
Hackers exploit old FortiGate vulnerabilities, use symlink trick to retain limited access to patched devices
A threat actor that has been using known old FortiOS vulnerabilities to breach FortiGate devices for years has also been leveraging a clever trick to maintain undetected …

Why security culture is crypto’s strongest asset
In this Help Net Security interview, Norah Beers, CISO at Grayscale, discusses key security challenges in managing crypto assets, adversary tactics, private key management, …

Ransomware groups push negotiations to new levels of uncertainty
Ransomware attacks increased by nearly 20% in 2024, and the severity rose by 13%, according to At-Bay. The blast radius of ransomware continues to grow as businesses impacted …

Why remote work is a security minefield (and what you can do about it)
Remote work is seen as more than a temporary solution, it’s a long-term strategy for many organizations. Remote work cybersecurity challenges Unsecured networks: Workers …

iOS devices face twice the phishing attacks of Android
2024 brought about countless new cybersecurity challenges including significant growth of the mobile threat landscape, according to Lookout. Threat actors, ranging from …

New infosec products of the week: April 11, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Forescout, Index Engines, Jit, RunSafe Security, and Seal Security. Jit launches AI …

Trump orders revocation of security clearances for Chris Krebs, SentinelOne
Update: April 17, 09:56 AM – Chris Krebs stepped away from his position at SentinelOne. US President Donald Trump has signed an Executive Order on Wednesday to revoke …

FortiSwitch vulnerability may give attackers control over vulnerable devices (CVE-2024-48887)
Fortinet has released patches for flaws affecting many of its products, among them a critical vulnerability (CVE-2024-48887) in its FortiSwitch appliances that could allow …

How to find out if your AI vendor is a security risk
One of the most pressing concerns with AI adoption is data leakage. Consider this: An employee logs into their favorite AI chatbot, pastes sensitive corporate data, and asks …

From likes to leaks: How social media presence impacts corporate security
From a psychological standpoint, we all crave attention, and likes and comments fuel that need, encouraging us to share even more on social media. In the corporate world, this …

Review: The Ultimate Kali Linux Book, Third Edition
Packed with real-world scenarios, hands-on techniques, and insights into widely used tools, the third edition of the bestselling Ultimate Kali Linux Book offers a practical …

Enzoic AD Lite Password Audit Report
Enzoic for AD Lite Password Auditor is an innovative tool designed to integrate with an organization’s Active Directory environment seamlessly. Enzoic analyzed the 2024 AD …
Featured news
Resources
Don't miss
- Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221)
- New Microsoft accounts will be “passwordless by default”
- Why SMEs can no longer afford to ignore cyber risk
- Preparing for the next wave of machine identity growth
- Hottest cybersecurity open-source tools of the month: April 2025