Tag: Help Net Security

Attackers are impersonating the Computer Emergency Response Team of Ukraine (CERT-UA) via AnyDesk to gain access to target computers. The request (Source: CERT-UA) “Unidentified individuals are sending connection requests via AnyDesk under the pretext of conducting a ‘security audit to…

Read more →

The twin cryptocurrency and digital identity revolutions are supposed to be building a better future, where anybody can take charge of their sovereignty and security in a world where both face unprecedented threats. Yet at one crucial level, the decentralization…

Read more →

In this Help Net Security interview, Arunava Bag, CTO at Digitate, discusses how organizations can recover digital operations after an incident, prioritize cybersecurity strategies, and secure digital operations with effective frameworks. What measures should organizations take to recover digital operations…

Read more →

Attacks happen frequently on the security stack or within an enterprise. Often, they’re carried out by some unknown entity on the other side of the globe. You don’t know who you’re dealing with. You don’t know who they are. In…

Read more →

Despite their potential, many organizations hesitate to fully adopt GenAI tools due to concerns about sensitive data being inadvertently shared and possibly used to train these systems, according to Harmonic. Sensitive data exposure in GenAI prompts A new study, based…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Attackers are encrypting AWS S3 data without using ransomware A ransomware gang dubbed Codefinger is encrypting data stored in target organizations’ AWS S3 buckets with…

Read more →

Star Blizzard, a threat actor tied to the Russian Federal Security Service (FSB), was spotted attempting to compromise targets’ WhatsApp accounts through a clever phishing campaign. The campaign The campaign started with a spear-phishing email that was made to look…

Read more →

In an exciting development for organizations struggling with data security, 1touch.io has announced its Sensitive Data Intelligence platform as a Software-as-a-Service (SaaS) solution. This release extends 1touch.io’s powerful Contextual AI-driven data discovery and classification capabilities to a wider range of…

Read more →

Dynatrace has extended its existing compliance capabilities to support the Digital Operational Resilience Act (DORA) EU regulation. As part of this, Dynatrace is introducing the Compliance Assistant app, purpose-built to provide organizations with the visibility, insights, and automation to mitigate…

Read more →

Bitwarden announced Bitwarden native mobile applications for iOS and Android. These new apps provide significant performance improvements, a smoother user experience, and deeper integration with platform-specific features such as biometric authentication. Elevating the mobile user experience The evolution to native…

Read more →

In this Help Net Security interview, Adam Bateman, CEO of Push Security, talks about the rise in identity-based attacks, how they’re becoming more sophisticated each year, and how AI and ML are both fueling these threats and helping to defend…

Read more →

MSSqlPwner is an open-source pentesting tool tailored to interact with and exploit MSSQL servers. Built on Impacket, it enables users to authenticate with databases using various credentials, including clear-text passwords, NTLM hashes, and Kerberos tickets. The tool offers multiple methods…

Read more →

Homeowners are increasingly concerned about data privacy in smart home products, according to Copeland. Homeowners see smart devices as boosting home security Homeowners are still generally comfortable in using new technology, but this year smart thermostat non-owners are less likely…

Read more →

The Commission has presented an EU action plan aimed at strengthening the cybersecurity of hospitals and healthcare providers. The initiative is an essential step in shielding the healthcare sector from cyber threats. Digitalization is revolutionizing healthcare, enabling better patient services…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Atsign, Cisco, Commvault, and IT-Harvest. Cisco AI Defense safeguards against the misuse of AI tools Cisco AI Defense is purpose-built for enterprises to develop, deploy…

Read more →

If you’re an organization using SimpleHelp for your remote IT support/access needs, you should update or patch your server installation without delay, to fix security vulnerabilities that may be exploited by remote attackers to execute code on the underlying host.…

Read more →

Concentric AI introduced new Private Scan Manager functionality in its Semantic Intelligence data security governance platform, which enables data scans to be processed within organizations’ own environments. Highly regulated organizations, such as those in financial services, healthcare, and government, often…

