Critical ownCloud flaw under attack (CVE-2023-49103)
Attackers are trying to exploit a critical information disclosure vulnerability (CVE-2023-49103) in ownCloud, a popular file sharing and collaboration platform used in …
Ukrainian ransomware gang behind high-profile attacks dismantled
Law enforcement and judicial authorities from seven countries have joined forces with Europol and Eurojust to dismantle and apprehend in Ukraine key figures behind significant …
SMBs face surge in “malware free” attacks
“Malware free” attacks, attackers’ increased reliance on legitimate tools and scripting frameworks, and BEC scams were the most prominent threats small and …
How passkeys are reshaping user security and convenience
In this Help Net Security interview, Anna Pobletts, Head of Passwordless at 1Password, talks about passkey adoption and its acceleration in 2024. This trend is particularly …
Product showcase: New ESET Home Security
ESET is thrilled to announce our new cutting-edge consumer solutions. Our consumer offering is more than just security – it is a comprehensive portfolio designed to keep our …
Generative AI security: Preventing Microsoft Copilot data exposure
Microsoft Copilot has been called one of the most powerful productivity tools on the planet. Copilot is an AI assistant that lives inside each of your Microsoft 365 apps — …
Report: The state of authentication security 2023
This survey set out to explore these challenges, to identify common practices, and to provide insight into how organizations can bolster their defenses. Key findings from the …
Released: AI security guidelines backed by 18 countries
The UK National Cyber Security Centre (NCSC) has published new guidelines that can help developers and providers of AI-powered systems “build AI systems that function as …
PoC for Splunk Enterprise RCE flaw released (CVE-2023-46214)
A proof-of-concept (PoC) exploit for a high-severity flaw in Splunk Enterprise (CVE-2023-46214) that can lead to remote code execution has been made public. Users are advised …
OpenSSL 3.2.0 released: New cryptographic algorithms, support for TCP fast open, and more!
OpenSSL is a full-featured toolkit for general-purpose cryptography and secure communication. The final version of OpenSSL 3.2.0 is now available. Major changes in OpenSSL …
AWS Kill Switch: Open-source incident response tool
AWS Kill Switch is an open-source incident response tool for quickly locking down AWS accounts and IAM roles during a security incident. The solution includes a Lambda …
Why it’s the perfect time to reflect on your software update policy
The threat landscape is evolving by the minute, with both malicious actors and well-intentioned researchers constantly on the hunt for new attack vectors that bypass security …