Attackers deploying red teaming tool for EDR evasion
Threat actors are leveraging the open-source EDRSilencer tool to evade endpoint detection and response systems, Trend Micro researchers have noticed. About EDRSilencer The …
87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113)
Last week, CISA added CVE-2024-23113 – a critical vulnerability that allows unauthenticated remote code/command execution on unpatched Fortinet FortiGate firewalls …
The NHI management challenge: When employees leave
An employee is exiting your organization. Regardless of the terms of departure, an ex-staffer has the potential when they leave or change roles to impact a wide range of …
How nation-states exploit political instability to launch cyber operations
In this Help Net Security interview, Ismael Valenzuela, Vice President of Threat Research & Intelligence at BlackBerry, discusses the impact of geopolitical tensions on …
Data breaches trigger increase in cyber insurance claims
Cyber claims have continued their upwards trend over the past year, driven in large part by a rise in data and privacy breach incidents, according to Allianz. Cyber claims …
How to create verification codes in Apple Passwords app
Starting with iOS 18, iPadOS 18, macOS Sequoia, and visionOS 2, the Apple Passwords app enables you to manage your passwords, passkeys, and verification codes. For websites …
The quantum dilemma: Game-changer or game-ender
If someone told you five years ago that you could pose questions to an AI agent about the most vexing issues in science and it could answer back swiftly and meaningfully, you …
CISOs’ strategies for managing a growing attack surface
In this Help Net Security interview, Rickard Carlsson, CEO at Detectify, discusses the evolution of attack surface management in the context of remote work and digital …
CISSP and CompTIA Security+ lead as most desired security credentials
33.9% of tech professionals report a shortage of AI security skills, particularly around emerging vulnerabilities like prompt injection, according to O’Reilly. This highlights …
CIOs want a platform that combines AI, networking, and security
While AI has captured the attention of the technology industry, the majority of CIOs and senior IT leaders are primarily focused on the convergence of networking and security, …
Breaking down the numbers: Q3 2024 cybersecurity funding activity recap
We present a list of selected cybersecurity companies that received funding during the third quarter of 2024 (Q3 2024). Apono October | 15.5 million Apono has raised $15.5 …
Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, …
Featured news
Resources
Don't miss
- Hawk Eye: Open-source scanner uncovers secrets and PII across platforms
- The Zoom attack you didn’t see coming
- Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035)
- The UK’s phone theft crisis is a wake-up call for digital security
- Securing digital products under the Cyber Resilience Act