Read more →

A threat actor has leaked configuration files (aka configs) for over 15,000 Fortinet Fortigate firewalls and associated admin and user credentials. The collection has been leaked on Monday and publicized on an underground forum by the threat actor that goes…

Read more →

Contrast Security released Application Vulnerability Monitoring (AVM), a new capability of Application Detection and Response (ADR). AVM works within applications to find application and API vulnerabilities in production and correlate those vulnerabilities with attacks. Accurately identifying the issues in production…

Read more →

ESET researchers have identified a vulnerability (CVE-2024-7344) impacting most UEFI-based systems, which allows attackers to bypass UEFI Secure Boot. The issue was found in a UEFI application signed with Microsoft’s “Microsoft Corporation UEFI CA 2011” third-party certificate. Exploiting this vulnerability…

Read more →

IT-Harvest launched HarvestIQ.ai, a platform featuring two AI assistants designed to redefine how professionals navigate the cybersecurity landscape. The Analyst AI provides access to IT-Harvest’s comprehensive database of 4,070 cybersecurity vendors, offering users instant insights into market players, trends, and…

Read more →

Cisco announced Cisco AI Defense, a pioneering solution to enable and safeguard AI transformation within enterprises. As AI technology advances, new safety concerns and security threats are emerging at an unprecedented speed which existing security solutions are unprepared to protect…

Read more →

Regula has updated its Regula Document Reader SDK. Now, the software fully supports the new Digital Travel Credential (DTC) format, aligned with the International Civil Aviation Organization (ICAO) standards. This enhancement enables governments, airlines, and border control authorities worldwide to…

Read more →

Join cybersecurity leader Erwin Eimers from Sumitomo Chemicals Americas to explore how AI-driven Network Detection and Response (NDR) enhances SIEM capabilities, bridging critical visibility gaps in converged IT/OT environments. Learn how NDR provides enriched telemetry, real-time insights, and faster threat…

Read more →

Red Hat introduced Red Hat Connectivity Link, a hybrid multicloud application connectivity solution that provides a modern approach to connecting disparate applications and infrastructure. Red Hat Connectivity Link integrates advanced traffic management, policy enforcement and role-based access control (RBAC) directly…

Read more →

Entrust launched PKI Hub, providing enterprise visibility, management, and automation for cryptographic assets in an all-in-one, container-based virtual appliance that can be simply deployed at scale in the cloud or on-premises. Entrust PKI Hub is a comprehensive, high-performance solution comprised…

Read more →

The inconsistent and incomplete definitions of essential properties in information security create confusion within the InfoSec community, gaps in security controls, and may elevate the costs of incidents. In this article, I will analyze the CIA triad, point out its…

Read more →

Ross Young is the CISO in residence at Team8 and the creator of the OWASP Threat and Safeguard Matrix (TaSM). In this interview, he shares his perspective on how cybersecurity professionals can tailor their presentations to the board, aligning security…

Read more →

Fragmented data from multiple scanners, siloed risk scoring and poor cross-team collaboration are leaving organizations increasingly exposed to breaches, compliance failures and costly penalties, according to Swimlane. The relentless surge of vulnerabilities is pushing security teams to their limits, forcing…

Read more →

Six vulnerabilities have been fixed in the newest versions of Rsync (v3.4.0), two of which could be exploited by a malicious client to achieve arbitrary code execution on a machine with a running Rsync server. “The client requires only anonymous…

Read more →

The Justice Department announced on Tuesday that, alongside international partners, the FBI deleted “PlugX” malware from thousands of infected computers worldwide. As described in court documents unsealed in the Eastern District of Pennsylvania, a group of hackers sponsored by the…

Read more →

Contextal Platform is an open-source cybersecurity solution for contextual threat detection and intelligence. Developed by the original authors of ClamAV, it offers advanced features such as contextual threat analysis, custom detection scenarios through the ContexQL language, and AI-powered data processing—all…

Read more →

In this Help Net Security interview, Mel Morris, CEO of Corpora.ai, discusses how cognitive biases affect decision-making during cybersecurity incidents. Morris shares insights on the challenges of designing user-friendly cybersecurity tools that consider human cognitive processes. How do cognitive biases…

