Please turn on your JavaScript for this page to function normally.
One Identity
Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488)

Researchers have released technical details about CVE-2024-45488, a critical authentication bypass vulnerability affecting One Identity’s Safeguard for Privileged …

FBI
FBI forced Flax Typhoon to abandon its botnet

A botnet operated by the Chinese state-sponsored threat actor known as Flax Typhoon has been disrupted by the law enforcement agency and abandoned by the group, FBI Director …

identity
Differential privacy in AI: A solution creating more problems for developers?

In the push for secure AI models, many organizations have turned to differential privacy. But is the very tool meant to protect user data holding back innovation? Developers …

digital wallet
How digital wallets work, and best practices to use them safely

With the adoption of digital wallets and the increasing embedding of consumer digital payments into daily life, ensuring security measures is essential. According to a …

Alex Spivakovsky
Essential metrics for effective security program assessment

In this Help Net Security interview, Alex Spivakovsky, VP of Research & Cybersecurity at Pentera, discusses essential metrics for evaluating the success of security …

lock
Data disposal and cyber hygiene: Building a culture of security within your organization

Data breach episodes have been constantly rising with the number of data breach victims crossing 1 billion in the first half of 2024. A recent Data Breach Report 2023 by …

GenAI
Security leaders consider banning AI coding due to security risks

92% of security leaders have concerns about the use of AI-generated code within their organization, according to Venafi. Tension between security and developer teams 83% of …

Foundation Software
Hackers breaching construction firms via specialized accounting software

Firms in the construction industry are getting breached by hackers via internet-exposed servers running Foundation accounting software, Huntress researchers are warning. …

Op Kraken arrest
Ghost: Criminal communication platform compromised, dismantled by international law enforcement

Another encrypted communication platform used by criminals has been dismantled and its alleged mastermind arrested, the Australian Federal Police has announced on Tuesday. …

vmware
Critical VMware vCenter Server bugs fixed (CVE-2024-38812)

Broadcom has released fixes for two vulnerabilities affecting VMware vCenter Server that can be triggered by sending a specially crafted network packet, and could lead to …

CrowdSec
CrowdSec: Open-source security solution offering crowdsourced protection

Crowdsec is an open-source solution that offers crowdsourced protection against malicious IPs. CrowdSec features For this project, the developers have two objectives: Provide …

Henrik Plate
Detecting vulnerable code in software dependencies is more complex than it seems

In this Help Net Security interview, Henrik Plate, CISSP, security researcher, Endor Labs, discusses the complexities AppSec teams face in identifying vulnerabilities within …

Don't miss

Cybersecurity news