Microsoft patches two zero-days exploited by attackers (CVE-2024-21412, CVE-2024-21351)
On February 2024 Patch Tuesday, Microsoft has delivered fixes for 72 CVE-numbered vulnerabilities, including two zero-days (CVE-2024-21412, CVE-2024-21351) that are being …
Global malicious activity targeting elections is skyrocketing
With more voters than ever in history heading to the polls in 2024, Resecurity has identified a growing trend of malicious cyber-activity targeting sovereign elections …
Attackers injected novel DSLog backdoor into 670 vulnerable Ivanti devices (CVE-2024-21893)
Hackers are actively exploiting a vulnerability (CVE-2024-21893) in Ivanti Connect Secure, Policy Secure and Neurons for ZTA to inject a “previously unknown and …
Roundcube webmail XSS vulnerability exploited by attackers (CVE-2023-43770)
CVE-2023-43770, a vulnerability in the Roundcube webmail software that has been fixed in September 2023, is being exploited by attackers in the wild, CISA has warned by adding …
The future of cybersecurity: Anticipating changes with data analytics and automation
In this Help Net Security interview, Mick Baccio, Staff Security Strategist at Splunk SURGe, discusses the future of cybersecurity, emphasizing the importance of data …
Protecting against AI-enhanced email threats
Generative AI based on large language models (LLMs) has become a valuable tool for individuals and businesses, but also cybercriminals. Its ability to process large amounts of …
Product showcase: SearchInform Risk Monitor – next-gen DLP based insider threat mitigation platform
Basically, DLP systems are aimed at prevention of data leaks, and in real-life mode they monitor and block (if required) transmitting of confidential data. However, the …
QR code attacks target organizations in ways they least expect
QR code attacks, or “quishing” attacks, have emerged as a popular tactic among cybercriminals, with no signs of slowing down, according to Abnormal Security. Although phishing …
Critical Fortinet FortiOS flaw exploited in the wild (CVE-2024-21762)
Fortinet has patched critical remote code execution vulnerabilities in FortiOS (CVE-2024-21762, CVE-2024-23313), one of which is “potentially” being exploited in …
Decryptor for Rhysida ransomware is available!
Files encrypted by Rhysida ransomware can be successfully decrypted, due to a implementation vulnerability discovered by Korean researchers and leveraged to create a …
Integrating cybersecurity into vehicle design and manufacturing
In this Help Net Security interview, Yaron Edan, CISO at REE Automotive, discusses the cybersecurity landscape of the automotive industry, mainly focusing on electric and …
Ransomware tactics evolve, become scrappier
As we enter 2024, ransomware remains the most significant cyberthreat facing businesses, according to Malwarebytes. Malwarebytes reveals that the United States accounted for …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?