Week in review

Week in review: JetBrains GitHub plugin vulnerability, 20k FortiGate appliances compromised 2024-06-16 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Users of JetBrains IDEs at risk of GitHub access token compromise (CVE-2024-37051) JetBrains has fixed a critical vulnerability (CVE-2024-37051) that could expose […]

React to this headline:

Week in review: Atlassian Confluence RCE PoC, new Kali Linux, Patch Tuesday forecast 2024-06-09 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: High-risk Atlassian Confluence RCE fixed, PoC available (CVE-2024-21683) If you’re self-hosting an Atlassian Confluence Server or Data Center installation, you

React to this headline:

Week in review: Attackers trying to access Check Point VPNs, NIST CSF 2.0 security metrics evolution 2024-06-02 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: RansomLord: Open-source anti-ransomware exploit tool RansomLord is an open-source tool that automates the creation of PE files,

React to this headline:

Week in review: Google fixes yet another Chrome zero-day exploit, YouTube as a cybercrime channel 2024-05-26 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Google fixes yet another Chrome zero-day exploited in the wild (CVE-2024-5274) For the eighth time this year, Google

React to this headline:

Week in review: New Black Basta’s social engineering campaign, passing the CISSP exam in 6 weeks 2024-05-19 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Black Basta target orgs with new social engineering campaign Black Basta, one of the most prolific ransomware-as-a-service

React to this headline:

Week in review: Veeam fixes RCE flaw in backup management platform, Patch Tuesday forecast 2024-05-12 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Veeam fixes RCE flaw in backup management platform (CVE-2024-29212) Veeam has patched a high-severity vulnerability (CVE-2024-29212) in Veeam Service

React to this headline:

Week in review: PoCs allow persistence on Palo Alto firewalls, Okta credential stuffing attacks 2024-05-05 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades There are proof-of-concept techniques allowing attackers to achieve

React to this headline:

Week in review: Two Cisco ASA zero-days exploited, MITRE breach, GISEC Global 2024 2024-04-28 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359) A state-sponsored threat actor has managed to compromise Cisco Adaptive

React to this headline:

Week in review: Palo Alto firewalls mitigation ineffective, PuTTY client vulnerable to key recovery attack 2024-04-21 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation While it initially seemed that protecting Palo Alto Network

React to this headline:

Week in review: Palo Alto Networks firewalls under attack, Microsoft patches two exploited zero-days 2024-04-14 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Palo Alto Networks firewalls under attack, hotfixes incoming! (CVE-2024-3400) Attackers are exploiting a command injection vulnerability (CVE-2024-3400) affecting Palo

React to this headline:

Week in review: 73M customers affected by AT&T data leak, errors led to US govt inboxes compromise 2024-04-07 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Cyber attacks on critical infrastructure show advanced tactics and new capabilities In this Help Net Security

React to this headline:

Week in review: Backdoor found in XZ utilities, weaponized iMessages, Exchange servers at risk 2024-03-31 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094) A vulnerability (CVE-2024-3094) in XZ Utils, the

React to this headline:

Week in review: Ivanti fixes RCE vulnerability, Nissan breach affects 100,000 individuals 2024-03-24 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Outsmarting cybercriminal innovation with strategies for enterprise resilience In this Help Net Security interview, Pedro Cameirão, Head of Cyber Defense Center

React to this headline:

Week in review: Cybersecurity job openings, hackers use 1-day flaws to drop custom Linux malware 2024-03-17 at 11:00 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Transitioning to memory-safe languages: Challenges and considerations In this Help Net Security interview, Omkhar Arasaratnam, General Manager at

React to this headline:

Week in review: Attackers use phishing emails to steal NTLM hashes, Patch Tuesday forecast 2024-03-10 at 11:10 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: What organizations need to know about the Digital Operational Resilience Act (DORA) In this Help Net Security interview, Kris

React to this headline:

Week in review: LockBit leak site is back online, NIST updates its Cybersecurity Framework 2024-03-03 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Overcoming the pressures of cybersecurity startup leadership In this Help Net Security interview, Kunal Agarwal, CEO at Dope Security,

React to this headline:

Week in review: 10 cybersecurity startups to watch, admins urged to remove VMware vSphere plugin 2024-02-25 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Inside the strategy of Salesforce’s new Chief Trust Officer In this Help Net Security interview, Arkin discusses a

React to this headline:

Week in review: AnyDesk phishing campaign targets employees, Microsoft fixes exploited zero-days 2024-02-18 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Integrating cybersecurity into vehicle design and manufacturing In this Help Net Security interview, Yaron Edan, CISO at REE Automotive, discusses the

React to this headline:

Week in review: 10 must-read cybersecurity books, AnyDesk hack, Patch Tuesday forecast 2024-02-11 at 11:06 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: How CISOs navigate policies and access across enterprises In this Help Net Security interview, Marco Eggerling, Global CISO at Check Point,

React to this headline:

Week in review: Windows Event Log zero-day, exploited critical Jenkins RCE flaw 2024-02-04 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Prioritizing cybercrime intelligence for effective decision-making in cybersecurity In this Help Net Security interview, Alon Gal, CTO at Hudson Rock, discusses

React to this headline: