Category: HelpnetSecurity

06
Jul
2025

Week in review: Sudo local privilege escalation flaws fixed, Google patches actively exploited Chrome

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Sudo local privilege escalation vulnerabilities…

Share: X : Week in review: Sudo local privilege escalation flaws fixed, Google patches actively exploited ChromeFacebook : Week in review: Sudo local privilege escalation flaws fixed, Google patches actively exploited ChromeLinkedin : Week in review: Sudo local privilege escalation flaws fixed, Google patches actively exploited ChromeReddit : Week in review: Sudo local privilege escalation flaws fixed, Google patches actively exploited ChromeTelegram : Week in review: Sudo local privilege escalation flaws fixed, Google patches actively exploited ChromeWhatsApp : Week in review: Sudo local privilege escalation flaws fixed, Google patches actively exploited ChromeEmail : Week in review: Sudo local privilege escalation flaws fixed, Google patches actively exploited Chrome
04
Jul
2025

NTLM relay attacks are back from the dead

NTLM relay attacks are the easiest way for an attacker to compromise domain-joined hosts. While many security practitioners think NTLM…

Share: X : NTLM relay attacks are back from the deadFacebook : NTLM relay attacks are back from the deadLinkedin : NTLM relay attacks are back from the deadReddit : NTLM relay attacks are back from the deadTelegram : NTLM relay attacks are back from the deadWhatsApp : NTLM relay attacks are back from the deadEmail : NTLM relay attacks are back from the dead
04
Jul
2025

Internet outages are costing companies millions every month

To ensure resilience across the internet stack, organizations need to protect and manage four key areas: reachability, availability, reliability, and…

Share: X : Internet outages are costing companies millions every monthFacebook : Internet outages are costing companies millions every monthLinkedin : Internet outages are costing companies millions every monthReddit : Internet outages are costing companies millions every monthTelegram : Internet outages are costing companies millions every monthWhatsApp : Internet outages are costing companies millions every monthEmail : Internet outages are costing companies millions every month
04
Jul
2025

Exposed and unaware? Smart buildings need smarter risk controls

75% of organizations have building management systems (BMS) affected by known exploited vulnerabilities (KEVs), according to Claroty. Threats to building…

Share: X : Exposed and unaware? Smart buildings need smarter risk controlsFacebook : Exposed and unaware? Smart buildings need smarter risk controlsLinkedin : Exposed and unaware? Smart buildings need smarter risk controlsReddit : Exposed and unaware? Smart buildings need smarter risk controlsTelegram : Exposed and unaware? Smart buildings need smarter risk controlsWhatsApp : Exposed and unaware? Smart buildings need smarter risk controlsEmail : Exposed and unaware? Smart buildings need smarter risk controls
04
Jul
2025

New infosec products of the week: July 4, 2025

Here’s a look at the most interesting products from the past week, featuring releases from DigitalOcean, Scamnetic, StealthCores, and Tracer…

Share: X : New infosec products of the week: July 4, 2025Facebook : New infosec products of the week: July 4, 2025Linkedin : New infosec products of the week: July 4, 2025Reddit : New infosec products of the week: July 4, 2025Telegram : New infosec products of the week: July 4, 2025WhatsApp : New infosec products of the week: July 4, 2025Email : New infosec products of the week: July 4, 2025
03
Jul
2025

Google open-sources privacy tech for age verification

Age verification is becoming more common across websites and online services. But many current methods require users to share personal…

Share: X : Google open-sources privacy tech for age verificationFacebook : Google open-sources privacy tech for age verificationLinkedin : Google open-sources privacy tech for age verificationReddit : Google open-sources privacy tech for age verificationTelegram : Google open-sources privacy tech for age verificationWhatsApp : Google open-sources privacy tech for age verificationEmail : Google open-sources privacy tech for age verification
03
Jul
2025

You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad code

Popular AI chatbots powered by large language models (LLMs) often fail to provide accurate information on any topic, but researchers…

Share: X : You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad codeFacebook : You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad codeLinkedin : You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad codeReddit : You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad codeTelegram : You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad codeWhatsApp : You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad codeEmail : You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad code
03
Jul
2025

Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)

Cisco has found a backdoor account in yet another of its software solutions: CVE-2025-20309, stemming from default credentials for the…

Share: X : Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)Facebook : Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)Linkedin : Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)Reddit : Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)Telegram : Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)WhatsApp : Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)Email : Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)
03
Jul
2025

90% aren’t ready for AI attacks, are you?

As AI reshapes business, 90% of organizations are not adequately prepared to secure their AI-driven future, according to a new…

Share: X : 90% aren’t ready for AI attacks, are you?Facebook : 90% aren’t ready for AI attacks, are you?Linkedin : 90% aren’t ready for AI attacks, are you?Reddit : 90% aren’t ready for AI attacks, are you?Telegram : 90% aren’t ready for AI attacks, are you?WhatsApp : 90% aren’t ready for AI attacks, are you?Email : 90% aren’t ready for AI attacks, are you?
03
Jul
2025

Healthcare CISOs must secure more than what’s regulated

In this Help Net Security interview, Henry Jiang, CISO at Ensora Health, discusses what it really takes to make DevSecOps…

Share: X : Healthcare CISOs must secure more than what’s regulatedFacebook : Healthcare CISOs must secure more than what’s regulatedLinkedin : Healthcare CISOs must secure more than what’s regulatedReddit : Healthcare CISOs must secure more than what’s regulatedTelegram : Healthcare CISOs must secure more than what’s regulatedWhatsApp : Healthcare CISOs must secure more than what’s regulatedEmail : Healthcare CISOs must secure more than what’s regulated
03
Jul
2025

StealthMACsec strengthens Ethernet network security

StealthCores launched StealthMACsec, a comprehensive IEEE 802.1AE compliant MACsec engine that brings advanced side-channel countermeasures to Ethernet network security. Building…

Share: X : StealthMACsec strengthens Ethernet network securityFacebook : StealthMACsec strengthens Ethernet network securityLinkedin : StealthMACsec strengthens Ethernet network securityReddit : StealthMACsec strengthens Ethernet network securityTelegram : StealthMACsec strengthens Ethernet network securityWhatsApp : StealthMACsec strengthens Ethernet network securityEmail : StealthMACsec strengthens Ethernet network security
03
Jul
2025

GitPhish: Open-source GitHub device code flow security assessment tool

GitPhish is an open-source security research tool built to replicate GitHub’s device code authentication flow. It features three core operating…

Share: X : GitPhish: Open-source GitHub device code flow security assessment toolFacebook : GitPhish: Open-source GitHub device code flow security assessment toolLinkedin : GitPhish: Open-source GitHub device code flow security assessment toolReddit : GitPhish: Open-source GitHub device code flow security assessment toolTelegram : GitPhish: Open-source GitHub device code flow security assessment toolWhatsApp : GitPhish: Open-source GitHub device code flow security assessment toolEmail : GitPhish: Open-source GitHub device code flow security assessment tool