News

GenAI makes phishing attacks more believable and cost-effective

Artificial Intelligence, cybersecurity, generative AI, Ivanti, News, report, survey /

GenAI makes phishing attacks more believable and cost-effective 2024-12-06 at 06:39 By Help Net Security GenAI is a powerful tool that can be used by security teams to protect organizations, however, it can also be used by malicious actors, making phishing-related attacks a growing and concerning threat vector, according to Ivanti. Ivanti’s research revealed that […]

React to this headline:

Loading spinner

GenAI makes phishing attacks more believable and cost-effective Read More »

New infosec products of the week: December 6, 2024

Datadog, Fortinet, News, Radiant Logic, Sweet Security, Tenable, Veza /

New infosec products of the week: December 6, 2024 2024-12-06 at 06:01 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Datadog, Fortinet, Radiant Logic, Sweet Security, Tenable, and Veza. FortiAppSec Cloud simplifies web application security management With FortiAppSec Cloud, customers have deep visibility and

React to this headline:

Loading spinner

New infosec products of the week: December 6, 2024 Read More »

Law enforcement shuts down Manson Market cybercrime marketplace

cybercrime, cybercriminals, Europe, Europol, Hot stuff, law enforcement, News, phishing, scams /

Law enforcement shuts down Manson Market cybercrime marketplace 2024-12-05 at 17:31 By Help Net Security Europol has supported the dismantling of a sophisticated criminal network responsible for facilitating large-scale online fraud. In an operation led by the Hanover Police Department (Polizeidirektion Hannover) and the Verden Public Prosecutor’s Office (Staatsanwaltschaft Verden) in Germany, and supported by

React to this headline:

Loading spinner

Law enforcement shuts down Manson Market cybercrime marketplace Read More »

Mitel MiCollab zero-day and PoC exploit unveiled

0-day, collaboration, CVE, Don't miss, enterprise, Hot stuff, Mitel, News, PoC, WatchTowr /

Mitel MiCollab zero-day and PoC exploit unveiled 2024-12-05 at 16:32 By Zeljka Zorz A zero-day vulnerability in the Mitel MiCollab enterprise collaboration suite can be exploited to read files containing sensitive data, watchTowr researcher Sonny Macdonald has disclosed, and followed up by releasing a proof-of-concept (PoC) exploit that chains together this zero-day file read vulnerability

React to this headline:

Loading spinner

Mitel MiCollab zero-day and PoC exploit unveiled Read More »

Trustwave Named a Major Player in IDC MarketScape: Worldwide Cloud Security Services in the AI Era 2024–2025 Vendor Assessment

Artificial Intelligence, Managed Detection and Response, Managed Security Services, News, Reports, Spotlights /

Trustwave Named a Major Player in IDC MarketScape: Worldwide Cloud Security Services in the AI Era 2024–2025 Vendor Assessment 2024-12-05 at 16:02 By IDC has positioned Trustwave as a Major Player in the just released IDC MarketScape Worldwide Cloud Security Services in the AI Era 2024–2025 Vendor Assessment (IDC #US52048124e, November 2024) for its comprehensive set of

React to this headline:

Loading spinner

Trustwave Named a Major Player in IDC MarketScape: Worldwide Cloud Security Services in the AI Era 2024–2025 Vendor Assessment Read More »

8+ US telcos compromised, FBI advises Americans to use encrypted communications

China, Don't miss, Encryption, Hot stuff, News, telecommunications, tips, USA /

8+ US telcos compromised, FBI advises Americans to use encrypted communications 2024-12-05 at 14:24 By Zeljka Zorz FBI and Cybersecurity and Infrastructure Security Agency (CISA) officials have advised Americans to use encrypted call and messaging apps to protect their communications from threat actors that have – and will – burrow into the networks and systems

React to this headline:

Loading spinner

8+ US telcos compromised, FBI advises Americans to use encrypted communications Read More »

Preparing for Q-day: The essential role of cloud migration in securing enterprise data

Cloud, cybersecurity, data security, Don't miss, Encryption, Expert analysis, Expert corner, Hot stuff, Lemongrass, News, opinion, quantum computing /

Preparing for Q-day: The essential role of cloud migration in securing enterprise data 2024-12-05 at 07:34 By Help Net Security As the era of quantum computing draws closer, businesses face a new and unprecedented threat to data security: “Q-day.” This looming turning point—when quantum machines can break traditional encryption with ease—has the potential to upend

React to this headline:

Loading spinner

Preparing for Q-day: The essential role of cloud migration in securing enterprise data Read More »

How the Shadowserver Foundation helps network defenders with free intelligence feeds

automation, cybersecurity, Don't miss, Features, Hot stuff, Incident Response, network, News, opinion, Shadowserver, Threat Intelligence /

How the Shadowserver Foundation helps network defenders with free intelligence feeds 2024-12-05 at 07:01 By Mirko Zorz In this Help Net Security interview, Piotr Kijewski, CEO of The Shadowserver Foundation, discusses the organization’s mission to enhance internet security by exposing vulnerabilities, malicious activity, and emerging threats. Kijewski explains the foundation’s automated efforts to track and

React to this headline:

Loading spinner

How the Shadowserver Foundation helps network defenders with free intelligence feeds Read More »

How widespread is mercenary spyware? More than you think

Don't miss, government-backed attacks, Hot stuff, iVerify, News, nso group, smartphone hacking, spyware /

How widespread is mercenary spyware? More than you think 2024-12-04 at 16:18 By Zeljka Zorz A targeted hunt on 2,500 mobile devices for indicators of compromise associated with mercenary spyware has revealed that its use is not as rare as one would hope. The results of the hunt Earlier this year, iVerify added a threat