Read more →

Cybersecurity is entering a new era of complexity, according to the World Economic Forum’s Global Cybersecurity Outlook 2025 report. Growing complexity intensifies cyber inequity This complexity arises from the rapid growth of emerging technologies, prevailing geopolitical uncertainty, the evolution of…

Read more →

Microsoft has marked January 2025 Patch Tuesday with a hefty load of patches: 157 CVE-numbered security issues have been fixed in various products, three of which (in Hyper-V) are being actively exploited. The exploited Hyper-V vulnerabilities The exploited zero-days are…

Read more →

Fortinet has patched an authentication bypass vulnerability (CVE-2024-55591) affecting its FortiOS firewalls and FortiProxy web gateways that’s being exploited by attackers to compromise publicly-exposed FortiGate firewalls. While Fortinet acknowledged in-the-wild exploitation in the accompanying security advisory, they did share any…

Read more →

Generative AI has helped lower the barrier for entry for malicious actors and has made them more efficient, i.e., quicker at creating convincing deepfakes, mounting phishing campaigns and investment scams, the most recent report by the Cyber Threat Alliance (CTA)…

Read more →

Stellar announced the latest version of its flagship software, Stellar Data Recovery for Windows. The software is powered by new device scan functionality and features a refreshed UI that is designed to help users retrieve data while requiring no technical…

Read more →

Commvault introduced an expansion of its platform to provide full and automated forest recovery for the world’s most widely used enterprise identity and access solution, Microsoft Active Directory. As organizations continue to combat non-stop cyberattacks and threats, Commvault Cloud Backup…

Read more →

Atsign announced its new desktop client. This tool makes the protection of critical infrastructure easier by empowering people of all technical levels to securely connect to their devices, servers, and cloud instances, elevating remote access without open ports to new…

Read more →

In this Help Net Security interview, Nuno Martins da Silveira Teodoro, VP of Group Cybersecurity at Solaris, discusses the latest advancements in digital banking security. He talks about how AI and ML are reshaping fraud detection, the growing trend of…

Read more →

In 2025, CISOs will have powerful new capabilities as generative artificial intelligence (GenAI) continues to mature. Evolving beyond providing answers to questions, GenAI will provide proactive recommendations, take action, and communicate in a personalized manner. This transition will enable CISOs…

Read more →

From zero-day exploits to weaknesses in widely used software and hardware, the vulnerabilities uncovered last year underscore threat actors’ tactics and the critical gaps in organizational defenses. This roundup showcases the standout findings from 2024’s cybersecurity reports, highlighting critical risks…

Read more →

Application Security Engineer ENOC | UAE | On-site – View job details As an Application Security Engineer, you will establish and maintain DLP policies to prevent unauthorized access, transmission, or disclosure of sensitive data, focusing on both on-premises and cloud…

Read more →

The number of internet-facing Ivanti Connect Secure instances vulnerable to attack via CVE-2025-0282 has fallen from 2,048 to 800 in the last four days, the Shadowserver Foundation shared today. In the meantime, UK domain registry Nominet became the first publicly…

Read more →

A ransomware gang dubbed Codefinger is encrypting data stored in target organizations’ AWS S3 buckets with AWS’s server-side encryption option with customer-provided keys (SSE-C), and asking for money to hand over the key they used. They do not exfiltrate the…

Read more →

Personal data of nearly 100,000 individuals that have participated in trainings organized by CEPOL, the European Union (EU) Agency for Law Enforcement Training, has potentially been compromised due to the cyberattack suffered by the agency in May 2024. “Starting in…

Read more →

Three Russian nationals have been indicted in the Northern District of Georgia for their alleged role as operators of cryptocurrency mixing (cryptomixer) services Blender.io and Sinbad.io. Roman Vitalyevich Ostapenko and Alexander Evgenievich Oleynik were arrested on Dec. 1, 2024, roughly…

Read more →

In this Help Net Security, Alexis Wales, CISO at GitHub, discusses how GitHub embeds security into every aspect of its platform to protect millions of developers and repositories, ensuring it remains a trustworthy platform for building secure software. The post…

