Category: Help Net Security

x64dbg is an open-source binary debugger for Windows, designed for malware analysis and reverse engineering of executables without access to the source code. It offers a wide range of features and a plugin system, allowing you to customize and extend…

Read more →

Effectively converging, managing and using enterprise data is a huge undertaking. Enterprises have vast hoards of data, but those hoards exist within siloed systems and applications, and it requires a lot of manual effort by highly skilled data scientists, engineers…

Read more →

Despite their role in connecting applications and driving innovation, APIs often suffer from serious security vulnerabilities. Recent investigations reveal that many organizations are struggling with exposed secrets such as passwords and API keys, which attackers frequently misuse. The persistence of…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200) A new MS Office zero-day vulnerability (CVE-2024-38200) can be exploited by attackers to grab…

Read more →

Google Search ads that target users looking for Google’s own services lead them to spoofed sites and Microsoft and Apple tech support scams. The fake Google Search ads (Source: Malwarebytes) “In this particular scheme, all web resources used from start…

Read more →

I recently spent six days in Las Vegas attending DEF CON, BsidesLV, and Black Hat USA 2024, where I had the opportunity to engage with and learn from some of the top security experts in the world. A major theme…

Read more →

Pindrop launched Pindrop Pulse Inspect in Preview. This innovative tool, the latest addition to Pindrop’s deepfake detection Pindrop Pulse product family, can detect AI-generated speech in any digital audio file with 99% accuracy. Following the launch of Pindrop Pulse earlier…

Read more →

Critical Start announced Critical Start Vulnerability Management Service (VMS) and Vulnerability Prioritization. These new offerings are a foundational pillar of Managed Cyber Risk Reduction, allowing organizations to assess, manage, prioritize, and reduce cyber risk exposure posed by vulnerabilities across their…

Read more →

Authentik is an open-source identity provider designed for maximum flexibility and adaptability. It easily integrates into existing environments and supports new protocols. It’s a comprehensive solution for implementing features like sign-up, account recovery, and more in your application, eliminating the…

Read more →

Cyber threats continued to intensify in the first half of 2024 as cybercriminals exploited security gaps from growing business and technological consolidation, according to Resilience. Consolidation in business and tech fuels new third-party risks Rebounding merger and acquisition (M&A) activity…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from ClearSale, Guardio, Ivanti, Resecurity, and Stellar. Resecurity unveils new AI-driven Fraud Prevention Platform Resecurity unveiled its advanced AI-driven Fraud Prevention Platform. This versatile solution is…

Read more →

In this Help Net Security video, Frederic Najman, Executive Member of the SFPN (French Union of NoCode Professionals), discusses how NoCode and LowCode technologies enable companies to free up development resources to tackle cybersecurity issues. In a context where three-quarters…

Read more →

Cybercriminals are breaking into organizations’ cloud storage containers, exfiltrating their sensitive data and, in several cases, have been paid off by the victim organizations to not leak or sell the stolen data. “The attackers behind this campaign likely leveraged extensive…

Read more →

SolarWinds has fixed a critical vulnerability (CVE-2024-28986) in its Web Help Desk (WHD) solution that may allow attackers to run commands on the host machine. “While it was reported as an unauthenticated vulnerability, SolarWinds has been unable to reproduce it…

Read more →

56% of security professionals are concerned about AI-powered threats, according to Pluralsight. Many organizations lack structured AI training Over half of surveyed technologists are either extremely concerned or moderately concerned about AI-powered threats, with only 6% saying they are not…

Read more →

In this Help Net Security interview, David Cottingham, President at rf IDEAS, discusses the key benefits organizations can expect when implementing passkeys. Cottingham addresses the misconceptions surrounding the adoption of passkeys, particularly in the B2B landscape. What are the key…

Read more →

The rapid integration of AI and GenAI technologies creates a complex mix of challenges and opportunities for organizations. While the potential benefits are clear, many companies struggle with AI literacy, cautious adoption, and the risks of immature implementation. This has…

Read more →

The total number of DDoS attacks during H1 2024 amounted to 830,000, an increase of 46% when compared to H1 2023, according to Gcore. Peak attack power rose from 1.6 terabits per second (Tbps) in H2 2023 to 1.7 Tbps.…

Read more →

ClearSale has announced a new portfolio of fraud prevention tools designed to meet the evolving needs of today’s digital retail landscape. The newly launched suite, dubbed “Preventative Intel,” introduces three powerful solutions: Instant Decision, Automatic Decision, and Complete Decision. These…

Read more →

Ivanti announced new features for Ivanti Neurons for Patch Management to help expand patch settings configuration to allow for multiple parallel deployment tasks such as regular maintenance, priority updates and zero-day response. Given the rise of cyber threats and speed…

Read more →