OilRig targets Israel organizations with new lightweight downloaders
ESET researchers analyzed a growing series of new OilRig downloaders that the group used in several campaigns throughout 2022 to maintain access to target organizations of …
New infosec products of the week: December 15, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Censys, Confirm, Drata, Safe Security, and SpecterOps. Nemesis: Open-source …
Fortifying cyber defenses: A proactive approach to ransomware resilience
Ransomware has become a pervasive threat, compromising the security and functionality of vital systems across the United States. While governmental pledges and public …
Multi-cloud computing offers benefits but makes IT far more complex
Demand for public cloud-related solutions is rising as organizations seek tools to manage and optimize complex, multi-cloud environments, according to ISG. The report finds …
CIOs shape long-term success with GenAI expertise
Today’s CIOs have evolved from managing IT infrastructure and ensuring systems’ efficiency to becoming key business strategists, according to IDC. They stand at …
Photos: CyberMarketingCon 2023
Help Net Security sponsored and attended Cybersecurity Marketing Society’s CyberMarketingCon 2023 in Austin, TX. Over the three days of the conference, there were 35 …
Russian hackers target unpatched JetBrains TeamCity servers
Russian state-sponsored hackers have been exploiting CVE-2023-42793 to target unpatched, internet-facing JetBrains TeamCity servers since September 2023, US, UK and Polish …
Attackers are trying to exploit Apache Struts vulnerability (CVE-2023-50164)
Attackers are trying to leverage public proof-of-exploit (PoC) exploit code for CVE-2023-50164, the recently patched path traversal vulnerability in Apache Struts 2. …
Cybercrime operation that sold millions of fraudulent Microsoft accounts disrupted
Microsoft disrupted an alleged threat actor group that built viable cybercrime-as-a-service (CaaS) businesses. Dubbed Storm-1152 by Microsoft, the group bilked enterprises and …
GuardRail: Open-source tool for data analysis, AI content generation using OpenAI GPT models
GuardRail OSS is an open-source project delivering practical guardrails to ensure responsible AI development and deployment. GuardRail: Tailored to an organization’s AI needs …
Digital ops and ops management security predictions for 2024
CISOs don’t need a crystal ball – they already know that 2024 will be another tough year, especially with AI at everyone’s mind. Instead of playing catch-up regarding …
Microsoft ICSpector: A leap forward in industrial PLC metadata analysis
Microsoft ICSpector is an open-source forensics framework that enables the analysis of industrial PLC metadata and project files. Architecture The framework provides …
Featured news
Resources
Don't miss
- Job-seeking devs targeted with fake CrowdStrike offer via email
- January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance
- The SBI fake banking app shows that SMS authentication has had its day
- Preventing the next ransomware attack with help from AI
- Banshee Stealer variant targets Russian-speaking macOS users