Uncovering attacker tactics through cloud honeypots
Attackers typically find exposed “secrets” – pieces of sensitive information that allow access to an enterprise cloud environment — in as little as two minutes and, in …
Week in review: Microsoft confirms DDoS attacks on M365 and Azure Portal, Infosecurity Europe 2023
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Unraveling the multifaceted threats facing telecom companies In this Help Net …
PoC exploit released for Cisco AnyConnect, Secure Client vulnerability (CVE-2023-20178)
Proof-of-concept (PoC) exploit code for the high-severity vulnerability (CVE-2023-20178) in Cisco Secure Client Software for Windows and Cisco AnyConnect Secure Mobility …
Microsoft Teams vulnerability allows attackers to deliver malware to employees
Security researchers have uncovered a bug that could allow attackers to deliver malware directly into employees’ Microsoft Teams inbox. “Organisations that use …
New infosec products of the week: June 23, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Cymulate, Edgescan, ESET, Island, iStorage, and Netskope. Island integrates DLP …
Insurance companies neglect basic email security
Only 3.54% of of insurance companies have correctly implemented basic phishing and spoofing protection, according to EasyDMARC. DMARC standard adoption Insurers operate using …
Apple fixes zero-day vulnerabilities used to covertly deliver spyware (CVE-2023-32435)
Apple has released patches for three zero-day vulnerabilities (CVE-2023-32434, CVE-2023-32435, CVE-2023-32439) exploited in the wild. The first two have been reported by …
ChatGPT shows promise in detecting phishing sites
ChatGPT can be used to generate phishing sites, but could it also be used to reliably detect them? Security researchers have tried to answer that question. Can ChatGPT detect …
Photos: Infosecurity Europe 2023, part 3
Infosecurity Europe is taking place at ExCeL London from 20-22 June 2023 and Help Net Security is on site. The first gallery is available here, and the second gallery is here. …
Unraveling the multifaceted threats facing telecom companies
In today’s interconnected world, telecom companies serve as gateways, connecting individuals, businesses, and governments. However, this role also makes them prime …
Increased spending doesn’t translate to improved cybersecurity posture
Security teams are stretched, with not enough people, skills or budget to cope with all their priorities, according to Panaseer. Average cybersecurity budgets increase in 2023 …
VMware Aria Operations for Networks vulnerability exploited in the wild (CVE-2023-20887)
CVE-2023-20887, a pre-authentication command injection vulnerability in VMware Aria Operations for Networks (formerly vRealize Network Insight), has been spotted being …
Featured news
Resources
Don't miss
- Job-seeking devs targeted with fake CrowdStrike offer via email
- January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance
- The SBI fake banking app shows that SMS authentication has had its day
- Preventing the next ransomware attack with help from AI
- Banshee Stealer variant targets Russian-speaking macOS users