News

How a Windows zero-day was exploited in the wild for months (CVE-2024-43451)

ClearSky Cyber Security, CVE, Don't miss, Hot stuff, Malware, News, spear-phishing, Ukraine, vulnerability, Windows, Windows Server /

How a Windows zero-day was exploited in the wild for months (CVE-2024-43451) 2024-11-14 at 12:02 By Zeljka Zorz CVE-2024-43451, a Windows zero-day vulnerability for which Microsoft released a fix on November 2024 Patch Tuesday, has been exploited since at least April 2024, ClearSky researchers have revealed. About the vulnerability CVE-2024-43451 affects all supported Windows versions […]

React to this headline:

Loading spinner

How a Windows zero-day was exploited in the wild for months (CVE-2024-43451) Read More »

Google Cloud Cybersecurity Forecast 2025: AI, geopolitics, and cybercrime take centre stage

Artificial Intelligence, cloud security, cybersecurity, Google, Google Cloud, News, predictions, report /

Google Cloud Cybersecurity Forecast 2025: AI, geopolitics, and cybercrime take centre stage 2024-11-14 at 08:04 By Anamarija Pogorelec Google Cloud unveiled its Cybersecurity Forecast for 2025, offering a detailed analysis of the emerging threat landscape and key security trends that organizations worldwide should prepare for. The report delivers insights into the tactics of cyber adversaries,

React to this headline:

Loading spinner

Google Cloud Cybersecurity Forecast 2025: AI, geopolitics, and cybercrime take centre stage Read More »

How Intel is making open source accessible to all developers

Artificial Intelligence, cybersecurity, Don't miss, Features, Hot stuff, Intel, News, open source, opinion, strategy /

How Intel is making open source accessible to all developers 2024-11-14 at 07:33 By Mirko Zorz In this Help Net Security interview, Arun Gupta, Vice President and General Manager for Open Ecosystem, Intel, discusses the company’s commitment to fostering an open ecosystem as a cornerstone of its software strategy. He explains how this approach empowers

React to this headline:

Loading spinner

How Intel is making open source accessible to all developers Read More »

Zero-days dominate top frequently exploited vulnerabilities

0-day, CISA, Don't miss, FBI, Hot stuff, NCSC, News, NSA, report, Tenable, vulnerability /

Zero-days dominate top frequently exploited vulnerabilities 2024-11-14 at 07:03 By Mirko Zorz A joint report by leading cybersecurity agencies from the U.S., UK, Canada, Australia, and New Zealand has identified the most commonly exploited vulnerabilities of 2023. Zero-day vulnerabilities on the rise The advisory highlights that malicious cyber actors increasingly targeted zero-day vulnerabilities, posing significant

React to this headline:

Loading spinner

Zero-days dominate top frequently exploited vulnerabilities Read More »

How cybersecurity failures are draining business budgets

CISO, cybersecurity, Insurance, News, Panaseer, report, survey /

How cybersecurity failures are draining business budgets 2024-11-14 at 06:10 By Help Net Security Security leaders feel under increasing pressure to provide assurances around cybersecurity, exposing them to greater personal risk – yet many lack the data and resources to accurately report and close cybersecurity gaps, according to Panaseer. The report analyses the findings of

React to this headline:

Loading spinner

How cybersecurity failures are draining business budgets Read More »

GoIssue phishing tool targets GitHub developer credentials

cybercrime, GitHub, News, phishing /

GoIssue phishing tool targets GitHub developer credentials 2024-11-13 at 15:49 By Mirko Zorz Researchers discovered GoIssue, a new phishing tool targeting GitHub users, designed to extract email addresses from public profiles and launch mass email attacks. Marketed on a cybercrime forum, GoIssue allows attackers to send bulk emails while keeping their identity hidden using proxies.

