Week in review

Week in review: RADIUS protocol critical vuln, Microsoft 0-day exploited for a year, AT&T breach 2024-07-14 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Hackers stole call, text records of “nearly all” of AT&T’s cellular customers Hackers leveraging stolen Snowflake account credentials […]

React to this headline:

Week in review: A need for a DDoS response plan, human oversight in AI-enhanced software development 2024-07-07 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 4 key steps to building an incident response plan In this Help Net Security interview, Mike Toole,

React to this headline:

Week in review: MOVEit auth bypass flaws quitely fixed, open-source Rafel RAT targets Androids 2024-06-30 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Progress quietly fixes MOVEit auth bypass flaws (CVE-2024-5805, CVE-2024-5806) Progress Software has patched one critical (CVE-2024-5805) and one high-risk

React to this headline:

Week in review: CDK Global cyberattack, critical vCenter Server RCE fixed 2024-06-23 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: The rise of SaaS security teams In this Help Net Security interview, Hillary Baron, Senior Technical Director for Research at CSA, highlights

React to this headline:

Week in review: JetBrains GitHub plugin vulnerability, 20k FortiGate appliances compromised 2024-06-16 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Users of JetBrains IDEs at risk of GitHub access token compromise (CVE-2024-37051) JetBrains has fixed a critical vulnerability (CVE-2024-37051) that could expose

React to this headline:

Week in review: Atlassian Confluence RCE PoC, new Kali Linux, Patch Tuesday forecast 2024-06-09 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: High-risk Atlassian Confluence RCE fixed, PoC available (CVE-2024-21683) If you’re self-hosting an Atlassian Confluence Server or Data Center installation, you

React to this headline:

Week in review: Attackers trying to access Check Point VPNs, NIST CSF 2.0 security metrics evolution 2024-06-02 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: RansomLord: Open-source anti-ransomware exploit tool RansomLord is an open-source tool that automates the creation of PE files,

React to this headline:

Week in review: Google fixes yet another Chrome zero-day exploit, YouTube as a cybercrime channel 2024-05-26 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Google fixes yet another Chrome zero-day exploited in the wild (CVE-2024-5274) For the eighth time this year, Google

React to this headline:

Week in review: New Black Basta’s social engineering campaign, passing the CISSP exam in 6 weeks 2024-05-19 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Black Basta target orgs with new social engineering campaign Black Basta, one of the most prolific ransomware-as-a-service

React to this headline:

Week in review: Veeam fixes RCE flaw in backup management platform, Patch Tuesday forecast 2024-05-12 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Veeam fixes RCE flaw in backup management platform (CVE-2024-29212) Veeam has patched a high-severity vulnerability (CVE-2024-29212) in Veeam Service

React to this headline:

Week in review: PoCs allow persistence on Palo Alto firewalls, Okta credential stuffing attacks 2024-05-05 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades There are proof-of-concept techniques allowing attackers to achieve

React to this headline:

Week in review: Two Cisco ASA zero-days exploited, MITRE breach, GISEC Global 2024 2024-04-28 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359) A state-sponsored threat actor has managed to compromise Cisco Adaptive

React to this headline:

Week in review: Palo Alto firewalls mitigation ineffective, PuTTY client vulnerable to key recovery attack 2024-04-21 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation While it initially seemed that protecting Palo Alto Network

React to this headline:

Week in review: Palo Alto Networks firewalls under attack, Microsoft patches two exploited zero-days 2024-04-14 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Palo Alto Networks firewalls under attack, hotfixes incoming! (CVE-2024-3400) Attackers are exploiting a command injection vulnerability (CVE-2024-3400) affecting Palo

React to this headline:

Week in review: 73M customers affected by AT&T data leak, errors led to US govt inboxes compromise 2024-04-07 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Cyber attacks on critical infrastructure show advanced tactics and new capabilities In this Help Net Security

React to this headline:

Week in review: Backdoor found in XZ utilities, weaponized iMessages, Exchange servers at risk 2024-03-31 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094) A vulnerability (CVE-2024-3094) in XZ Utils, the

React to this headline:

Week in review: Ivanti fixes RCE vulnerability, Nissan breach affects 100,000 individuals 2024-03-24 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Outsmarting cybercriminal innovation with strategies for enterprise resilience In this Help Net Security interview, Pedro Cameirão, Head of Cyber Defense Center

React to this headline:

Week in review: Cybersecurity job openings, hackers use 1-day flaws to drop custom Linux malware 2024-03-17 at 11:00 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Transitioning to memory-safe languages: Challenges and considerations In this Help Net Security interview, Omkhar Arasaratnam, General Manager at

React to this headline:

Week in review: Attackers use phishing emails to steal NTLM hashes, Patch Tuesday forecast 2024-03-10 at 11:10 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: What organizations need to know about the Digital Operational Resilience Act (DORA) In this Help Net Security interview, Kris

React to this headline:

Week in review: LockBit leak site is back online, NIST updates its Cybersecurity Framework 2024-03-03 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Overcoming the pressures of cybersecurity startup leadership In this Help Net Security interview, Kunal Agarwal, CEO at Dope Security,

React to this headline: