
Apache Commons Text flaw is not a repeat of Log4Shell (CVE-2022-42889)
A freshly fixed vulnerability (CVE-2022-42889) in the Apache Commons Text library has been getting attention from security researchers these last few days, worrying it could …

Unpatched Zimbra RCE bug exploited by attackers (CVE-2022-41352)
A still unpatched vulnerability (CVE-2022-41352) in Zimbra Collaboration is being exploited by attackers to achieve remote code execution on vulnerable servers. About the …

Thousands of QNAP NAS devices hit by DeadBolt ransomware (CVE-2022-27593)
QNAP Systems has provided more information about the latest DeadBolt ransomware campaign targeting users of its network-attached storage (NAS) devices and the vulnerability …

Patch critical flaw in Atlassian Bitbucket Server and Data Center! (CVE-2022-36804)
A critical vulnerability (CVE-2022-36804) in Atlassian Bitbucket Server and Data Center could be exploited by unauthorized attackers to execute malicious code on vulnerable …

Why it’s past time we operationalized cybersecurity
Enterprises are investing more in cybersecurity than ever before, but we’re also seeing a record number of breaches. More than 5.1 billion pieces of personal information were …

Black Hat USA 2022 video walkthrough
In this Help Net Security video, we take you inside Black Hat USA 2022 at the Mandalay Bay Convention Center in Las Vegas. The video features the following vendors: Abnormal …

Open Cybersecurity Schema Framework project helps organizations detect and defend from cyberattacks
A coalition of cybersecurity and technology leaders announced an open-source effort to break down data silos that impede security teams. The Open Cybersecurity Schema …

Infosec products of the month: July 2022
Here’s a look at the most interesting products from the past month, featuring releases from: Action1, Aqua Security, Cato Networks, CertiK, CoSoSys, CyberArk, Darktrace, …

New infosec products of the week: July 29, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Aqua Security, NetApp, Rapid7, Runecast, and Teleport. Runecast announces new …

Rapid7 adds layered context capabilities to its InsightCloudSec platform
Rapid7 released new layered context capabilities within the company’s InsightCloudSec offering, the company’s Cloud-Native Security Platform (CNSP). With the addition of …

The past, present and future of Metasploit
Metasploit is the most used penetration testing framework. In this Help Net Security video, Spencer McIntyre, Lead Security Researcher at Rapid7, talks about how Metasploit …

Infosecurity Europe 2022 video walkthrough
Infosecurity Europe 2022 opened its doors today at the ExCeL in London, here’s a look inside the event. The featured vendors are: Akamai Technologies, AlgoSec, Appgate, …
Featured news
Resources
Don't miss
- Critical Firefox, Tor Browser sandbox escape flaw fixed (CVE-2025-2857)
- Android financial threats: What businesses need to know to protect themselves and their customers
- Post-quantum cryptography and the future of online safety
- How to manage and protect your biometric data
- UK NCSC offers security guidance for domain and DNS registrars