Photos: Black Hat USA 2024 Startup City
Here’s a look inside Startup City at Black Hat USA 2024. The featured vendors are: BackBox, Cybral, DryRun Security, HackNotice, Heeler Security, Hushmesh, MobileHop, …
SSHamble: Open-source security testing of SSH services
runZero published new research on Secure Shell (SSH) exposures and unveiled a corresponding open-source tool, SSHamble. This tool helps security teams validate SSH …
Traceeshark: Open-source plugin for Wireshark
Traceeshark is a plugin for Wireshark that enables security practitioners to quickly investigate security incidents. It enhances the capabilities of Aqua Tracee, an …
How network segmentation can strengthen visibility in OT networks
What role does the firewall play in the protection of operational technology (OT) networks and systems? Many would say that it’s the defensive mechanism to protect that …
AI security 2024: Key insights for staying ahead of threats
In this Help Net Security interview, Kojin Oshiba, co-founder of Robust Intelligence, discusses his journey from academic research to addressing AI security challenges in the …
Securing against GenAI weaponization
In this Help Net Security video, Aaron Fulkerson, CEO of Opaque, discusses how the weaponization of generative AI (GenAI) has made existing data privacy practices (like …
Ransomware operators continue to innovate
Ransomware groups continue to refine their craft, building and scaling business models that resemble legitimate corporate enterprises, according to Rapid7. They market their …
Download: CIS Critical Security Controls v8.1
Version 8.1 of the CIS Critical Security Controls (CIS Controls) is an iterative update to version 8.0. It offers prescriptive, prioritized, and simplified cybersecurity best …
CrowdStrike engages external experts, details causes of massive outage
CrowdStrike has published a technical root cause analysis of what went wrong when a content update pushed to its Falcon sensors borked over 8.5 million Windows machines around …
Roundcube flaws allow easy email account compromise (CVE-2024-42009, CVE-2024-42008)
Two cross-site scripting vulnerabilities (CVE-2024-42009, CVE-2024-42008) affecting Roundcube could be exploited by attackers to steal users’ emails and contacts, email …
OpenWrt dominates, but vulnerabilities persist in OT/IoT router firmware
Forescout has published a new report examining the current state of the software supply chain in OT/IoT routers. The study uncovered that OT and IoT cellular routers and those …
Sports venues must vet their vendors to maintain security
Sporting events generate a lot of consumer activity, from hotels and restaurants to retail. Large sporting events are held together by webs of connectivity that include …