Category: HelpnetSecurity

Lazarus exploit Log4Shell vulnerability to deliver novel RAT malware
12
Dec
2023

Lazarus exploit Log4Shell vulnerability to deliver novel RAT malware

North Korea-backed group Lazarus has been spotted exploiting the Log4Shell vulnerability (CVE-2021-44228) and novel malware written in DLang (i.e., the…

Recruiters, beware of cybercrooks posing as job applicants!
12
Dec
2023

Recruiters, beware of cybercrooks posing as job applicants!

Recruiters are being targeted via spear-phishing emails sent by cybercrooks impersonating job applicants, Proofpoint researchers are warning. “The tone and…

"Pool Party" process injection techniques evade EDRs
12
Dec
2023

“Pool Party” process injection techniques evade EDRs

SafeBreach researchers have discovered eight new process injection techniques that can be used to covertly execute malicious code on Windows…

Many popular websites still cling to password creation policies from 1985
12
Dec
2023

Many popular websites still cling to password creation policies from 1985

A significant number of popular websites still allow users to choose weak or even single-character passwords, researchers at Georgia Institute…

eIDAS: EU’s internet reforms will undermine a decade of advances in online security
12
Dec
2023

eIDAS: EU’s internet reforms will undermine a decade of advances in online security

The European Union’s attempt to reform its electronic identification and trust services – a package of laws better known as…

Balancing AI advantages and risks in cybersecurity strategies
12
Dec
2023

Balancing AI advantages and risks in cybersecurity strategies

In this Help Net Security interview, Matt Holland, CEO of Field Effect, discusses achieving a balance for businesses between the…

Nemesis: Open-source offensive data enrichment and analytic pipeline
12
Dec
2023

Nemesis: Open-source offensive data enrichment and analytic pipeline

Nemesis is a centralized data processing platform that ingests, enriches, and performs analytics on offensive security assessment data (i.e., data…

WhatsApp, Slack, Teams, and other messaging platforms face constant security risks
12
Dec
2023

WhatsApp, Slack, Teams, and other messaging platforms face constant security risks

42% of businesses report employees with BYOD devices in business settings that use tools like WhatsApp have led to new…

Kubescape open-source project adds Vulnerability Exploitability eXchange (VEX) support
11
Dec
2023

Kubescape open-source project adds Vulnerability Exploitability eXchange (VEX) support

With its innovative feature for generating reliable Vulnerability Exploitability eXchange (VEX) documents, Kubescape became the first open-source project to provide…

Why are IT professionals not automating?
11
Dec
2023

Why are IT professionals not automating?

As an IT professional, you understand the value of automation, and like many IT experts, you may approach it with…

SCS 9001 2.0 reveals enhanced controls for global supply chains
11
Dec
2023

SCS 9001 2.0 reveals enhanced controls for global supply chains

In this Help Net Security interview, Mike Regan, VP of Business Performance at TIA, discusses SCS 9001 Release 2.0, a…

Cybercriminals continue targeting open remote access products
11
Dec
2023

Cybercriminals continue targeting open remote access products

Cybercriminals still prefer targeting open remote access products, or like to leverage legitimate remote access tools to hide their malicious…