Week in review: JetBrains GitHub plugin vulnerability, 20k FortiGate appliances compromised
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Users of JetBrains IDEs at risk of GitHub access token compromise …
Microsoft delays Windows Recall rollout, more security testing needed
Microsoft is delaying the release of Recall, a controversial Windows 11 feature that will allow users to search their computer for specific content that has previously been …
YetiHunter: Open-source threat hunting tool for Snowflake environments
Cloud identity protection company Permiso has created YetiHunter, a threat detection and hunting tool companies can use to query their Snowflake environments for evidence of …
Modern fraud detection need not rely on PII
Trends in online fraud detection often act as the canary in the coal mine when it comes to understanding and combating the next generation of online scams, fraud and …
The biggest downsides of digital ID adoption
As innovative digital verification methods continue to emerge, the debate around their reliability and effectiveness is heating up, according to Regula. Companies employ …
New infosec products of the week: June 14, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Acronis, Diligent, Entrust, KELA, Plainsea, and SentinelOne. Plainsea: Cybersecurity …
PHP command injection flaw exploited to deliver ransomware (CVE-2024-4577)
An OS command injection vulnerability in Windows-based PHP (CVE-2024-4577) in CGI mode is being exploited by the TellYouThePass ransomware gang. Imperva says the attacks …
Urgently needed: AI governance in cyber warfare
Artificial intelligence is quickly becoming central to societal growth. AI has great power to improve daily life, from education to healthcare, from sustainability to defense. …
How businesses can integrate token technology into existing payment systems
In this Help Net Security interview, Mark Nelsen, SVP and Global Head of Consumer Product at Visa, discusses the integration of token technology into existing payment systems. …
GenAI keeps cybersecurity pros on high alert
“Businesses across every industry face unprecedented challenges posed by an increasing attack surface, zero-day vulnerabilities, cloud misconfigurations, and new emerging …
AWS unveils new and improved security features
At its annual re:Inforce conference, Amazon Web Services (AWS) has announced new and enhanced security features and tools. Additional multi-factor authentication option To …
20,000 FortiGate appliances compromised by Chinese hackers
Coathanger – a piece of malware specifically built to persist on Fortinet’s FortiGate appliances – may still be lurking on too many devices deployed worldwide. How …