Category: Help Net Security

Poorly protected PostgreSQL databases running on Linux machines are being compromised by cryptojacking attackers. The attack – observed by Aqua Security researchers on a honeypot system – starts with the threat actors brute-forcing access credentials. Once access is achieved, the…

Read more →

RightCrowd introduced Mobile Credential Management feature for RightCrowd SmartAccess. This solution transforms how organizations manage and control access, replacing traditional methods with a more secure, efficient, and cost-effective approach. As the physical and digital worlds continue to converge, the management…

Read more →

American semiconductor manufacturer Microchip Technology Incorporated has had some of its business operations disrupted by a cyberattack. “As a result of the incident, certain of the Company’s manufacturing facilities are operating at less than normal levels, and the Company’s ability…

Read more →

McAfee launched McAfee Deepfake Detector, the latest addition to the company’s suite of AI-powered products. With AI-created videos, or deepfakes, flooding the internet and circulating across social media, we now live in a world where seeing and hearing are no…

Read more →

OpenCTI is an open-source platform designed to help organizations manage their cyber threat intelligence (CTI) data and observables. The platform structures its data using a knowledge schema built on the STIX2 standards. It features a modern web application architecture with…

Read more →

In this Help Net Security video, Mike Lexa, CISO and Global VP of IT Infrastructure and Operations at CNH, discusses how the federal government is taking food security more seriously and what steps must be taken to prioritize security measures.…

Read more →

Associate Cybersecurity Operations Officer UNICC | USA | On-site – View job details The Center aims to provide trusted ICT services and digital business solutions. You will work under the direct supervision and guidance of the Head of Cybersecurity Operations…

Read more →

2023 saw a surge in the frequency and duration of DDoS attacks, and in the first half of 2024, it’s clear that surge has become the new normal, according to Zayo. DDoS attack duration increases DDoS attacks surged 106% from…

Read more →

Fortanix announced a major enhancement to its Fortanix Data Security Manager (DSM): File System Encryption. This new feature complements full disk encryption with the ability to protect individual file systems on specified hosts through encryption, governed by granular decryption policies.…

Read more →

ESET researchers discovered an uncommon type of phishing campaign targeting Android and iPhone users. They analyzed a case observed in the wild that targeted clients of a prominent Czech bank. PWA phishing flow (Source: ESET) This technique is noteworthy because…

Read more →

CVE-2024-38193, an actively exploited zero-day that Microsoft patched earlier this month, has been leveraged by North Korean hackers to install a rootkit on targets’ computers, Gen Digital researchers have revealed. About CVE-2024-38193 CVE-2024-38193 is a use-after-free vulnerability in the Windows…

Read more →

Vulnerabilities in popular Microsoft apps for macOS can be abused by attackers to record video and audio clips, take pictures, access and exfiltrate data and send emails, Cisco Talos researchers have discovered. Library injection vulnerabilities in Microsoft apps for macOS…

Read more →

GuidePoint Security has launched a new Phishing as a Service (PhaaS) offering. Phishing remains one of the most common entry points for threat actors – according to CISA, over 90% of successful cyberattacks start with a phishing email. However, managing…

Read more →

The risk of deepfakes is rising with 47% of organizations having encountered a deepfake and 70% of them believing deepfake attacks which are created using generative AI tools, will have a high impact on their organizations, according to iProov. Perceptions…

Read more →

In this Help Net Security interview, Kyle Wickert, Worldwide Strategic Architect at AlgoSec, discusses the role of AI in application security, exploring how it’s transforming threat detection and response. Wickert talks about integrating security testing throughout the development lifecycle, the…

Read more →

Culture is a catalyst for security success. It can significantly reduce cybersecurity risks and boost cybersecurity resilience of any organization. Culture can also greatly enhance the perceived value, relevance and reputation of the cybersecurity function. So how can security leaders…

Read more →

Threat actors use popular file-hosting or e-signature solutions as a disguise to manipulate their targets into revealing private information or downloading malware, according to Abnormal Security. A file-sharing phishing attack is a unique type of phishing threat in which a…