React to this headline:

Loading spinner

GoIssue phishing tool targets GitHub developer credentials Read More »

Infostealers increasingly impact global security

Check Point, cybercrime, cybersecurity, Malware, News, Ransomware /

Infostealers increasingly impact global security 2024-11-13 at 15:18 By Help Net Security Check Point Software’s latest threat index reveals a significant rise in infostealers like Lumma Stealer, while mobile malware like Necro continues to pose a significant threat, highlighting the evolving tactics used by cybercriminals across the globe. Last month researchers discovered an infection chain

React to this headline:

Loading spinner

Infostealers increasingly impact global security Read More »

Aerospace employees targeted with malicious “dream job” offers

aerospace, APT, backdoor, ClearSky Cyber Security, Don't miss, Hot stuff, Iran, LinkedIn, News, spear-phishing /

Aerospace employees targeted with malicious “dream job” offers 2024-11-13 at 12:49 By Zeljka Zorz It’s not just North Korean hackers who reach out to targets via LinkedIn: since at least September 2023, Iranian threat actor TA455 has been trying to compromise workers in the aerospace industry by impersonating job recruiters on the popular employment-focused social

React to this headline:

Loading spinner

Aerospace employees targeted with malicious “dream job” offers Read More »

CISOs in 2025: Balancing security, compliance, and accountability

CISO, Compliance, cybersecurity, DomainTools, Don't miss, Features, Hot stuff, News, opinion, predictions, regulation, strategy, tips /

CISOs in 2025: Balancing security, compliance, and accountability 2024-11-13 at 07:37 By Mirko Zorz In this Help Net Security interview, Daniel Schwalbe, CISO at DomainTools, discusses the intensifying regulatory demands that have reshaped CISO accountability and daily decision-making. He outlines the skill sets future CISOs need, their key priorities for 2025, and how increased pressure

React to this headline:

Loading spinner

CISOs in 2025: Balancing security, compliance, and accountability Read More »

Tips for a successful cybersecurity job interview

cybersecurity, cybersecurity jobs, Don't miss, Hot stuff, how-to, News, strategy, tips /

Tips for a successful cybersecurity job interview 2024-11-13 at 06:35 By Anamarija Pogorelec Whether you’re looking to enhance your existing cybersecurity skills or just beginning your journey in the field, cybersecurity offers a wide range of career opportunities. If you’re considering a career shift, exploring new job opportunities, or aiming to upgrade your skill set,

React to this headline:

Loading spinner

Tips for a successful cybersecurity job interview Read More »

Social engineering scams sweep through financial institutions

BioCatch, cybercrime, financial industry, fraud, News, report, social engineering, survey /

Social engineering scams sweep through financial institutions 2024-11-13 at 06:04 By Help Net Security North American financial institutions fielded 10 times more reports of social engineering scams in 2024 than they did a year ago, according to BioCatch. The data shows scams now represent 23% of all digital banking fraud. Growing danger of deepfake and

React to this headline:

Loading spinner

Social engineering scams sweep through financial institutions Read More »

Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039)

0-day, Active Directory, CVE, Don't miss, Hot stuff, Immersive Labs, Ivanti, Microsoft, Microsoft Defender, News, OpenSSL, Patch Tuesday, security update, Tenable, Trend Micro, vulnerability, Windows, Windows Server /

Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039) 2024-11-12 at 23:03 By Zeljka Zorz November 2024 Patch Tuesday is here, and Microsoft has dropped fixes for 89 new security issues in its various products, two of which – CVE-2024-43451 and CVE-2024-49039 – are actively exploited by attackers. The exploited vulnerabilities (CVE-2024-43451, CVE-2024-49039) CVE-2024-43451 is yet another

React to this headline:

Loading spinner

Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039) Read More »

Trustwave and Cybereason Join Forces to Create a Leading Global MDR Provider, Offering Unmatched Cybersecurity Value

