PoC exploit, IoCs for Fortinet FortiNAC RCE released (CVE-2022-39952)
Horizon3.ai’s Attack Team has released a PoC exploit for CVE-2022-39952, a critical vulnerability affecting FortiNAC, Fortinet’s network access control solution. …
What can we learn from the latest Coinbase cyberattack?
Cryptocurrency exchange Coinbase has fended off a cyberattack that might have been mounted by the same attackers that targeted Twillio, Cloudflare and many other companies …
Google Protected Computing: Ensuring privacy and safety of data regardless of location
In this Help Net Security interview, Royal Hansen, VP of Engineering for Privacy, Safety, and Security at Google, talks about Protected Computing, the impact of data …
Complexity, volume of cyber attacks lead to burnout in security teams
The rapid evolution of cybercrime is weighing on security teams substantially more than it did last year, leading to widespread burnout and potential regulatory risk, …
Twitter will start charging users for SMS-based 2FA option
Twitter has announced that starting with March 20, users who don’t pay the Twitter Blue subscription will no longer be able to use the SMS-based two-factor …
Fortinet plugs critical security hole in FortiNAC, with a PoC incoming (CVE-2022-39952)
Fortinet has dropped fixes for 40 vulnerabilities in a variety of its products, including two critical vulnerabilities (CVE-2022-39952, CVE-2021-42756) affecting its FortiNAC …
Cybersecurity takes a leap forward with AI tools and techniques
Scientists have taken a key step toward harnessing a form of artificial intelligence known as deep reinforcement learning, or DRL, to protect computer networks. Autonomus …
Healthcare data breaches still higher than pre-pandemic levels
The number of data breaches affecting healthcare providers declined in the second half of 2022, consistent with a downward trend over the past two years, according to Critical …
Week in review: Microsoft, Apple patch exploited zero-days, tips for getting hired in cybersecurity
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Combining identity and security strategies to mitigate risks The Identity …
Admins, patch your Cisco enterprise security solutions! (CVE-2023-20032)
Cisco has released security updates for several of its enterprise security and networking products, fixing (among other things): A critical vulnerability (CVE-2023-20032) in …
Authorities break up gang responsible for €38 million CEO fraud
A joint investigation supported by Europol has led to the dismantling of a Franco-Israeli criminal gang involved in large-scale CEO fraud (also known as BEC scams). The …
New infosec products of the week: February 17, 2023
Here’s a look at the most interesting products from the past week, featuring releases from CyberSaint, DigiCert, Finite State, FireMon, and Veeam Software. CyberSaint …
Don't miss
- Contextal Platform: Open-source threat detection and intelligence
- Using cognitive diversity for stronger, smarter cyber defense
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws
- Fortinet fixes FortiOS zero-day exploited by attackers for months (CVE-2024-55591)
- Malicious actors’ GenAI use has yet to match the hype