Read more →

Fraudsters can add stolen payment cards to digital wallet apps and continue making online purchases even after victims’ report the card stolen and the bank blocks it, computer engineers with University of Massachusetts Amherst and Pennsylvania State University have discovered.…

Read more →

Own released Continuous Data Protection for Salesforce customers, further strengthening its product offering to include recovery and analysis capabilities. Own Continuous Data Protection provides a turn-key solution that delivers significant value to customers that have mission-critical, frequently changing, or highly…

Read more →

Appian announced the latest version of the Appian Platform, designed to transform how organizations orchestrate enterprise data and automate processes. This release delivers support for more enterprise AI use cases with expanded compliance, offering a strong framework to help organizations…

Read more →

Microsoft is making multi-factor authentication (MFA) – “one of the most effective security measures available” – mandatory for all Azure sign-ins. Preparing for mandatory MFA for Azure The plan is for the shift to happen in two phases: October 2024:…

Read more →

Group-IB announced the signing of a global partnership agreement with SecurityHQ, a global independent Managed Security Service Provider (MSSP). With this partnership, SecurityHQ will leverage Group-IB’s Threat Intelligence, Attack Surface Management and Digital Risk Protection to bolster its global Security…

Read more →

Cyber attacks against higher education institutions increased by 70% in 2023. This is largely due to legacy endpoint security management and practices, limited IT support staff, and overwhelming amounts of data, much of which is PII (personally identifiable information). In…

Read more →

x64dbg is an open-source binary debugger for Windows, designed for malware analysis and reverse engineering of executables without access to the source code. It offers a wide range of features and a plugin system, allowing you to customize and extend…

Read more →

Effectively converging, managing and using enterprise data is a huge undertaking. Enterprises have vast hoards of data, but those hoards exist within siloed systems and applications, and it requires a lot of manual effort by highly skilled data scientists, engineers…

Read more →

Despite their role in connecting applications and driving innovation, APIs often suffer from serious security vulnerabilities. Recent investigations reveal that many organizations are struggling with exposed secrets such as passwords and API keys, which attackers frequently misuse. The persistence of…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200) A new MS Office zero-day vulnerability (CVE-2024-38200) can be exploited by attackers to grab…

Read more →

Google Search ads that target users looking for Google’s own services lead them to spoofed sites and Microsoft and Apple tech support scams. The fake Google Search ads (Source: Malwarebytes) “In this particular scheme, all web resources used from start…

Read more →

I recently spent six days in Las Vegas attending DEF CON, BsidesLV, and Black Hat USA 2024, where I had the opportunity to engage with and learn from some of the top security experts in the world. A major theme…

Read more →

Pindrop launched Pindrop Pulse Inspect in Preview. This innovative tool, the latest addition to Pindrop’s deepfake detection Pindrop Pulse product family, can detect AI-generated speech in any digital audio file with 99% accuracy. Following the launch of Pindrop Pulse earlier…

Read more →

Critical Start announced Critical Start Vulnerability Management Service (VMS) and Vulnerability Prioritization. These new offerings are a foundational pillar of Managed Cyber Risk Reduction, allowing organizations to assess, manage, prioritize, and reduce cyber risk exposure posed by vulnerabilities across their…

Read more →

Authentik is an open-source identity provider designed for maximum flexibility and adaptability. It easily integrates into existing environments and supports new protocols. It’s a comprehensive solution for implementing features like sign-up, account recovery, and more in your application, eliminating the…

Read more →

Cyber threats continued to intensify in the first half of 2024 as cybercriminals exploited security gaps from growing business and technological consolidation, according to Resilience. Consolidation in business and tech fuels new third-party risks Rebounding merger and acquisition (M&A) activity…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from ClearSale, Guardio, Ivanti, Resecurity, and Stellar. Resecurity unveils new AI-driven Fraud Prevention Platform Resecurity unveiled its advanced AI-driven Fraud Prevention Platform. This versatile solution is…

Read more →

In this Help Net Security video, Frederic Najman, Executive Member of the SFPN (French Union of NoCode Professionals), discusses how NoCode and LowCode technologies enable companies to free up development resources to tackle cybersecurity issues. In a context where three-quarters…