Read more →

Chainsaw is an open-source first-response tool for quickly detecting threats in Windows forensic artefacts, including Event Logs and the MFT file. It enables fast keyword searches through event logs and identifies threats using built-in Sigma detection and custom detection rules.…

Read more →

Organizations don’t know their software engineers’ security skills because they don’t assess them in the interview process. Trying to do that in an interview is challenging, of course, given the time it takes for a proper assessment. However, given the…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282) Ivanti has fixed two vulnerabilities affecting Ivanti Connect Secure, Policy Secure and ZTA gateways, one of which…

Read more →

Cryptojackers are impersonating Crowdstrike via email to get developers to unwittingly install the XMRig cryptocurrency miner on their Windows PC, the company has warned. The email Crowdstrike has a web page where job hunters can see which positions are open…

Read more →

Welcome to 2025 and a new year of patch excitement! In my December article, I talked about Microsoft’s Secure Future Initiative (SFI) and how it manifested in many of the Microsoft products released in 2024. While this security technology trend…

Read more →

As a company fortunate enough to have and maintain our own pentesting team, we often do outreach with other organizations to assist with or provide our expertise in offensive security. In collaboration with the Kerala Police Cyber unit, we were…

Read more →

In this Help Net Security interview, Dr. Darren Williams, CEO at BlackFog, talks about how employee training plays a crucial role in preventing ransomware attacks. He points out that human error is often the biggest security risk and explains how…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from BioConnect, BreachLock, McAfee, Netgear, and Swimlane. NETGEAR Armor, powered by Bitdefender, protects home networks against cyber threats Armor is a security and privacy solution available…

Read more →

The Banshee Stealer is a stealthy threat to the rising number of macOS users around the world, including those in Russian-speaking countries, according to Check Point researcher Antonis Terefos. Banshee Stealer was first publicly profiled in August 2024, a month…

Read more →

Code Intelligence announced Spark, an AI test agent that autonomously identifies bugs in unknown code without human interaction. It’s the first AI Agent to find a real-world vulnerability by automatically generating and running a test for a widely used open-source…

Read more →

The zero-day attacks leveraging the Ivanti Connect Secure (ICS) vulnerability (CVE-2025-0282) made public on Wednesday were first spotted in mid-December 2024, Mandiant researchers have shared. It’s still impossible to say whether they were mounted by a single threat actor, but…

Read more →

Wireshark, the popular network protocol analyzer, has reached version 4.4.3. Wireshark offers deep inspection across hundreds of protocols, live and offline analysis, and display filters. With multi-platform support, VoIP analysis, and capture file compatibility, it’s perfect for professionals seeking intuitive…

Read more →

Eliminating the inefficiencies, silos, unnecessary complexity, and coverage gaps that security practitioners have faced with fragmented security tools, the newly unveiled BreachLock Unified Platform integrates findings from Penetration Testing as a Service (PTaaS), Attack Surface Management (ASM), and continuous penetration…

Read more →

For decades, the CIS Critical Security Controls (CIS Controls) have simplified enterprises’ efforts to strengthen their cybersecurity posture by prescribing prioritized security measures for defending against common cyber threats. In this article, we’ll review the story of the CIS Controls…

Read more →

Synology releases ActiveProtect, a new line of data protection appliances designed to provide enterprises a unified backup solution with simplicity, security and scalability. ActiveProtect integrates backup software, servers, and backup repositories into a seamless, unified platform. This streamlined solution enables…

Read more →

Sara is an open-source tool designed to analyze RouterOS configurations and identify security vulnerabilities on MikroTik hardware. Sara’s main feature is using regular expressions as the primary analysis mechanism. This allows you to quickly and accurately process RouterOS configuration text…

Read more →

In this Help Net Security interview, Josh Lemos, CISO at GitLab, talks about the shift from DevOps to DevSecOps, focusing on the complexity of building systems and integrating security tools. He shares tips for maintaining development speed, fostering collaboration, and…

