News

New infosec products of the week: September 13, 2024

Druva, Huntress, Ketch, LOKKER, News, Tenable, Trellix, Wing Security /

New infosec products of the week: September 13, 2024 2024-09-13 at 06:01 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Druva, Huntress, Ketch, LOKKER, Tenable, Trellix, and Wing Security. Tenable AI Aware provides exposure insight into AI applications, libraries and plugins Tenable AI Aware […]

React to this headline:

Loading spinner

New infosec products of the week: September 13, 2024 Read More »

Suspect arrested over the Transport for London cyberattack

cyberattack, data breach, Don't miss, Hot stuff, National Crime Agency, News, transportation, UK /

Suspect arrested over the Transport for London cyberattack 2024-09-12 at 17:46 By Zeljka Zorz The UK National Crime Agency has arrested and detained a suspect – a 17-year-old male in Walsall (West Midlands) – on suspicion of Computer Misuse Act offences in relation to the Transport for London (TfL) cyberattack, the agency has announced today.

React to this headline:

Loading spinner

Suspect arrested over the Transport for London cyberattack Read More »

Adobe completes fix for Reader bug with known PoC exploit (CVE-2024-41869)

Adobe, Adobe Reader, Check Point, Don't miss, Expmon, Hot stuff, News, PoC, security update, vulnerability /

Adobe completes fix for Reader bug with known PoC exploit (CVE-2024-41869) 2024-09-12 at 15:16 By Zeljka Zorz Among the security updates released by Adobe on Tuesday are those for various versions of Adobe Acrobat and Reader, which fix two critical flaws that could lead to arbitrary code execution: CVE-2024-45112 and CVE-2024-41869. Nothing in the advisory

React to this headline:

Loading spinner

Adobe completes fix for Reader bug with known PoC exploit (CVE-2024-41869) Read More »

Losses due to cryptocurrency and BEC scams are soaring

BEC scams, Cryptocurrency, Don't miss, FBI, fraud, Hot stuff, News /

Losses due to cryptocurrency and BEC scams are soaring 2024-09-12 at 14:01 By Zeljka Zorz Every type of fraud is on the rise, and 2023 was a particularly devastating year for victims of cryptocurrency and business email compromise (BEC) scams, according to the FBI. Cryptocurrency fraud Based on complaints filed to FBI’s Internet Crime Complaint

React to this headline:

Loading spinner

Losses due to cryptocurrency and BEC scams are soaring Read More »

VirtualBox 7.1: This is a major update, here’s what’s new

News, Oracle, software, VirtualBox, virtualization /

VirtualBox 7.1: This is a major update, here’s what’s new 2024-09-12 at 10:47 By Help Net Security VirtualBox is a full virtualizer for x86 hardware designed for servers, desktops, and embedded systems. VirtualBox 7.1 introduces an enhanced user interface, cloud VM management, ARM support, Wayland compatibility, and more. New features in VirtualBox 7.1 This is

React to this headline:

Loading spinner

VirtualBox 7.1: This is a major update, here’s what’s new Read More »

Top priorities for federal cybersecurity: Infrastructure, zero trust, and AI-driven defense

Booz Allen Hamilton, Compliance, critical infrastructure, cybersecurity, Don't miss, Features, framework, Government, News, opinion, Risk Management, USA /

Top priorities for federal cybersecurity: Infrastructure, zero trust, and AI-driven defense 2024-09-12 at 07:01 By Mirko Zorz In this Help Net Security, Erica Banks, VP and a leader in Booz Allen’s civilian services business, discusses the Federal Cybersecurity Strategy’s role in safeguarding national assets. Banks outlines key areas for improvement, including funding, talent retention, and

React to this headline:

Loading spinner

Top priorities for federal cybersecurity: Infrastructure, zero trust, and AI-driven defense Read More »

Benefits and best practices of leveraging AI for cybersecurity

Artificial Intelligence, cybersecurity, Don't miss, Hot stuff, Logicalis US, News, Video /

Benefits and best practices of leveraging AI for cybersecurity 2024-09-12 at 06:31 By Help Net Security AI has become a key player in protecting valuable organizational insights from threats. Thanks to AI-enabled data protection practices such as behavior monitoring, enterprises no longer have to be reactive to a cyberattack but can be proactive before a