React to this headline:

Loading spinner

How widespread is mercenary spyware? More than you think Read More »

Product showcase: Securing Active Directory passwords with Specops Password Policy

Active Directory, Don't miss, Hot stuff, News, passwords, policy, Product showcase, Specops Software /

Product showcase: Securing Active Directory passwords with Specops Password Policy 2024-12-04 at 15:03 By Help Net Security Password policies are a cornerstone of cybersecurity for any organization. A good password policy ensures every end user has a strong and unique password, significantly reducing the risk of unauthorized access and data breaches. These policies not only

React to this headline:

Loading spinner

Product showcase: Securing Active Directory passwords with Specops Password Policy Read More »

PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785)

CVE, Don't miss, enterprise, exploit, Hot stuff, network monitoring, News, PoC, Progress, Tenable, vulnerability /

PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) 2024-12-04 at 13:38 By Zeljka Zorz Researchers have published a proof-of-concept (PoC) exploit for CVE-2024-8785, a critical remote code execution vulnerability affecting Progress WhatsUp Gold, a popular network monitoring solution for enterprises. CVE-2024-8785 and the PoC exploit CVE-2024-8785 stems from the incorrect use of a

React to this headline:

Loading spinner

PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) Read More »

SafeLine: Open-source web application firewall (WAF)

Don't miss, firewall, GitHub, Hot stuff, News, open source, software, web application security /

SafeLine: Open-source web application firewall (WAF) 2024-12-04 at 07:38 By Mirko Zorz SafeLine is an open-source and self-hosted Web Application Firewall (WAF) that protects websites from cyber attacks. “SafeLine WAF was created to protect web applications for small and medium-sized enterprises from cyber threats by monitoring and filtering HTTP/HTTPS traffic. More importantly, with the widespread

React to this headline:

Loading spinner

SafeLine: Open-source web application firewall (WAF) Read More »

Securing AI’s new frontier: Visibility, governance, and mitigating compliance risks

Artificial Intelligence, Compliance, cybersecurity, data, Don't miss, Features, Hot stuff, News, Noma Security, open source, opinion /

Securing AI’s new frontier: Visibility, governance, and mitigating compliance risks 2024-12-04 at 07:21 By Mirko Zorz In this Help Net Security interview, Niv Braun, CEO at Noma Security, discusses the difficulties security teams face due to the fragmented nature of AI processes, tools, and teams across the data and AI lifecycle. Braun also shares insights

React to this headline:

Loading spinner

Securing AI’s new frontier: Visibility, governance, and mitigating compliance risks Read More »

70% of open-source components are poorly or no longer maintained

code, cyber risk, cybersecurity, Lineaje, News, open source, report, software, survey /

70% of open-source components are poorly or no longer maintained 2024-12-04 at 06:35 By Help Net Security The geographic distribution of open-source contributions introduces geopolitical risks that organizations must urgently consider, especially with rising nation-state attacks, according to Lineaje. Open-source code risks rise with anonymous contributions Microsoft estimates that its customers face 600 million cyberattacks

React to this headline:

Loading spinner

70% of open-source components are poorly or no longer maintained Read More »

65% of office workers bypass cybersecurity to boost productivity

cyber risk, CyberArk, cybersecurity, News, report, survey /

65% of office workers bypass cybersecurity to boost productivity 2024-12-04 at 06:04 By Help Net Security High-risk access exists throughout the workplace, in almost every job role, proving that the time has come for organizations to re-think the way they protect their workforce, according to CyberArk. CyberArk surveyed 14,003 employees in the UK, USA, France,

React to this headline:

Loading spinner

65% of office workers bypass cybersecurity to boost productivity Read More »

Veeam plugs serious holes in Service Provider Console (CVE-2024-42448, CVE-2024-42449)

backup, CVE, Don't miss, enterprise, Hot stuff, MSP, News, Veeam Software, vulnerability /

Veeam plugs serious holes in Service Provider Console (CVE-2024-42448, CVE-2024-42449) 2024-12-03 at 19:48 By Zeljka Zorz Veeam has fixed two vulnerabilities in Veeam Service Provider Console (VSPC), one of which (CVE-2024-42448) may allow remote attackers to achieve code exection on the VSPC server machine. The vulnerabilities Veeam Service Provider Console is a cloud-enabled platform that

React to this headline:

Loading spinner

Veeam plugs serious holes in Service Provider Console (CVE-2024-42448, CVE-2024-42449) Read More »

Police takes down Matrix encrypted chat service used by criminals

arrest, crime, Encryption, Europe, Europol, France, Hot stuff, law enforcement, News, secure communications /

Police takes down Matrix encrypted chat service used by criminals 2024-12-03 at 17:18 By Zeljka Zorz A joint investigation team involving French and Dutch authorities has taken down Matrix, yet another end-to-end encrypted chat service created by criminals. Matrix (Source: Dutch Police) The Matrix encrypted chat service Matrix – also know as Mactrix, Totalsec, X-quantum,

React to this headline:

Loading spinner

Police takes down Matrix encrypted chat service used by criminals Read More »

Whitepaper: 9 traits of effective security leaders of tomorrow

Don't miss, ISC2, News, whitepapper /

Whitepaper: 9 traits of effective security leaders of tomorrow 2024-12-03 at 16:15 By Help Net Security The cyber world needs your expertise. But the security leaders of tomorrow require a broad set of skills that job experience alone does not arm you with. What do today’s organizations demand? And how can you acquire the technical

React to this headline:

Loading spinner

Whitepaper: 9 traits of effective security leaders of tomorrow Read More »

Scroll to Top