CyberAv3ngers hit Unitronics PLCs at multiple US-based water facilities
Iran-affiliated attackers CyberAv3ngers continue to exploit vulnerable Unitronics programmable logic controllers (PLCs), US and Israeli authorities have said in a joint …
Strategies for cultivating a supportive culture in zero-trust adoption
In this Help Net Security interview, Wolfgang Goerlich, Advisory CISO at Cisco, discusses the benefits of implementing a mature zero-trust model for both security and business …
Released: AI security guidelines backed by 18 countries
The UK National Cyber Security Centre (NCSC) has published new guidelines that can help developers and providers of AI-powered systems “build AI systems that function as …
How LockBit used Citrix Bleed to breach Boeing and other targets
CVE-2023-4966, aka “Citrix Bleed”, has been exploited by LockBit 3.0 affiliates to breach Boeing’s parts and distribution business, and “other trusted …
CISA offers cybersecurity services to non-federal orgs in critical infrastructure sector
The Cybersecurity and Infrastructure Security Agency (CISA) has announced a pilot program that aims to offer cybersecurity services to critical infrastructure entities as they …
The shifting sands of the war against cyber extortion
Ransomware and cyber extortion attacks aimed at organizations are not letting up. Occasionally, they even come in pairs. The often large and sometimes massive ransomware …
Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671)
CISA has added three vulnerabilities to its Known Exploited Vulnerabilities catalog, among them a critical vulnerability (CVE-2023-1671) in Sophos Web Appliance that has been …
Juniper networking devices under attack
CISA has ordered US federal agencies to patch five vulnerabilities used by attackers to compromise Juniper networking devices, and to do so by Friday. Most of these bugs are …
From Windows 9x to 11: Tracing Microsoft’s security evolution
Over its journey from Windows 9x to Windows 11, Microsoft has implemented multiple security overhauls, each addressing the challenges of its time and setting the stage for …
Logging Made Easy: Free log management solution from CISA
CISA launched a new version of Logging Made Easy (LME), a straightforward log management solution for Windows-based devices that can be downloaded and self-installed for free. …
The evolution of deception tactics from traditional to cyber warfare
Admiral James A. Winnefeld, USN (Ret.), is the former vice chairman of the Joint Chiefs of Staff and is an advisor to Acalvio Technologies. In this Help Net Security …
9 essential ransomware guides and checklists available for free
According to Fortinet, ransomware activity has intensified, registering an increase of 13 times compared to the beginning of 2023 in terms of all malware detections. The rise …