The attack with many names: SMS Toll Fraud
Bad actors leverage premium-rate phone numbers and bots to steal billions of dollars from businesses. In this Help Net Security video, Frank Teruel, CFO at Arkose Labs, …
A third of organizations suffered a SaaS data breach this year
While SaaS security is finally getting the attention it deserves, there’s still a significant gap between intent and implementation. Ad hoc strategies and other practices …
Complying with PCI DSS requirements by 2025
Version 4.0.1 of the Payment Card Industry Data Security Standard (PCI DSS), which came into effect back in April, incorporates a few important changes to make it fit for the …
Damn Vulnerable UEFI: Simulate real-world firmware attacks
Damn Vulnerable UEFI (DVUEFI) is an open-source exploitation toolkit and learning platform for unveiling and fixing UEFI firmware vulnerabilities. Simulate real-world firmware …
Ransomware crisis deepens as attacks and payouts rise
During the second quarter, new ransomware groups, including PLAY, Medusa, RansomHub, INC Ransom, BlackSuit, and some additional lesser-known factions, led a series of attacks …
Keeping up with automated threats is becoming harder
98% of organizations attacked by bots in the past year lost revenue as a result, according to Kasada. Web scraping (web crawling) is a significant threat followed closely by …
Infosec products of the month: August 2024
Here’s a look at the most interesting products from the past month, featuring releases from: Adaptive Shield, AppOmni, ArmorCode, Bitwarden, Cequence Security, ClearSale, …
Week in review: SonicWall critical firewalls flaw fixed, APT exploits WPS Office for Windows RCE
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766) …
How RansomHub went from zero to 210 victims in six months
RansomHub, a ransomware-as-a-service (RaaS) outfit that “popped up” earlier this year, has already amassed at least 210 victims (that we know of). Its affiliates …
A macro look at the most pressing cybersecurity risks
Forescout’s 2024H1 Threat Review is a new report that reviews the current state of vulnerabilities, threat actors, and ransomware attacks in the first half of 2024 and …
Sinon: Open-source automatic generative burn-in for Windows deception hosts
Sinon is an open-source, modular tool for the automatic burn-in of Windows-based deception hosts. It aims to reduce the difficulty of orchestrating deception hosts at scale …
Cyber threats that shaped the first half of 2024
Global cybercrime has shown no sign of decline and is expected to grow strong per year over the next five years. To identify the most urgent cybersecurity threats of the first …
Featured news
Resources
Don't miss
- AI isn’t one system, and your threat model shouldn’t be either
- LLMs work better together in smart contract audits
- Product showcase: NAKIVO v11.1 advances MSP service delivery with secure multi-tenant management
- Crypto theft in 2025: North Korean hackers continue to dominate
- Clipping Scripted Sparrow’s wings: Tracking a global phishing ring