React to this headline:

Loading spinner

Benefits and best practices of leveraging AI for cybersecurity Read More »

Internal disconnects vs. cybersecurity: How connectivity shapes challenges

data, data management, News, report, survey, TeamViewer /

Internal disconnects vs. cybersecurity: How connectivity shapes challenges 2024-09-12 at 06:01 By Help Net Security Concerns about the trustworthiness of internal data exist in nearly all organizations globally, according to TeamViewer. 99% of business leaders pointed to factors undermining trust in internal data, citing multiple versions of the truth (38%), conflicting data management practices (32%)

React to this headline:

Loading spinner

Internal disconnects vs. cybersecurity: How connectivity shapes challenges Read More »

Kali Linux 2024.3 released: 11 new tools, Qualcomm Snapdragon SDM845 SoC support

Don't miss, Hot stuff, Kali Linux, Linux, News, open source, penetration testing /

Kali Linux 2024.3 released: 11 new tools, Qualcomm Snapdragon SDM845 SoC support 2024-09-11 at 20:46 By Help Net Security Kali Linux 2024.3 is now available for download. Besides the new tools, this release mainly focuses on behind-the-scenes updates and optimization. New tools in Kali Linux 2024.3 This Kali release is about new tools and package

React to this headline:

Loading spinner

Kali Linux 2024.3 released: 11 new tools, Qualcomm Snapdragon SDM845 SoC support Read More »

Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847)

CVE, Don't miss, endpoint management, Hot stuff, Ivanti, News, vulnerability /

Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847) 2024-09-11 at 15:02 By Zeljka Zorz Ivanti has fixed a slew of vulnerabilities affecting its Endpoint Manager solution, including a maximum severity one (CVE-2024-29847) that may allow unauthenticated attackers to remotely execute code in the context of the vulnerable system, and use it as a beachhead for

React to this headline:

Loading spinner

Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847) Read More »

Cybersecurity is a fundamental component of patient care and safety

cybersecurity, data breach, data security, Don't miss, Expert analysis, Expert corner, healthcare, Hot stuff, LeanTaaS, News, opinion, Privacy /

Cybersecurity is a fundamental component of patient care and safety 2024-09-11 at 08:01 By Help Net Security Healthcare institutions are custodians of vast repositories of sensitive patient data, encompassing comprehensive health histories, insurance profiles, and billing data. The ramifications of a data breach often extend far beyond the immediate task of patching the vulnerabilities and

React to this headline:

Loading spinner

Cybersecurity is a fundamental component of patient care and safety Read More »

DockerSpy: Search for images on Docker Hub, extract sensitive information

containers, Docker, Don't miss, GitHub, Hot stuff, News, open source, software /

DockerSpy: Search for images on Docker Hub, extract sensitive information 2024-09-11 at 07:31 By Mirko Zorz DockerSpy scans Docker Hub for images and retrieves sensitive information, including authentication secrets, private keys, and other confidential data. “DockerSpy was created to address the growing concern of sensitive data leaks within Docker images, especially those publicly available on

React to this headline:

Loading spinner

DockerSpy: Search for images on Docker Hub, extract sensitive information Read More »

How AI and zero trust are transforming resilience strategies

access control, Active Directory, Compliance, cyber resilience, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Quest Software, regulation, Risk Management, strategy, zero trust /

How AI and zero trust are transforming resilience strategies 2024-09-11 at 07:01 By Mirko Zorz In this Help Net Security interview, John Hernandez, President and General Manager at Quest Software, shares practical advice for enhancing cybersecurity resilience against advanced threats. He underscores the need to focus on on-premises and cloud environments, adapt to new regulations,

React to this headline:

Loading spinner

How AI and zero trust are transforming resilience strategies Read More »

Cybersecurity jobs available right now: September 11, 2024

cybersecurity jobs, Don't miss, Hot stuff, News /

Cybersecurity jobs available right now: September 11, 2024 2024-09-11 at 06:31 By Anamarija Pogorelec ACISO HTX | Singapore | Hybrid – View job details As an ACISO, you will formulate Agency ICT security strategy and work plan, alignment to MHA and HTX’s IT & Cybersecurity strategic directions. Evaluate existing IT environment against MHA and HTX’s

