How attackers deliver malware to Foxit PDF Reader users
Threat actors are taking advantage of the flawed design of Foxit PDF Reader’s alerts to deliver malware via booby-trapped PDF documents, Check Point researchers have …
Core security measures to strengthen privacy and data protection programs
As privacy laws evolve globally, organizations face increasing complexity in adapting their data protection strategies to stay compliant. In this Help Net Security interview, …
Cybersecurity jobs available right now: May 15, 2024
Some of the jobs listed here are no longer accepting applications. For a fresh list of open cybersecurity jobs, go here. Associate / Pentester (Red Team) – Cybersecurity …
Ransomware statistics that reveal alarming rate of cyber extortion
In this article, you will find excerpts from various reports that offer statistics and insights about the current ransomware landscape. Global ransomware crisis worsens NTT …
Cybersecurity analysis exposes high-risk assets in power and healthcare sectors
Traditional approaches to vulnerability management result in a narrow focus of the enterprise attack surface area that overlooks a considerable amount of risk, according to …
May 2024 Patch Tuesday: Microsoft fixes exploited zero-days (CVE-2024-30051, CVE-2024-30040)
For May 2024 Patch Tuesday, Microsoft has released fixes for 59 CVE-numbered vulnerabilities, including two zero-days (CVE-2024-30051, CVE-2024-30040) actively exploited by …
Apple backports iOS zero-day patch, adds Bluetooth tracker alert
Apple has backported the patch for CVE-2024-23296 to the iOS 16 branch and has fixed a bug (CVE-2024-27852) in MarketplaceKit that may allow maliciously crafted webpages to …
How a GRC consultant passed the CISSP exam in six weeks
Ask any IT security professional which certification they would consider to be the “gold standard” in terms of prestige, credibility, or difficulty, and almost invariably they …
BLint: Open-source tool to check the security properties of your executables
BLint is a Binary Linter designed to evaluate your executables’ security properties and capabilities, utilizing LIEF for its operations. From version 2, BLint can also …
Tailoring responsible AI: Defining ethical guidelines for industry-specific use
In this Help Net Security interview, Chris Peake, CISO & SVP at Smartsheet, explains how responsible AI should be defined by each organization to guide their AI …
Log4Shell shows no sign of fading, spotted in 30% of CVE exploits
Organizations continue to run insecure protocols across their wide access networks (WAN), making it easier for cybercriminals to move across networks, according to a Cato …
Black Basta target orgs with new social engineering campaign
Black Basta, one of the most prolific ransomware-as-a-service operators, is trying out a combination of email DDoS and vishing to get employees to download remote access …
Featured news
Resources
Don't miss
- When confusion becomes a weapon: How cybercriminals exploit economic turmoil
- SWE-agent: Open-source tool uses LLMs to fix issues in GitHub repositories
- PoC exploit for critical Erlang/OTP SSH bug is public (CVE-2025-32433)
- The legal blind spot of shadow IT
- Email authentication simplified: How PowerDMARC makes DMARC effortless