Read more →

As we look ahead to cybersecurity developments in 2025, there’s bad news and good—expect to see new challenging attacks and the cybersecurity community increasingly working together to counter threats that are beyond the scope of individual organizations. The post Cybersecurity…

Read more →

Ivanti has fixed two vulnerabilities affecting Ivanti Connect Secure, Policy Secure and ZTA gateways, one of which (CVE-2025-0282) has been exploited as a zero-day by attackers to compromise Connect Secure VPN appliances. About CVE-2025-0282 and CVE-2025-0283 Both are stack-based buffer…

Read more →

Swimlane unveiled Hero, a private agentic AI security operations (SecOps) companion. Built on the foundation of Swimlane’s Hero AI innovations, Hero empowers security teams to work smarter and faster by suggesting next steps and answering complex questions privately to speed…

Read more →

The White House has announced the launch of the U.S. Cyber Trust Mark, a voluntary cybersecurity labeling program for consumer-grade internet-connected devices. “The White House launched this bipartisan effort to educate American consumers and give them an easy way to…

Read more →

BioConnect introduced its Arc Series biometric devices. Designed to address the evolving security, compliance, and scalability needs of enterprises and data centers, the Arc Series sets a new standard in modern access control. The launch includes three innovative devices: Arc…

Read more →

CISA has added Mitel MiCollab (CVE-2024-41713, CVE-2024-55550) and Oracle WebLogic Server (CVE-2020-2883) vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The Mitel MiCollab vulnerabilities exploited Mitel MiCollab is a popular enterprise collaboration suite. CVE-2024-41713 and CVE-2024-55550 are both path traversal…

Read more →

Transcend announced its white-glove Migration Accelerator for businesses leaving behind legacy privacy platforms. Transcend’s dedicated switching solution removes the traditional headaches of migration and empowers organizations to unlock the full potential of Transcend’s automated platform. In a landscape where legacy…

Read more →

Machine learning and generative AI are changing the way knowledge workers do their jobs. Every company is eager to be “an AI company,” but AI can often seem like a black box, and the fear of security, regulatory and privacy…

Read more →

In this Help Net Security interview, Marko Simeonov, CEO of Plainsea, discusses how organizations can move beyond compliance-driven penetration testing toward a more strategic, risk-based approach. He explains how automation, human expertise, and continuous monitoring can transform penetration testing into…

Read more →

Despite organizations’ repeated attempts at security awareness training, with a particular emphasis on how employees can avoid being phished, in 2024 enterprise users clicked on phishing lures at a rate nearly three times higher than in 2023, according to Netskope.…

Read more →

AI Penetration Tester Microsoft | Canada | Remote – View job details As an AI Penetration Tester, you will discover and exploit vulnerabilities end-to-end in order to assess the security of AI systems. Execute offensive operations on production AI systems…

Read more →

The United Nation’s International Civil Aviation Organization (ICAO) confirmed on Monday that it’s “actively investigating reports of a potential information security incident allegedly linked to a threat actor known for targeting international organizations.” The statement came a few days after…

Read more →

NETGEAR announced the next generation of NETGEAR Armor, powered by Bitdefender. As a subscription, Armor is a comprehensive cybersecurity service available on Orbi mesh systems and Nighthawk routers that protects IoT and mobile devices connected to the home network and…

Read more →

The US Cybersecurity and Infrastructure Security Agency (CISA) has shared on Monday that the Treasury Department was the only US federal agency affected by the recent cybersecurity incident involving compromised BeyondTrust Remote Support SaaS instances. On the same day, BeyondTrust…

Read more →

McAfee launched the AI-powered McAfee Scam Detector — a tool designed to protect against text, email, and video scams. Today’s scams are smarter, sneakier, and more convincing than ever — and they’re everywhere. 59% of Americans say they or someone…

Read more →

In this Help Net Security interview, Sean Embry, CISO at eBay, discusses key aspects of cybersecurity leadership. He shares insights on balancing long-term strategic planning with immediate threat response, evaluating the ROI of new technologies, and addressing employee cybersecurity fatigue.…

