PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987)
Details about and proof-of-concept (PoC) exploit code for CVE-2024-28987, a recently patched SolarWinds Web Help Desk (WHD) vulnerability that could be exploited by …
Ivanti vTM auth bypass flaw exploited in attacks, CISA warns (CVE-2024-7593)
CVE-2024-7593, a critical authentication bypass vulnerability affecting Ivanti Virtual Traffic Manager (vTM) appliances, is actively exploited by attackers. The confirmation …
NetAlertX: Open-source Wi-Fi intruder detector
NetAlertX is an open-source Wi-Fi/LAN intruder detection tool that scans your network for connected devices and alerts you when new or unknown devices are detected. It …
Securing non-human identities: Why fragmented strategies fail
In this Help Net Security interview, John Yeoh, Global VP of Research at CSA, discusses the growing security challenges posed by non-human identities (NHIs). With NHIs now …
Cybersecurity jobs available right now: September 25, 2024
Some of the jobs listed here are no longer accepting applications. For a fresh list of open cybersecurity jobs, go here. CISO Guardz | Israel | Hybrid – No longer …
41% concerned about job security due to skill gaps
35% of employees lack confidence that they have the skills required to succeed in their roles, according to Skillsoft. Additionally, 41% expressed concerns about job security …
Organizations are making email more secure, and it’s paying off
Compromised identities have been a central component of countless costly breaches this year, according to Red Canary. Rise in identity and cloud-native attacks While most of …
Transportation, logistics companies targeted with lures impersonating fleet management software
Financially motivated threat actors are targeting North American companies in the transportation and logistics sector with tailored lures, info-stealing malware, and a clever …
US-based Kaspersky users startled by unexpected UltraAV installation
A poorly executed “handover” of US-based Kaspersky customers has led some users to panic when software named UltraAV popped up on their computers without any …
Telegram will share IP addresses, phone numbers of criminal suspects with cops
Telegram will start handing over the IP addresses and phone numbers of users who violate their Terms of Service “to relevant authorities in response to valid legal …
Future-proofing cybersecurity: Why talent development is key
In this Help Net Security interview, Jon France, CISO at ISC2, discusses cybersecurity workforce growth. He outlines organizations’ challenges, such as budget …
Discover how online fraud can impact your business
Recent reports underscore increased fraud losses driven by both old methods and new technologies. As fraudsters exploit advancements in AI and other sophisticated tools, their …
Featured news
Resources
Don't miss
- Why your security team feels stuck
- It’s time to give AI security its own playbook and the people to run it
- Kanvas: Open-source incident response case management tool
- 6 eye-opening books on AI’s rise, risks, and realities
- Check for CitrixBleed 2 exploitation even if you patched quickly! (CVE-2025-5777)