls Read More »

GitLab CISO on proactive monitoring and metrics for DevSecOps success

Artificial Intelligence, cybersecurity, DevSecOps, Don't miss, Features, framework, GitLab, Hot stuff, LLMs, News, opinion, security metrics, software development /

GitLab CISO on proactive monitoring and metrics for DevSecOps success 2025-01-09 at 07:32 By Mirko Zorz In this Help Net Security interview, Josh Lemos, CISO at GitLab, talks about the shift from DevOps to DevSecOps, focusing on the complexity of building systems and integrating security tools. He shares tips for maintaining development speed, fostering collaboration,

React to this headline:

Loading spinner

GitLab CISO on proactive monitoring and metrics for DevSecOps success Read More »

Sara: Open-source RouterOS security inspector

Don't miss, GitHub, hardware, mikrotik, News, open source, router, software /

Sara: Open-source RouterOS security inspector 2025-01-09 at 07:03 By Mirko Zorz Sara is an open-source tool designed to analyze RouterOS configurations and identify security vulnerabilities on MikroTik hardware. Sara’s main feature is using regular expressions as the primary analysis mechanism. This allows you to quickly and accurately process RouterOS configuration text files, making the tool

React to this headline:

Loading spinner

Sara: Open-source RouterOS security inspector Read More »

Cybersecurity in 2025: Global conflict, grown-up AI, and the wisdom of the crowd

Artificial Intelligence, Bugcrowd, CISO, collaboration, cybercriminals, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, predictions /

Cybersecurity in 2025: Global conflict, grown-up AI, and the wisdom of the crowd 2025-01-09 at 06:59 By Help Net Security As we look ahead to cybersecurity developments in 2025, there’s bad news and good—expect to see new challenging attacks and the cybersecurity community increasingly working together to counter threats that are beyond the scope of

React to this headline:

Loading spinner

Cybersecurity in 2025: Global conflict, grown-up AI, and the wisdom of the crowd Read More »

Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282)

Don't miss, enterprise, Hot stuff, Ivanti, Mandiant, Microsoft, News, VPN /

Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282) 2025-01-08 at 21:49 By Zeljka Zorz Ivanti has fixed two vulnerabilities affecting Ivanti Connect Secure, Policy Secure and ZTA gateways, one of which (CVE-2025-0282) has been exploited as a zero-day by attackers to compromise Connect Secure VPN appliances. About CVE-2025-0282 and CVE-2025-0283 Both are stack-based buffer overflow

React to this headline:

Loading spinner

Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282) Read More »

The U.S. Cyber Trust Mark set to launch

certification, cybersecurity, Don't miss, fcc, fitness tracker, Hot stuff, IoT, News, smart lock, smart toys, smart tv, USA, wearable tech /

The U.S. Cyber Trust Mark set to launch 2025-01-08 at 16:03 By Zeljka Zorz The White House has announced the launch of the U.S. Cyber Trust Mark, a voluntary cybersecurity labeling program for consumer-grade internet-connected devices. “The White House launched this bipartisan effort to educate American consumers and give them an easy way to assess

React to this headline:

Loading spinner

The U.S. Cyber Trust Mark set to launch Read More »

Mitel MiCollab, Oracle WebLogic Server vulnerabilities exploited by attackers

CISA, Don't miss, enterprise, Hot stuff, Mitel, News, Oracle WebLogic, vulnerability /

Mitel MiCollab, Oracle WebLogic Server vulnerabilities exploited by attackers 2025-01-08 at 14:20 By Zeljka Zorz CISA has added Mitel MiCollab (CVE-2024-41713, CVE-2024-55550) and Oracle WebLogic Server (CVE-2020-2883) vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The Mitel MiCollab vulnerabilities exploited Mitel MiCollab is a popular enterprise collaboration suite. CVE-2024-41713 and CVE-2024-55550 are both path traversal

React to this headline:

Loading spinner

Mitel MiCollab, Oracle WebLogic Server vulnerabilities exploited by attackers Read More »

Why an “all gas, no brakes” approach for AI use won’t work

Artificial Intelligence, Compliance, cybersecurity, Databricks, Don't miss, Expert analysis, Expert corner, generative AI, Hot stuff, machine learning, News, opinion /

Why an “all gas, no brakes” approach for AI use won’t work 2025-01-08 at 07:33 By Help Net Security Machine learning and generative AI are changing the way knowledge workers do their jobs. Every company is eager to be “an AI company,” but AI can often seem like a black box, and the fear of

React to this headline:

Loading spinner

Why an “all gas, no brakes” approach for AI use won’t work Read More »

Scaling penetration testing through smart automation

Artificial Intelligence, automation, Compliance, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, penetration testing, Plainsea /

Scaling penetration testing through smart automation 2025-01-08 at 07:06 By Mirko Zorz In this Help Net Security interview, Marko Simeonov, CEO of Plainsea, discusses how organizations can move beyond compliance-driven penetration testing toward a more strategic, risk-based approach. He explains how automation, human expertise, and continuous monitoring can transform penetration testing into a dynamic, business-critical

React to this headline:

Loading spinner

Scaling penetration testing through smart automation Read More »

The top target for phishing campaigns

cybercrime, generative AI, Netskope, News, phishing, report, survey /

The top target for phishing campaigns 2025-01-08 at 06:53 By Help Net Security Despite organizations’ repeated attempts at security awareness training, with a particular emphasis on how employees can avoid being phished, in 2024 enterprise users clicked on phishing lures at a rate nearly three times higher than in 2023, according to Netskope. More than

