Zero-day in Arm GPU drivers exploited in targeted attacks (CVE-2023-4211)
A vulnerability (CVE-2023-4211) in the kernel drivers for several Mali GPUs “may be under limited, targeted exploitation,” British semiconductor manufacturer Arm …
Evolving conversations: Cybersecurity as a business risk
Board members often lack technical expertise and may not fully grasp cyber risks. On the other hand, CISOs are more accustomed to interfacing with IT staff. This is …
CISO’s compass: Mastering tech, inspiring teams, and confronting risk
In this Help Net Security interview, Okey Obudulu, CISO at Skillsoft, talks about the increasing complexity of the CISO role and challenges they face. He discusses the …
Chalk: Open-source software security and infrastructure visibility tool
Chalk is a free, open-source tool that helps improve software security. You add a single line to your build script, and it will automatically collect and inject metadata into …
Barriers preventing organizations from DevOps automation
Organizations’ investments in DevOps automation are delivering significant benefits, including a 61% improvement in software quality, a 57% reduction in deployment failures, …
Critical zero-days in Exim revealed, only 3 have been fixed
Six zero-days in Exim, the most widely used mail transfer agent (MTA), have been revealed by Trend Micro’s Zero Day Initiative (ZDI) last Wednesday. Due to what seems to …
Critical vulnerability in WS_FTP Server exploited by attackers (CVE-2023-40044)
Progress Software, the company behind the recently hacked MOVEit file-sharing tool, has recently fixed two critical vulnerabilities (CVE-2023-40044, CVE-2023-42657) in WS_FTP …
Most dual ransomware attacks occur within 48 hours
Since July 2023, the Federal Bureau of Investigation (FBI) has noticed a new trend: dual ransomware attacks on the same victim, occurring in close proximity of one another. …
Lazarus impersonated Meta recruiter to breach Spanish aerospace firm
Operators of the North Korea-linked Lazarus APT obtained initial access to the network of an aerospace company in Spain last year after a successful spearphishing campaign, by …
9 essential ransomware guides and checklists available for free
According to Fortinet, ransomware activity has intensified, registering an increase of 13 times compared to the beginning of 2023 in terms of all malware detections. The rise …
Securing GitHub Actions for a safer DevOps pipeline
GitHub Actions provides a platform for continuous integration and continuous delivery (CI/CD), enabling your build, test, and deployment process automation. It allows you to …
Global events fuel DDoS attack campaigns
Cybercriminals launched approximately 7.9 million DDoS attacks in 1H 2023, representing a 31% year-over-year increase, according to NETSCOUT. Global events like the …
Featured news
Sponsored
Don't miss
- Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419)
- Fighting AI-powered synthetic ID fraud with AI
- Laying the groundwork for zero trust in the military
- Grype: Open-source vulnerability scanner for container images, filesystems
- Signatures should become cloud security history