PHP command injection flaw exploited to deliver ransomware (CVE-2024-4577)
An OS command injection vulnerability in Windows-based PHP (CVE-2024-4577) in CGI mode is being exploited by the TellYouThePass ransomware gang. Imperva says the attacks …
Urgently needed: AI governance in cyber warfare
Artificial intelligence is quickly becoming central to societal growth. AI has great power to improve daily life, from education to healthcare, from sustainability to defense. …
How businesses can integrate token technology into existing payment systems
In this Help Net Security interview, Mark Nelsen, SVP and Global Head of Consumer Product at Visa, discusses the integration of token technology into existing payment systems. …
GenAI keeps cybersecurity pros on high alert
“Businesses across every industry face unprecedented challenges posed by an increasing attack surface, zero-day vulnerabilities, cloud misconfigurations, and new emerging …
AWS unveils new and improved security features
At its annual re:Inforce conference, Amazon Web Services (AWS) has announced new and enhanced security features and tools. Additional multi-factor authentication option To …
20,000 FortiGate appliances compromised by Chinese hackers
Coathanger – a piece of malware specifically built to persist on Fortinet’s FortiGate appliances – may still be lurking on too many devices deployed worldwide. How …
Major cybersecurity upgrades announced to safeguard American healthcare
Recent cyberattacks targeting the nation’s healthcare system have demonstrated the vulnerability of hospitals and payment systems. Providers across the health system had to …
Microsoft launches cybersecurity program to tackle attacks, protect rural hospitals
Microsoft has unveiled a new cybersecurity program to support hospitals serving more than 60 million people living in rural America. In 2023, the healthcare sector reported …
Open-source security in AI
New AI products are coming onto the market faster than we have seen in any previous technology revolution. Companies’ free access and right to use open source in AI software …
Security and privacy strategies for CISOs in a mobile-first world
In this Help Net Security interview, Jim Dolce, CEO at Lookout, discusses securing mobile devices to mitigate escalating cloud threats. He emphasizes that organizations must …
Cybersecurity jobs available right now: June 12, 2024
Some of the jobs listed here are no longer accepting applications. For a fresh list of open cybersecurity jobs, go here. Cloud Security Engineer Metacore | Germany | Hybrid …
Microsoft fixes RCE vulnerabilities in MSMQ, Outlook (CVE-2024-30080, CVE-2024-30103)
June 2024 Patch Tuesday is here and Microsoft has delivered fixes for a critical MSMQ flaw (CVE-2024-30080) and a RCE vulnerability in Microsoft Outlook (CVE-2024-30103). 49 …