GuardZoo spyware used by Houthis to target military personnel
Lookout discovered GuardZoo, Android spyware targeting Middle Eastern military personnel. This campaign leverages malicious apps with military and religious themes to lure …
Critical vulnerability in the RADIUS protocol leaves networking equipment open to attack
A new critical security vulnerability in the RADIUS protocol, dubbed BlastRADIUS (CVE-2024-3596), leaves most networking equipment open to Man-in-the-Middle (MitM) attacks. …
Chinese APT40 group swifly leverages public PoC exploits
Chinese state-sponsored cyber group APT40 is amazingly fast at adapting public proof-of-concept (PoC) exploits for vulnerabilities in widely used software, an advisory …
Microsoft’s cybersecurity dilemma: An open letter to Satya Nadella
Microsoft is suffering cybersecurity failures due to systemic problems with strategic leadership. The world is witnessing an alarming trend of cybersecurity issues with …
Exploring the root causes of the cybersecurity skills gap
In this Help Net Security interview, Koma Gandy, VP of Leadership and Business at Skillsoft, addresses the critical aspects of the cybersecurity skills gap, the need for …
Shadow engineering exposed: Addressing the risks of unauthorized engineering practices
Shadow engineering is present in many organizations, and it can lead to security, compliance, and risk challenges. In this Help Net Security video, Darren Meyer, Staff …
TeamViewer: Network segmentation hobbled Midnight Blizzard’s attack
TeamViewer, the company developing the popular remote access/control software with the same name, has finished the investigation into the breach it detected in late June 2024, …
Decryptor for DoNex, Muse, DarkRace, (fake) LockBit 3.0 ransomware released
A cryptographic weakness in the DoNex ransomware and its previous incarnations – Muse, fake LockBit 3.0, and DarkRace – has allowed Avast researchers to create a …
July 2024 Patch Tuesday forecast: The end of an AV giant in the US
July 2024 Patch Tuesday is now live: Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112) The US celebrated Independence Day last week, …
How nation-state cyber attacks disrupt public services and undermine citizen trust
In this Help Net Security interview, Rob Greer, VP and GM of the Enterprise Security Group at Broadcom, discusses the impact of nation-state cyber attacks on public sector …
Monocle: Open-source LLM for binary analysis search
Monocle is open-source tooling backed by a large language model (LLM) for performing natural language searches against compiled target binaries. Monocle can be provided with a …
Organizations change recruitment strategies to find cyber talent
An estimated 4 million professionals are needed to fill the growing cybersecurity workforce gap, according to Fortinet. At the same time, Fortinet’s 2024 Global …