Read more →

Cybercriminals are breaking into organizations’ cloud storage containers, exfiltrating their sensitive data and, in several cases, have been paid off by the victim organizations to not leak or sell the stolen data. “The attackers behind this campaign likely leveraged extensive…

Read more →

SolarWinds has fixed a critical vulnerability (CVE-2024-28986) in its Web Help Desk (WHD) solution that may allow attackers to run commands on the host machine. “While it was reported as an unauthenticated vulnerability, SolarWinds has been unable to reproduce it…

Read more →

56% of security professionals are concerned about AI-powered threats, according to Pluralsight. Many organizations lack structured AI training Over half of surveyed technologists are either extremely concerned or moderately concerned about AI-powered threats, with only 6% saying they are not…

Read more →

In this Help Net Security interview, David Cottingham, President at rf IDEAS, discusses the key benefits organizations can expect when implementing passkeys. Cottingham addresses the misconceptions surrounding the adoption of passkeys, particularly in the B2B landscape. What are the key…

Read more →

The rapid integration of AI and GenAI technologies creates a complex mix of challenges and opportunities for organizations. While the potential benefits are clear, many companies struggle with AI literacy, cautious adoption, and the risks of immature implementation. This has…

Read more →

The total number of DDoS attacks during H1 2024 amounted to 830,000, an increase of 46% when compared to H1 2023, according to Gcore. Peak attack power rose from 1.6 terabits per second (Tbps) in H2 2023 to 1.7 Tbps.…

Read more →

ClearSale has announced a new portfolio of fraud prevention tools designed to meet the evolving needs of today’s digital retail landscape. The newly launched suite, dubbed “Preventative Intel,” introduces three powerful solutions: Instant Decision, Automatic Decision, and Complete Decision. These…

Read more →

Ivanti announced new features for Ivanti Neurons for Patch Management to help expand patch settings configuration to allow for multiple parallel deployment tasks such as regular maintenance, priority updates and zero-day response. Given the rise of cyber threats and speed…

Read more →

IntelOwl is an open-source solution designed for large-scale threat intelligence management. It integrates numerous online analyzers and advanced malware analysis tools, providing comprehensive insights in one platform. “In late 2019, I faced a significant challenge while working as a cybersecurity…

Read more →

In a potentially groundbreaking dispute, Delta Air Lines is threatening to sue CrowdStrike, a leading cybersecurity firm, for alleged negligence and breach of contract. This case brings to the forefront critical questions about the duties vendors owe to their customers…

Read more →

Cloud Security Specialist EPAM Systems | Chile | Remote – View job details As a Cloud Security Specialist, you will be responsible for creating and maintaining security policies and assisting in the implementation and automation of security solutions within cloud…

Read more →

In this Help Net Security video, Kendall McKay, Strategic Lead, Cyber Threat Intelligence at Cisco Talos, discusses the trends that Cisco Talos incident response observed in incident response engagements from Q2 2024, which covers April to June. While the attacks…

Read more →

NIST has finalized its principal set of encryption algorithms designed to withstand cyberattacks from a quantum computer. The announced algorithms are specified in the first completed standards from NIST’s post-quantum cryptography (PQC) standardization project and are ready for immediate use.…

Read more →

August 2024 Patch Tuesday is here, and Microsoft has delivered fixes for 90 vulnerabilities, six of which have been exploited in the wild as zero-days, and four are publicly known. The zero-days under attack CVE-2024-38178 is a Scripting Engine Memory…

Read more →

Guardio launched a new feature, Critical Security Alerts, which enables real-time alerts to identify and prevent financial scams, ensuring immediate intervention when suspicious browsing patterns are detected. According to the Federal Trade Commission, consumers in the United States lost over…

Read more →

An international operation coordinated by the UK National Crime Agency (NCA) has resulted in the arrest and extradition of a man believed to be one of the world’s most prolific Russian-speaking cybercrime actors. The arrest The NCA has been investigating…

Read more →

Orion S.A., a global chemical company with headquarters in Luxembourg, has become a victim of fraud: it lost approximately $60 million through “multiple fraudulently induced outbound wire transfers to accounts controlled by unknown third parties.” The scammers targeted an employee…

Read more →

Stellar has launched enhanced remote wiping capabilities within its Drive Erasure software. This feature is designed to address the complexities of managing data security in today’s distributed work environment. The new Remote Wiping software enables internal IT teams of organizations…

Read more →

Australian gold mining firm Evolution Mining has announced on Monday that it became aware on 8 August 2024 of a ransomware attack impacting its IT systems, and has been working with its external cyber forensic experts to investigate the incident.…

Read more →

FBI Cleveland announced the disruption of “Radar/Dispossessor”—the criminal ransomware group led by the online moniker “Brain”—and the dismantling of three U.S. servers, three United Kingdom servers, 18 German servers, eight U.S.-based criminal domains, and one German-based criminal domain. Since its…

Read more →

Browser extensions are a prime target for cybercriminals. And this isn’t just a consumer problem – it’s a new frontier in enterprises’ battle against shadow IT. Ultimately, more extension permissions result in potentially bigger attack surfaces. Research shows that the…

Read more →

C-suite executives face a unique challenge: aligning their priorities between driving technological innovation and ensuring business resilience while managing ever-evolving cyber threats from criminals adept at exploiting the latest technologies, according to LevelBlue. This balancing act highlights the complexity of…

Read more →

In this Help Net Security interview, Dean Hamilton, CTO at Wilson Perumal & Company, discusses the complexities of zero trust network access (ZTNA) implementation, focusing on balancing security with operational efficiency. Hamilton highlights strategic planning, collaboration between IT and business…

Read more →

Nightfall AI’s research revealed that secrets like passwords and API keys were most often found in GitHub, with nearly 350 total secrets exposed per 100 employees every year. Hidden risks of secret sprawl in cloud and SaaS environments What’s more…

Read more →

A widespread campaign featuring a malicious installer that saddles users with difficult-to-remove malicious Chrome and Edge browser extensions has been spotted by researchers. “The trojan malware contains different deliverables ranging from simple adware extensions that hijack searches to more sophisticated…

Read more →

A new MS Office zero-day vulnerability (CVE-2024-38200) can be exploited by attackers to grab users’ NTLM hashes, Microsoft has shared late last week. The vulnerability is exploitable remotely and requires no special privileges or user interaction to be triggered. “In…

Read more →

Resecurity unveiled its advanced AI-driven Fraud Prevention Platform. This versatile solution is engineered to combat fraud across banking, virtual asset service providers (VASPs), gambling, e-commerce, and online marketplaces, providing a robust defense against the evolving landscape of digital fraud. Resecurity…

Read more →

An alarming trend toward multiple, sometimes simultaneous cyber attacks forces business leaders to re-evaluate their cyber resilience strategies to address common points of failure, including inadequate identity system backup and recovery practices, according to Semperis. Survey of nearly 1,000 IT…

Read more →

Scout Suite is an open-source, multi-cloud security auditing tool designed to assess the security posture of cloud environments. By leveraging the APIs provided by cloud vendors, Scout Suite collects and organizes configuration data, making it easier to identify potential risks.…

Read more →

Traditional cloud security issues often associated with cloud service providers (CSPs) are continuing to decrease in importance, according to the Top Threats to Cloud Computing 2024 report by the Cloud Security Alliance. Misconfigurations, IAM weaknesses, and API risks remain critical…

Read more →

Major tech outages have recently impacted customers and operations at McDonald’s, Greggs, Deliveroo, Tesco, and Barclays. In this Help Net Security video, Stephen Johnson, CEO of Roq, says it is now imperative for companies and organizations to invest significantly more…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: August 2024 Patch Tuesday forecast: Looking for a calm August release August 2024 July ended up being more ‘exciting’ than many of us wanted; we’re…

