Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.

News

shield
How defense contractors can move from cybersecurity to cyber resilience

As the world’s most powerful military and economic power, the United States also holds another, less impressive distinction: Cyber threat actors target the US more than any …

skull
Cybercriminals use legitimate websites to obfuscate malicious payloads

According to Egress, the evolving attack methodologies currently used by cybercriminals are designed to get through traditional perimeter security. “The evolution of phishing …

IT professional
Despite cutbacks, IT salaries expected to rise

Despite rising labor costs, economic inflation, and companies making an effort to cut back, the salary outlook for IT professionals is positive, according to InformationWeek. …

Progress MOVEit
Critical zero-day vulnerability in MOVEit Transfer exploited by attackers!

UPDATE (June 2, 2023, 05:55 a.m. ET): Check out our update on this evolving situation. A critical zero-day vulnerability in Progress Software’s enterprise managed file …

Google Drive
Threat actors can exfiltrate data from Google Drive without leaving a trace

Google Workspace (formerly G Suite) has a weak spot that can prevent the discovery of data exfiltration from Google Drive by a malicious outsider or insider, Mitiga …

Zyxel
Zyxel firewalls under attack by Mirai-like botnet

CVE-2023-28771, the critical command injection vulnerability affecting many Zyxel firewalls, is being actively exploited by a Mirai-like botnet, and has been added to …

cloud
Why organizations should adopt a cloud cybersecurity framework

The cloud is the future of enterprise architecture. It’s economical (to a degree), it’s scalable, it’s flexible and – best of all – it’s someone else’s …

Jay Chaudhry
Navigating cybersecurity in the age of remote work

In this Help Net Security interview, Jay Chaudhry, CEO at Zscaler, talks about connecting and securing remote employees and their devices to access organizational resources …

phishing kits
Phishing campaigns thrive as evasive tactics outsmart conventional detection

A 25% increase in the use of phishing kits has been recorded in 2022, according to Group-IB. The key phishing trends observed are the increasing use of access control and …

Infosec products of the month
Infosec products of the month: May 2023

Here’s a look at the most interesting products from the past month, featuring releases from: Aqua Security, Axiado, Bitwarden, Cloudflare, ComplyAdvantage, Dashlane, Delinea, …

Apache NiFi
Someone is roping Apache NiFi servers into a cryptomining botnet

If you’re running an Apache NiFi instance exposed on the internet and you have not secured access to it, the underlying host may already be covertly cryptomining on …

Zyxel NAS542
Zyxel patches vulnerability in NAS devices (CVE-2023-27988)

Zyxel has patched a high-severity authenticated command injection vulnerability (CVE-2023-27988) in some of its network attached storage (NAS) devices aimed at home users. …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools