PoC for critical ManageEngine bug to be released, so get patching! (CVE-2022-47966)
If your enterprise is running ManageEngine products that were affected by CVE-2022-47966, check now whether they’ve been updated to a non-vulnerable version because …
Tracking the adversary
Raj Samani, SVP, Chief Scientist, Rapid7, discusses the tactics observed from a recent case of espionage, and what can be learned from such observations. This video was …
New Microsoft Exchange exploit chain lets ransomware attackers in (CVE-2022-41080)
Ransomware-wielding attackers are using a new exploit chain that includes one of the ProxyNotShell vulnerabilities (CVE-2022-41082) to achieve remote code execution on …
5 Kali Linux tools you should learn how to use
Kali Linux is a specialized Linux distribution developed by Offensive Security, designed for experienced Linux users who need a customized platform for penetration testing. …
IRISSCERT brings eminent cybersecurity experts to its conference in Dublin
The Irish Reporting and Information Security Service’s (IRISSCERT) Conference on Cybercrime will be on the 10th of November 2022 in the Aviva stadium. This all-day conference …
Apache Commons Text flaw is not a repeat of Log4Shell (CVE-2022-42889)
A freshly fixed vulnerability (CVE-2022-42889) in the Apache Commons Text library has been getting attention from security researchers these last few days, worrying it could …
Unpatched Zimbra RCE bug exploited by attackers (CVE-2022-41352)
A still unpatched vulnerability (CVE-2022-41352) in Zimbra Collaboration is being exploited by attackers to achieve remote code execution on vulnerable servers. About the …
Thousands of QNAP NAS devices hit by DeadBolt ransomware (CVE-2022-27593)
QNAP Systems has provided more information about the latest DeadBolt ransomware campaign targeting users of its network-attached storage (NAS) devices and the vulnerability …
Patch critical flaw in Atlassian Bitbucket Server and Data Center! (CVE-2022-36804)
A critical vulnerability (CVE-2022-36804) in Atlassian Bitbucket Server and Data Center could be exploited by unauthorized attackers to execute malicious code on vulnerable …
Why it’s past time we operationalized cybersecurity
Enterprises are investing more in cybersecurity than ever before, but we’re also seeing a record number of breaches. More than 5.1 billion pieces of personal information were …
Black Hat USA 2022 video walkthrough
In this Help Net Security video, we take you inside Black Hat USA 2022 at the Mandalay Bay Convention Center in Las Vegas. The video features the following vendors: Abnormal …
Open Cybersecurity Schema Framework project helps organizations detect and defend from cyberattacks
A coalition of cybersecurity and technology leaders announced an open-source effort to break down data silos that impede security teams. The Open Cybersecurity Schema …
Featured news
Sponsored
Don't miss
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)
- Risk related to non-human identities: Believe the hype, reject the FUD