Microsoft Teams users targeted in phishing attack delivering DarkGate malware
A new phishing campaign taking advantage of an easily exploitable issue in Microsoft Teams to deliver malware has been flagged by researchers. Delivering malware to Microsoft …
CISOs and board members work more closely than ever before
73% of board members believe they face the risk of a major cyber attack in the next 12 months, a notable increase from 65% in 2022, according to Proofpoint. Likewise, 53% feel …
The blueprint for a highly effective EASM solution
In this Help Net Security interview, Adrien Petit, CEO at Uncovery, discusses the benefits that organizations can derive from implementing external attack surface management …
Email forwarding flaws enable attackers to impersonate high-profile domains
Sending an email with a forged address is easier than previously thought, due to flaws in the process that allows email forwarding, according to a research team led by …
Elevating API security to reinforce cyber defense
While APIs are essential to many operations and used extensively, a lack of prioritization and understanding is leading us towards a growing API security crisis, according to …
Week in review: 6 free resources for getting started in cybersecurity, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: The misconceptions preventing wider adoption of digital signatures In this …
Unpatched Cisco ASA flaw exploited by attackers (CVE-2023-20269)
A vulnerability (CVE-2023-20269) in Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) firewalls is being exploited by attackers to gain access …
North Korean hackers target security researchers with zero-day exploit
North Korean threat actors are once again attempting to compromise security researchers’ machines by employing a zero-day exploit. The warning comes from Google’s …
Apple patches two zero-days under attack (CVE-2023-41064, CVE-2023-41061)
Apple has patched two zero-day vulnerabilities (CVE-2023-41064, CVE-2023-41061) exploited to deliver NSO Group’s Pegasus spyware. “The exploit chain was capable of …
September 2023 Patch Tuesday forecast: Important Federal government news
Microsoft addressed 33 CVEs in Windows 10 and 11 last month after nearly 3x that number in July. But despite the lull in CVEs, they did provide new security updates for …
New infosec products of the week: September 8, 2023
Here’s a look at the most interesting products from the past week, featuring releases from CyberSaint, Ghost Security, Hornetsecurity, NTT Security Holdings, and TXOne …
New quantum random number generator could revolutionize encryption
Digital information exchange can be safer, cheaper and more environmentally friendly with the help of a new type of random number generator for encryption developed at …
Featured news
Resources
Don't miss
- Job-seeking devs targeted with fake CrowdStrike offer via email
- January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance
- The SBI fake banking app shows that SMS authentication has had its day
- Preventing the next ransomware attack with help from AI
- Banshee Stealer variant targets Russian-speaking macOS users