Tag: Help Net Security

Attackers have exploited an XSS vulnerability (CVE-2024-37383) in the Roundcube Webmail client to target a governmental organization of a CIS country, Positive Technologies (PT) analysts have discovered. The vulnerability was patched in May 2024, in Roundcube Webmail versions 1.5.7 and…

Read more →

Fastly released Fastly DDoS Protection to provide automatic protection from Layer 7 and other application-level DDoS attacks. With a click of a button, organizations can enable Fastly DDoS Protection to automatically shield their applications and APIs against highly disruptive data…

Read more →

Government information technology leaders find themselves at a challenging balance point: On one end of the scale are increasing threats from cyber actors, bolstered by advanced technology like artificial intelligence (AI); on the other end is a longstanding commitment to…

Read more →

Phishing scams aimed at voters, malicious domain registrations impersonating candidates, and other threat activity designed to exploit unassuming victims take center stage as the US election approaches, according to Fortinet. “As the 2024 US presidential election approaches, it’s critical to…

Read more →

In this Help Net Security interview, Dr Kathryn Jones, Head of School, Computer Science and Informatics at Cardiff University, discusses the challenges and misconceptions that deter women from pursuing careers in cybersecurity. Dr Jones also outlines the diverse skills, mentorship,…

Read more →

AI adoption and integration has continued its rapid momentum within the hacking community, according to Bugcrowd. Nevertheless, it continues to pose both benefits and unfortunate cyber risks. This year’s report revealed a significant shift in the perceived value of AI…

Read more →

The ultimate guide to AI security: key AI security risks, vulnerabilities and strategies for protection. 61% of companies use AI, but few secure it. This whitepaper covers the key AI risks being overlooked from LLMs to RAG. Inside the Securing…

Read more →

In the last couple of days, Fortinet has released critical security updates for FortiManager, to fix a critical vulnerability that is reportedly being exploited by Chinese threat actors. Security updates are trickling out The company, which is known for pushing…

Read more →

Graylog unveiled significant security advancements to drive smarter, faster, and more cost-efficient security operations. The company’s latest capabilities include advanced data routing, asset-based risk scoring, and AI-generated investigation reports. These enhancements, and many others in the Fall 2024 release, help…

Read more →

Ataccama announced Ataccama ONE v15.3, an update to its data management platform that significantly increases the ROI for customers. Ataccama ONE v15.3 empowers data teams to monitor, manage, and utilize data to enhance security and compliance and expand their customer…

Read more →

Cybersecurity troubles are not over for the Internet Archive (IA), the nonprofit organization behind the popular digital library site: after the recent DDoS attacks, defacement and data breach, an email sent via its Zendesk customer service platform has shown that…

Read more →

In this Help Net Security interview, Ian Swanson, CEO of Protect AI, discusses the concept of “secure AI by design.” By adopting frameworks like Machine Learning Security Operations (MLSecOps) and focusing on transparency, organizations can build resilient AI systems that…

Read more →

A recent Todyl report revealed a 558% increase in BEC (Business Email Compromise), AiTM (Adversary-in-the-Middle), and ATO (Account Takeover) attacks in 2024. In this Help Net Security video, David Langlands, Chief Security Officer at Todyl, discusses these evolving cyber threats.…

Read more →

84% of CISOs believe the role needs to be split into two functions – one technical and one business-focused, to maximize security and organizational resilience, according to Trellix. Regulatory demands pose a growing challenge for CISOs The research reveals insights…

Read more →

SpiderOak launched its core technology platform as an open-source project called Aranya. This release provides the same level of security as the company’s platform, which is already in use by the Department of Defense. The Aranya project marks a turning…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113) Last week, CISA added CVE-2024-23113 – a critical vulnerability that allows unauthenticated remote…

Read more →

Microsoft has lost several weeks of cloud security logs that its customers rely on to spot cyber intrusions. What happened As reported by Business Insider earlier this month, Microsoft privately notified affected customers of this incident and told them the…

Read more →

Attackers have tried to deliver wiper malware to employees at organizations across Israel by impersonating cybersecurity company ESET via email. The phishing email The attack took the form of a phishing email ostensibly sent by the “Eset Advanced Threat Defense…

Read more →

Law enforcement agencies have arrested suspects involved in cyber attacks claimed by USDoD and Anonymous Sudan, as well as a person involved in the hacking of SEC’s X (Twitter) account. USDoD On Wednesday, the Brazilian federal police (Policia Federal) arrested…

Read more →

CyCognito announced several enhancements to its CyCognito Automated Security Testing (AST) product, a module in the CyCognito platform built for automated exposure validation and security testing. These additions speed the configuration of automated testing for AWS cloud environments, provide enhanced data…

Read more →