React to this headline:

Loading spinner

The top target for phishing campaigns Read More »

Cybersecurity jobs available right now: January 8, 2025

cybersecurity jobs, News /

Cybersecurity jobs available right now: January 8, 2025 2025-01-08 at 06:03 By Anamarija Pogorelec AI Penetration Tester Microsoft | Canada | Remote – View job details As an AI Penetration Tester, you will discover and exploit vulnerabilities end-to-end in order to assess the security of AI systems. Execute offensive operations on production AI systems using

React to this headline:

Loading spinner

Cybersecurity jobs available right now: January 8, 2025 Read More »

UN aviation agency investigating possible data breach

dark web, data breach, Data leak, Don't miss, Hot stuff, News, transportation, United Nations /

UN aviation agency investigating possible data breach 2025-01-07 at 16:49 By Zeljka Zorz The United Nation’s International Civil Aviation Organization (ICAO) confirmed on Monday that it’s “actively investigating reports of a potential information security incident allegedly linked to a threat actor known for targeting international organizations.” The statement came a few days after 42,000 documents

React to this headline:

Loading spinner

UN aviation agency investigating possible data breach Read More »

CISA says Treasury was the only US agency breached via BeyondTrust

BeyondTrust, CISA, Don't miss, government-backed attacks, Hot stuff, News, USA /

CISA says Treasury was the only US agency breached via BeyondTrust 2025-01-07 at 14:18 By Zeljka Zorz The US Cybersecurity and Infrastructure Security Agency (CISA) has shared on Monday that the Treasury Department was the only US federal agency affected by the recent cybersecurity incident involving compromised BeyondTrust Remote Support SaaS instances. On the same

React to this headline:

Loading spinner

CISA says Treasury was the only US agency breached via BeyondTrust Read More »

Making the most of cryptography, now and in the future

cyber risk, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, quantum computing, Quantum Xchange, software /

Making the most of cryptography, now and in the future 2025-01-07 at 08:03 By Help Net Security Enterprise cryptography faces risks beyond just the advent of quantum computers. For starters, there is no guarantee that the traditional algorithms have not been broken. Though we believe that it is “unlikely” they can be, the reality is

React to this headline:

Loading spinner

Making the most of cryptography, now and in the future Read More »

eBay CISO on managing long-term cybersecurity planning and ROI

CISO, Compliance, cybersecurity, Don't miss, eBay, Features, Hot stuff, News, opinion, security ROI, standards, strategy, threat /

eBay CISO on managing long-term cybersecurity planning and ROI 2025-01-07 at 07:33 By Mirko Zorz In this Help Net Security interview, Sean Embry, CISO at eBay, discusses key aspects of cybersecurity leadership. He shares insights on balancing long-term strategic planning with immediate threat response, evaluating the ROI of new technologies, and addressing employee cybersecurity fatigue.

React to this headline:

Loading spinner

eBay CISO on managing long-term cybersecurity planning and ROI Read More »

Cyberbro: Open-source tool extracts IoCs and checks their reputation

GitHub, News, open source, software /

Cyberbro: Open-source tool extracts IoCs and checks their reputation 2025-01-07 at 07:03 By Help Net Security Cyberbro is an open-source application that extracts IoCs from garbage input and checks their reputation using multiple services. Cyberbro features Input handling: Paste raw logs, IoCs, or fanged IoCs, and let the regex parser do the rest. Multi-service reputation

React to this headline:

Loading spinner

Cyberbro: Open-source tool extracts IoCs and checks their reputation Read More »

How AI and deepfakes are redefining social engineering threats

Abnormal Security, cybercrime, Egress, Ironscales, LastPass, News, Osterman Research, phishing, report, survey, Zscaler /

How AI and deepfakes are redefining social engineering threats 2025-01-07 at 06:04 By Help Net Security This article presents key insights from 2024 reports on the rise of phishing attacks, focusing on how advancements in AI and deepfake technology are making social engineering tactics more sophisticated. Cybercriminals exploit file sharing services to advance phishing attacks

React to this headline:

Loading spinner

How AI and deepfakes are redefining social engineering threats Read More »

Balancing proprietary and open-source tools in cyber threat research

CISO, cybersecurity, Don't miss, Features, Hot stuff, Microsoft, News, opinion, Threat Intelligence /

Balancing proprietary and open-source tools in cyber threat research 2025-01-06 at 07:38 By Mirko Zorz In this Help Net Security interview, Thomas Roccia, Senior Security Researcher at Microsoft, discusses how threat research drives faster, better decision-making in cybersecurity operations. Roccia provides insights into balancing internal and external research strategies, the influence of AI and geopolitical

React to this headline:

Loading spinner

Balancing proprietary and open-source tools in cyber threat research Read More »

Only 26% of Europe’s top companies earn a high rating for cybersecurity

cybersecurity, data breach, EU, News, regulation, report, SecurityScorecard, supply chain, survey /

Only 26% of Europe’s top companies earn a high rating for cybersecurity 2025-01-06 at 07:02 By Help Net Security With the EU’s Digital Operational Resilience Act (DORA) deadline approaching on 17th January, 2025, Europe’s top 100 companies face an urgent cybersecurity challenge, according to SecurityScorecard. A-rated companies safer from breaches The report highlights the role

React to this headline:

Loading spinner

Only 26% of Europe’s top companies earn a high rating for cybersecurity Read More »

Scroll to Top