Read more →

Two vulnerabilities (CVE-2024-42219, CVE-2024-42218) affecting the macOS version of the popular 1Password password manager could allow malware to steal secrets stored in the software’s vaults and obtain the account unlock key, AgileBits has confirmed. Discovered by the Robinhood Red Team…

Read more →

July ended up being more ‘exciting’ than many of us wanted; we’re supposed to be in the height of summer vacation season. First, we had a large set of updates on Patch Tuesday, then we had to work through the…

Read more →

A “0.0.0.0-Day” vulnerability affecting Chrome, Safari and Firefox can be – and has been – exploited by attackers to gain access to services on internal networks, Oligo Security researchers have revealed. The vulnerability stems from how those popular browsers handle…

Read more →

The Network and Information Security (NIS) 2 Directive is possibly one of the most significant pieces of cybersecurity regulation to ever hit Europe. The 27 EU Member States have until 17 October 2024 to adopt and publish the standards necessary…

Read more →

The sophistication of cyber threats has escalated dramatically, with malicious actors’ deploying advanced tactics, techniques, and procedures (TTPs) to exploit vulnerabilities and evade detection, according to Darktrace. Subscription-based tools such as Malware-as-a-Service (MaaS) and Ransomware-as-a-Service (RaaS) have also lowered the…

Read more →

76% of security leaders recognize the pressing need to move to shorter certificate lifespans to improve security, according to Venafi. However, many feel unprepared to take action, with 77% saying the shift to 90-day certificates will mean more outages are…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from: Rapid7, AppOmni, Contrast Security, Elastic, Cequence Security, Veza, ArmorCode, and EndorLabs. Rapid7 releases Command Platform, unified attack defense and response Rapid7 launched its Command Platform,…

Read more →

Over half of key stakeholders including audit committees, company boards, and chief financial officers are looking to internal audit teams to take on more risk-related work, according to AuditBoard. The study revealed that these expanding expectations are coming at a…

Read more →

Attackers looking for a way into organizations using Microsoft 365 can make an alert identifying unsolicited (and thus potential phishing) emails “disappear”. “When an Outlook user receives an e-mail from an address they don’t typically communicate with, Outlook shows an…

Read more →

Menlo Security has unveiled enhancements to Menlo Zero Trust Access, the company’s zero trust solution, which keeps enterprises steps ahead of adversaries. Simultaneously, the Menlo team released new findings as a follow up to the team’s recently released Global Cyber…

Read more →

Securonix and Cribl announced a strategic partnership focused on providing customers with enhanced threat detection, based on a broader range of enterprise data being analyzed for AI-powered attacks. Securonix recently announced Securonix EON with a Cybersecurity Mesh Architecture that seamlessly…

Read more →

A researcher has developed a downgrade attack that can make Windows machines covertly, persistently and irreversibly vulnerable, even if they were fully patched before that. A downgrade attack exploiting the Windows Update process The direction of SafeBreach researcher Alon Leviev’s…

Read more →

Endor Labs unveiled two capabilities, Upgrade Impact Analysis and Endor Magic Patches, that fix an expensive and time-consuming problem in the Software Composition Analysis (SCA) market. Software version upgrades are often required to fix critical vulnerabilities in open source software…

Read more →

ArmorCode has launched AI Remediation in its ArmorCode ASPM Platform to help resolve security issues faster, put security expertise in the hands of developers, and reduce DevSecOps friction. ArmorCode AI Remediation is a new capability and the second pillar in…

Read more →

AppViewX and Utimaco have partnered to offer cloud-delivered secure certificate and key lifecycle management solutions. Together, the companies will provide comprehensive, robust, and scalable platforms for certificate lifecycle management automation and secure code signing. The integration of the AppViewX AVX…

Read more →

At the Black Hat USA 2024 Arsenal by ToolsWatch, researchers showcase their latest cybersecurity open-source tools. Must read: 20 free cybersecurity tools you might have missed 15 open-source cybersecurity tools you’ll wish you’d known earlier 20 essential open-source cybersecurity tools…

