Russian threat actors using old Cisco bug to target critical infrastructure orgs
A threat group linked to the Russian Federal Security Service’s (FSB) Center 16 unit has been compromising unpatched and end-of-life Cisco networking devices via an…
Category: HelpnetSecurity
AWS Trusted Advisor flaw allowed public S3 buckets to go unflagged
AWS’s Trusted Advisor tool, which is supposed to warn customers if their (cloud) S3 storage buckets are publicly exposed, could be “tricked” into reporting them…
CISOs need to think about risks before rushing into AI
Organizations are increasing investments in cloud, AI, and emerging technologies, but their infrastructure and security strategies often lag behind. A recent Unisys survey of 1,000…
Doppel Simulation combats social engineering attacks
Doppel announced Doppel Simulation, a new product and expansion to the Doppel Vision Platform that enables organizations to redefine security awareness training and social engineering…
Using lightweight LLMs to cut incident response times and reduce hallucinations
Researchers from the University of Melbourne and Imperial College London have developed a method for using LLMs to improve incident response planning with a focus…
Fractional vs. full-time CISO: Finding the right fit for your company
In this Help Net Security interview, Nikoloz Kokhreidze, Fractional CISO at Mandos, discusses why many early- and growth-stage B2B companies hire full-time CISOs before it’s…
Product showcase: iStorage datAshur PRO+C encrypted USB flash drive
The iStorage datAshur PRO+C is a USB-C flash drive featuring AES-XTS 256-bit hardware encryption. Available in capacities from 32 GB to 512 GB, the drive…
URL-based threats become a go-to tactic for cybercriminals
Cybercriminals are using advanced social engineering and AI-generated content to make malicious URLs difficult for users to identify, according to Proofpoint. Whether through email, text…
Commvault plugs holes in backup suite that allow remote code execution
Commvault has fixed four security vulnerabilities that may allow unauthenticated attackers to compromise on-premises deployments of its flagship backup and replication suite. Technical details about…
iOS security features you should use to protect your privacy
iOS 18 comes with several privacy and security features that many iPhone users overlook. Knowing how to use them can help you protect your personal…
LudusHound: Open-source tool brings BloodHound data to life
LudusHound is an open-source tool that takes BloodHound data and uses it to set up a working Ludus Range for safe testing. It creates a…
The AI security crisis no one is preparing for
In this Help Net Security interview, Jacob Ideskog, CTO of Curity, discusses the risks AI agents pose to organizations. As these agents become embedded in…