Read more →

Enterprise cryptography faces risks beyond just the advent of quantum computers. For starters, there is no guarantee that the traditional algorithms have not been broken. Though we believe that it is “unlikely” they can be, the reality is that in…

Read more →

Lineaje recently released a report identifying the US and Russia as the leading generators of open-source projects, with both countries also having the highest numbers of anonymous open-source contributions. In this Help Net Security video, Nick Mistry, SVP and CISO…

Read more →

Cyberbro is an open-source application that extracts IoCs from garbage input and checks their reputation using multiple services. Cyberbro features Input handling: Paste raw logs, IoCs, or fanged IoCs, and let the regex parser do the rest. Multi-service reputation checks:…

Read more →

This article presents key insights from 2024 reports on the rise of phishing attacks, focusing on how advancements in AI and deepfake technology are making social engineering tactics more sophisticated. Cybercriminals exploit file sharing services to advance phishing attacks Examining…

Read more →

In this Help Net Security interview, Thomas Roccia, Senior Security Researcher at Microsoft, discusses how threat research drives faster, better decision-making in cybersecurity operations. Roccia provides insights into balancing internal and external research strategies, the influence of AI and geopolitical…

Read more →

Phishing remains one of the most significant cyber threats impacting organizations worldwide, according to SlashNext. Credential phishing is raising Credential theft attacks surged dramatically in the second half of 2024 (703%), signaling a sharp escalation in the use of sophisticated…

Read more →

With the EU’s Digital Operational Resilience Act (DORA) deadline approaching on 17th January, 2025, Europe’s top 100 companies face an urgent cybersecurity challenge, according to SecurityScorecard. A-rated companies safer from breaches The report highlights the role of SecurityScorecard’s A-to-F rating…

Read more →

This article highlights key findings and trends in healthcare cybersecurity for 2024. From the rising impact of cyberattacks on patient care to the vulnerabilities posed by medical devices and supply chains, these insights provide an overview of the current state…

Read more →

The chief information security officer (CISO) role has undergone a remarkable transformation, evolving from a purely technical position to a role that bridges business strategy, operational efficiency, and cybersecurity. The post The modern CISO is a cornerstone of organizational success…

Read more →

In this Help Net Security interview, Devin Ertel, CISO at Menlo Security, discusses how innovations like AI and closer collaboration between browser vendors and security providers will shape the future of browser security. The post Best practices for ensuring a…

Read more →

A recent Domo report shows that the world’s internet population has reached a record high of 5.52 billion people and uncovers signs that AI may be unseating digital juggernauts as it brings in new forms of engagement. “The phenomenal acceleration…

Read more →

As deepfakes become increasingly sophisticated and accessible, their potential for misuse in areas such as cybercrime, misinformation campaigns, and identity theft continues to grow. In this article, you will find key insights from 2024 reports on deepfake technology and the…

Read more →

While the majority of employees avoid risky behaviors, a small subset makes them a habit, posing a significant cybersecurity challenge, according to Mimecast. 48% of employees engaged in behaviors that exposed their organizations to cyber risk, with browsing violations being…

Read more →

Kata Containers is an open-source project dedicated to creating a secure container runtime that combines the performance and simplicity of containers with the enhanced isolation of lightweight virtual machines. By leveraging hardware virtualization technology, it adds an extra layer of…

Read more →

This article presents key findings from 2024 reports on data breaches. Breaches are taking longer to resolve and are becoming more costly for organizations. With recovery times extending and costs increasing, businesses face growing challenges in managing the aftermath. Full…

Read more →

72% of security leaders agree that the age of AI necessitates a complete reset of how organizations approach application security, according to Cycode. This urgency is reinforced by the fact that 93 billion lines of code were generated in the…

Read more →

Risk management is important, but it’s not always exciting. Many risk professionals still rely on spreadsheets and manual methods despite the availability of better options. Excel is familiar and cost-effective. Some spreadsheets are handy for certain risk management activities. In…

Read more →

This article highlights key findings and trends in the 2024 IT and cybersecurity skills gap, from the shortage of cybersecurity talent to the rising demand for certifications and upskilling programs, offering insights into the current state of skills development in…

Read more →