React to this headline:

Loading spinner

Cybersecurity jobs available right now: September 11, 2024 Read More »

eBook: Keep assets secure after cloud migration

Center for Internet Security, Don't miss, News, Whitepapers and webinars /

eBook: Keep assets secure after cloud migration 2024-09-11 at 06:00 By Help Net Security Organizations sometimes need to plan their cloud migrations with more emphasis on security and compliance. Many, therefore, struggle to keep their data safe after migrating to the cloud. To illustrate, IBM revealed that 82% of data breaches in 2023 involved data

React to this headline:

Loading spinner

eBook: Keep assets secure after cloud migration Read More »

Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes

0-day, CVE, Don't miss, Elastic, Hot stuff, Immersive Labs, News, Patch Tuesday, SharePoint, Tenable, Trend Micro, vulnerability, Windows /

Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes 2024-09-10 at 22:46 By Zeljka Zorz September 2024 Patch Tuesday is here and Microsoft has delivered 79 fixes, including those for a handful of zero-days (CVE-2024-38217, CVE-2024-38226, CVE-2024-38014, CVE-2024-43461) exploited by attackers in the wild, and a Windows 10 code defect

React to this headline:

Loading spinner

Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes Read More »

CISA confirms that SonicWall vulnerability is getting exploited (CVE-2024-40766)

Arctic Wolf Networks, CISA, Don't miss, firewall, Hot stuff, News, Ransomware, Rapid7, SonicWall, vulnerability /

CISA confirms that SonicWall vulnerability is getting exploited (CVE-2024-40766) 2024-09-10 at 15:31 By Zeljka Zorz The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-40766 – a recently fixed improper access control vulnerability affecting SonicWall’s firewalls – to its Known Exploited Vulnerabilities catalog, thus confirming it is being actively exploited by attackers. Though the

React to this headline:

Loading spinner

CISA confirms that SonicWall vulnerability is getting exploited (CVE-2024-40766) Read More »

Zyxel fixes critical command injection flaw in EOL NAS devices (CVE-2024-6342)

CVE, Don't miss, firmware, Hot stuff, NAS, News, SMBs, vulnerability, Zyxel /

Zyxel fixes critical command injection flaw in EOL NAS devices (CVE-2024-6342) 2024-09-10 at 12:02 By Zeljka Zorz Users of Zyxel network-attached storage (NAS) devices are urged to implement hotfixes addressing a critical and easily exploited command injection vulnerability (CVE-2024-6342). About CVE-2024-6342 Zyxel NAS devices are generally used by small to medium-sized businesses (SMBs) for data

React to this headline:

Loading spinner

Zyxel fixes critical command injection flaw in EOL NAS devices (CVE-2024-6342) Read More »

Tech stack uniformity has become a systemic vulnerability

critical infrastructure, cybersecurity, Don't miss, Expert analysis, Expert corner, exploit, Hot stuff, News, opinion, update /

Tech stack uniformity has become a systemic vulnerability 2024-09-10 at 07:31 By Help Net Security Crashes due to faulty updates are nothing new; in fact, one reason IT teams often delay updates is their unreliability and tendency to disrupt the organization’s day-to-day operations. Zero-days are also an old phenomenon. In the past, due to a

React to this headline:

Loading spinner

Tech stack uniformity has become a systemic vulnerability Read More »

How human-led threat hunting complements automation in detecting cyber threats

APT, Artificial Intelligence, automation, cybersecurity, Don't miss, Features, Hot stuff, MorganFranklin Consulting, News, threat hunting /

How human-led threat hunting complements automation in detecting cyber threats 2024-09-10 at 07:01 By Mirko Zorz In this Help Net Security interview, Shane Cox, Director, Cyber Fusion Center at MorganFranklin Consulting, discusses the evolving methodologies and strategies in threat hunting and explains how human-led approaches complement each other to form a robust defense. Cox also

React to this headline:

Loading spinner

How human-led threat hunting complements automation in detecting cyber threats Read More »

Scroll to Top