DFIR, Managed Detection and Response, News, Spotlights /

Trustwave and Cybereason Join Forces to Create a Leading Global MDR Provider, Offering Unmatched Cybersecurity Value 2024-11-12 at 17:20 By Eric Harmon I am thrilled to share some monumental news that marks a significant milestone in our journey of fortifying the cybersecurity landscape. Today, Trustwave is announcing a definitive merger agreement with Cybereason, a leader

React to this headline:

Loading spinner

Trustwave and Cybereason Join Forces to Create a Leading Global MDR Provider, Offering Unmatched Cybersecurity Value Read More »

Massive troves of Amazon, HSBC employee data leaked

3M, Amazon, Data leak, Don't miss, Hot stuff, HP, HSBC, News /

Massive troves of Amazon, HSBC employee data leaked 2024-11-12 at 12:18 By Zeljka Zorz A threat actor who goes by the online moniker “Nam3L3ss” has leaked employee data belonging to a number of corporations – including Amazon, 3M, HSBC and HP – ostensibly compromised during the May 2023 MOVEit hack by the Cl0p ransomware gang,

React to this headline:

Loading spinner

Massive troves of Amazon, HSBC employee data leaked Read More »

The changing face of identity security

cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, identity, Illumio, News, opinion, resilience, strategy, zero trust /

The changing face of identity security 2024-11-12 at 08:03 By Help Net Security It’s easy to see why identity security is often synonymous with user security. Social engineering tactics are the mainstay of the threat actor’s arsenal, and it’s rare to find an attack that doesn’t feature them to some degree. Getting hold of privileged

React to this headline:

Loading spinner

The changing face of identity security Read More »

Evaluating your organization’s application risk management journey

Application Security, automation, CISO, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Risk Management, strategy, supply chain, Veracode /

Evaluating your organization’s application risk management journey 2024-11-12 at 07:33 By Mirko Zorz In this Help Net Security interview, Chris Wysopal, Chief Security Evangelist at Veracode, discusses strategies for CISOs to quantify application risk in financial terms. Wysopal outlines the need for continuous risk management practices and robust strategies to manage third-party software dependencies, ensuring

React to this headline:

Loading spinner

Evaluating your organization’s application risk management journey Read More »

Powerpipe: Open-source dashboards for DevOps

DevOps, Don't miss, GitHub, Hot stuff, News, open source, software /

Powerpipe: Open-source dashboards for DevOps 2024-11-12 at 07:03 By Help Net Security Powerpipe is an open-source solution designed to streamline DevOps management with powerful visualization and compliance tools, making it simple to track, assess, and act on key data for smarter decision-making and continuous compliance monitoring. Dynamic dashboards and reports Powerpipe’s high-level dashboards offer an

React to this headline:

Loading spinner

Powerpipe: Open-source dashboards for DevOps Read More »

Cybersecurity jobs available right now: November 12, 2024

cybersecurity jobs, News /

Cybersecurity jobs available right now: November 12, 2024 2024-11-12 at 06:33 By Anamarija Pogorelec Cloud Security Lead CIÉ – Córas Iompair Éireann | Ireland | Hybrid – View job details As a Cloud Security Lead, you will ensure the security of CIE’s Azure environment by developing and implementing cloud security strategies and policies. You will

React to this headline:

Loading spinner

Cybersecurity jobs available right now: November 12, 2024 Read More »

November 2024 Patch Tuesday forecast: New servers arrive early

apple, Don't miss, Expert analysis, Google, Hot stuff, Ivanti, Microsoft, Mozilla, News, opinion, Patch Tuesday, predictions, Windows /

November 2024 Patch Tuesday forecast: New servers arrive early 2024-11-11 at 08:03 By Help Net Security Microsoft followed their October precedent set with Windows 11 24H2 and announced Microsoft Server 2025 on the first of November. We were expecting the official announcement at Microsoft Ignite near the end of the month, but with the early

React to this headline:

Loading spinner

November 2024 Patch Tuesday forecast: New servers arrive early Read More »

Scroll to Top