SSH vulnerability exploitable in Terrapin attacks (CVE-2023-48795)
Security researchers have discovered a vulnerability (CVE-2023-48795) in the SSH cryptographic network protocol that could allow an attacker to downgrade the …
The impact of prompt injection in LLM agents
Prompt injection is, thus far, an unresolved challenge that poses a significant threat to Language Model (LLM) integrity. This risk is particularly alarming when LLMs are …
EMBA: Open-source security analyzer for embedded devices
The EMBA open-source security analyzer is tailored as the central firmware analysis tool for penetration testers and product security groups. It assists throughout the …
Ransomware trends and recovery strategies companies should know
Ransomware attacks can have severe consequences, causing financial losses, reputational damage, and operational disruptions. The methods used to deliver ransomware vary, …
Most cloud transformations are stuck in the middle
The landscape of enterprise technology continues to evolve rapidly, with cloud transformation as a primary investment, according to HFS and IBM Consulting. Yet, most …
Microsoft is working on a more secure print system for Windows
After announcing a gradual elimination of third-party printer drivers on Windows earlier this year, Microsoft has now unveiled its plan for enhancing security by introducting …
Qakbot returns in fresh assault on hospitality sector
The Qakbot botnet has been disrupted this summer, but cybercriminals are not ready to give up on the malware: Microsoft’s threat analysts have spotted a new phishing …
MongoDB corporate systems breached, customer data exposed
Database management company MongoDB has suffered a breach: attackers have gained access to some of its corporate systems and customer data and metadata. The MongoDB breach …
Correct bad network behavior to bolster application experience
Legacy hardware-based applications existed happily in isolation, untethered from a network. The thing that really mattered was the speed of the hard drive and having enough …
Creating a formula for effective vulnerability prioritization
In this Help Net Security interview, Michael Gorelik, CTO and Head of Malware Research at Morphisec, provides insights into the business impact of vulnerabilities. Gorelik …
Information-blocking rule in 21st Century Cures Act redefines data exchange in healthcare
A Verato survey offers perspectives on the data management strategies of healthcare executives, highlighting the crucial role of Healthcare Master Data Management (hMDM) in …
Week in review: Apache Struts vulnerability exploit attempt, EOL Sophos firewalls get hotfix
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: SCS 9001 2.0 reveals enhanced controls for global supply chains In this Help …
Featured news
Resources
Don't miss
- Job-seeking devs targeted with fake CrowdStrike offer via email
- January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance
- The SBI fake banking app shows that SMS authentication has had its day
- Preventing the next ransomware attack with help from AI
- Banshee Stealer variant targets Russian-speaking macOS users