OilRig targets Israel organizations with new lightweight downloaders
ESET researchers analyzed a growing series of new OilRig downloaders that the group used in several campaigns throughout 2022 to maintain access to target organizations of …
New infosec products of the week: December 15, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Censys, Confirm, Drata, Safe Security, and SpecterOps. Nemesis: Open-source …
Fortifying cyber defenses: A proactive approach to ransomware resilience
Ransomware has become a pervasive threat, compromising the security and functionality of vital systems across the United States. While governmental pledges and public …
Multi-cloud computing offers benefits but makes IT far more complex
Demand for public cloud-related solutions is rising as organizations seek tools to manage and optimize complex, multi-cloud environments, according to ISG. The report finds …
CIOs shape long-term success with GenAI expertise
Today’s CIOs have evolved from managing IT infrastructure and ensuring systems’ efficiency to becoming key business strategists, according to IDC. They stand at …
Photos: CyberMarketingCon 2023
Help Net Security sponsored and attended Cybersecurity Marketing Society’s CyberMarketingCon 2023 in Austin, TX. Over the three days of the conference, there were 35 …
Russian hackers target unpatched JetBrains TeamCity servers
Russian state-sponsored hackers have been exploiting CVE-2023-42793 to target unpatched, internet-facing JetBrains TeamCity servers since September 2023, US, UK and Polish …
Attackers are trying to exploit Apache Struts vulnerability (CVE-2023-50164)
Attackers are trying to leverage public proof-of-exploit (PoC) exploit code for CVE-2023-50164, the recently patched path traversal vulnerability in Apache Struts 2. …
Cybercrime operation that sold millions of fraudulent Microsoft accounts disrupted
Microsoft disrupted an alleged threat actor group that built viable cybercrime-as-a-service (CaaS) businesses. Dubbed Storm-1152 by Microsoft, the group bilked enterprises and …
GuardRail: Open-source tool for data analysis, AI content generation using OpenAI GPT models
GuardRail OSS is an open-source project delivering practical guardrails to ensure responsible AI development and deployment. GuardRail: Tailored to an organization’s AI needs …
Digital ops and ops management security predictions for 2024
CISOs don’t need a crystal ball – they already know that 2024 will be another tough year, especially with AI at everyone’s mind. Instead of playing catch-up regarding …
Microsoft ICSpector: A leap forward in industrial PLC metadata analysis
Microsoft ICSpector is an open-source forensics framework that enables the analysis of industrial PLC metadata and project files. Architecture The framework provides …
Featured news
Resources
Don't miss
- Is your password manager truly GDPR compliant?
- 7-Zip vulnerability is being actively exploited, NHS England warns (CVE-2025-11001)
- Exam prep hacked: Study tips and tricks that really work
- Stealth-patched FortiWeb vulnerability under active exploitation (CVE-2025-58034)
- Threat group reroutes software updates through hacked network gear