Critical XSS vulnerability in Zimbra exploited in the wild (CVE-2023-34192)
A critical cross site scripting (XSS) vulnerability (CVE-2023-34192) in popular open source email collaboration suite Zimbra is being exploited by attackers. About the …
CISOs under pressure: Protecting sensitive information in the age of high employee turnover
In this Help Net Security interview, Charles Brooks, Adjunct Professor at Georgetown University’s Applied Intelligence Program and graduate Cybersecurity Programs, talks …
Growing scam activity linked to social media and automation
The average number of scam resources created per brand across all regions and industries more than doubled year-on-year in 2022, up 162%, according to Group-IB. Additionally, …
Growing a 15,000 strong automotive cybersecurity group with John Heldreth
The furry in which the automotive community pried, prodded, and eventually outsmarted existing functions that are software-driven is nothing short of horrifying. While it …
Week in review: Malware delivery via Microsoft Teams, law firms under cyberattack, CVSS 4.0 is out
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: CISO perspective on why boards don’t fully grasp cyber attack risks In this …
Meta’s Threads app used as a lure
It was to be expected: As the buzz around Meta’s new microblogging platform Threads gained momentum, some individuals have stepped in to take advantage of the fact that …
Generative AI outperforms hackers but not their creativity
72% of hackers are confident that AI cannot replace human creativity in security research and vulnerability management, according to Bugcrowd. Generative AI hacking Generative …
Satellites lack standard security mechanisms found in mobile phones and laptops
Researchers from Ruhr University Bochum and the CISPA Helmholtz Center for Information Security in Saarbrücken have assessed the security mechanisms of satellites currently …
New infosec products of the week: July 14, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Fidelis Cybersecurity, Hubble, NETSCOUT, Regula, and WatchGuard. WatchGuard expands …
Facebook and Microsoft remain prime targets for spoofing
While trends in phishing frequently evolve, Facebook and Microsoft’s collective dominance as the most spoofed brands continues, according to Vade. Facebook and Microsoft’s …
Top priorities for chief audit executives in 2023
The top focus areas for chief audit executives (CAEs) in 2023 are advancing data analytics, assuring proliferating digital risks, and talent management, according to Gartner. …
Unnamed APT eyes vulnerabilities in Rockwell Automation industrial contollers (CVE-2023-3595 CVE-2023-3596)
Rockwell Automation has fixed two vulnerabilities (CVE-2023-3595, CVE-2023-3596) in the communication modules of its ControlLogix industrial programmable logic controllers …
Featured news
Sponsored
Don't miss
- Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991)
- eBook: How CISSP turns career goals into reality
- FIN7 sells improved EDR killer tool
- Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419)
- Fighting AI-powered synthetic ID fraud with AI