Read more →

Here’s a look inside Startup City at Black Hat USA 2024. The featured vendors are: BackBox, Cybral, DryRun Security, HackNotice, Heeler Security, Hushmesh, MobileHop, Nagomi Security, Ox Security, Plainsea, Raven, Scribe Security, Spyderbat, and Xygeni. The post Photos: Black Hat…

Read more →

runZero published new research on Secure Shell (SSH) exposures and unveiled a corresponding open-source tool, SSHamble. This tool helps security teams validate SSH implementations by testing for uncommon but dangerous misconfigurations and software bugs. Discovered weaknesses During their presentation at…

Read more →

Traceeshark is a plugin for Wireshark that enables security practitioners to quickly investigate security incidents. It enhances the capabilities of Aqua Tracee, an open-source runtime security and forensics tool, and allows users to analyze kernel-level event and behavioral detection alongside…

Read more →

In this Help Net Security interview, Kojin Oshiba, co-founder of Robust Intelligence, discusses his journey from academic research to addressing AI security challenges in the industry. Oshiba highlights vulnerabilities in technology systems and the proactive measures needed to mitigate risks,…

Read more →

What role does the firewall play in the protection of operational technology (OT) networks and systems? Many would say that it’s the defensive mechanism to protect that environment from IT and the outside world. For the operators responsible for uptime…

Read more →

In this Help Net Security video, Aaron Fulkerson, CEO of Opaque, discusses how the weaponization of generative AI (GenAI) has made existing data privacy practices (like masking, anonymization, tokenization, etc.) obsolete. Fulkerson provides recommendations for companies to realize they must…

Read more →

Version 8.1 of the CIS Critical Security Controls (CIS Controls) is an iterative update to version 8.0. It offers prescriptive, prioritized, and simplified cybersecurity best practices that provide a clear path to improve your organization’s cyber defense program. CIS Controls…

Read more →

Ransomware groups continue to refine their craft, building and scaling business models that resemble legitimate corporate enterprises, according to Rapid7. They market their services to prospective buyers, offer company insiders commissions in exchange for access, and run formal bug bounty…

Read more →

CrowdStrike has published a technical root cause analysis of what went wrong when a content update pushed to its Falcon sensors borked over 8.5 million Windows machines around the world on July 19, and has confirmed that it has hired…

Read more →

Veza has released Access AI, a generative AI-powered solution to maintain the principle of least privilege at enterprise scale. With Access AI, security and identity teams can now use an AI-powered chat-like interface to understand who can take what action…

Read more →

Elastic is accelerating the adoption of AI-driven security analytics by automating SIEM data onboarding with Automatic Import. This new feature — the only one of its kind for a security analytics or SIEM solution — automates the development of custom…

Read more →

Cequence introduced advancements to its Unified API Protection (UAP) platform, specifically tailored to support the secure use of AI applications like Generative AI and Large Language Models (LLMs). Cequence’s solutions protect applications deployed in the cloud, on-premises, and hybrid environments,…

Read more →

AppSOC has launched capabilities for safeguarding artificial intelligence (AI) applications and agents while providing the visibility and governance that enterprises need to leverage AI with confidence. Businesses across sectors are recognizing the immense potential of AI, but the rush to…

Read more →

Two cross-site scripting vulnerabilities (CVE-2024-42009, CVE-2024-42008) affecting Roundcube could be exploited by attackers to steal users’ emails and contacts, email password, and send emails from their account. About the vulnerabilities Roundcube is an open-source webmail software solution popular with European…

Read more →

Flashpoint has released new features and capabilities to its flagship platform, Flashpoint Ignite, and Echosec, its comprehensive location intelligence solution. Those working in security and threat analysis are at the forefront of the constantly evolving threat landscape. However, each organization…

Read more →

D3 has announced the release of Ace AI, a collection of new capabilities for D3’s Smart SOAR platform that leverage the power of artificial intelligence to make security operations faster and more intuitive. In a security operations climate where excessive…

Read more →

Cymulate AI Copilot is a generative AI solution designed to deploy, test and tune security controls to evaluate their effectiveness against real-time threats. The solution offers a dynamic attack planner, among other AI-powered features, for greater insights into cybersecurity control…

Read more →