Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.

News

week in review
Week in review: Windows Event Log zero-day, exploited critical Jenkins RCE flaw

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Prioritizing cybercrime intelligence for effective decision-making in …

New infosec products of the week
New infosec products of the week: February 2, 2024

Here’s a look at the most interesting products from the past week, featuring releases from BackBox, ProcessUnity, SentinelOne, and Vade. ProcessUnity unveils all-in-one …

Roland Palmer
NIS2 Directive raises stakes for security leaders

In this Help Net Security interview, Roland Palmer, VP Global Operations Center at Sumo Logic, discusses key challenges and innovations of the NIS2 Directive, aiming to …

DDoS
DDoS attack power skyrockets to 1.6 Tbps

DDoS attack trends for the second half of 2023 reveal alarming developments in their scale and sophistication, according to Gcore. The maximum attack power rose from 800 Gbps …

laptop
Crowdsourced security is not just for tech companies anymore

There is a misconception that only software and technology companies leverage crowdsourced security. However, data contradicts this belief. Companies across various sectors …

ENISA
EU adopts first cybersecurity certification scheme for safer tech

The European Commission adopted the implementing regulation concerning the EU cybersecurity certification scheme on Common Criteria (EUCC). The outcome aligns with the …

fire
Malicious logins from suspicious infrastructure fuel identity-based incidents

69% of identity-based incidents involved malicious logins from suspicious infrastructure, which are hosting providers or proxies that aren’t expected for a user or …

botnet
FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities

The FritzFrog cryptomining botnet has new potential for growth: a recently analyzed variant of the bot is exploiting the Log4Shell (CVE-2021-44228) and PwnKit (CVE-2021-4034) …

botnet
FBI disrupts Chinese botnet used for targeting US critical infrastructure

The FBI has disrupted the KV botnet, used by People’s Republic of China (PRC) state-sponsored hackers (aka “Volt Typhoon”) to target US-based critical …

USB
Threat actor used Vimeo, Ars Technica to serve second-stage malware

A financially motivated threat actor tracked as UNC4990 is using booby-trapped USB storage devices and malicious payloads hosted on popular websites such as Ars Technica, …

zero trust
Zero trust implementation: Plan, then execute, one step at a time

82% of cybersecurity professionals have been working on implementing zero trust last year, and 16% should be on it by the end of this year. The challenges of zero trust …

Isaac Evans
Custom rules in security tools can be a game changer for vulnerability detection

In this Help Net interview, Isaac Evans, CEO at Semgrep, discusses the balance between speed and thoroughness in CI/CD pipeline security scanning. Stressing the need to avoid …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools