Category: HelpnetSecurity

07
Feb
2025

Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys

A ViewState code injection attack spotted by Microsoft threat researchers in December 2024 could be easily replicated by other attackers,…

Share: X : Attackers compromise IIS servers by leveraging exposed ASP.NET machine keysFacebook : Attackers compromise IIS servers by leveraging exposed ASP.NET machine keysLinkedin : Attackers compromise IIS servers by leveraging exposed ASP.NET machine keysReddit : Attackers compromise IIS servers by leveraging exposed ASP.NET machine keysTelegram : Attackers compromise IIS servers by leveraging exposed ASP.NET machine keysWhatsApp : Attackers compromise IIS servers by leveraging exposed ASP.NET machine keysEmail : Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys
07
Feb
2025

Self-sovereign identity could transform fraud prevention, but…

The way we manage digital identity is fundamentally broken. The root of the problem lies in traditional, centralized identity models,…

Share: X : Self-sovereign identity could transform fraud prevention, but…Facebook : Self-sovereign identity could transform fraud prevention, but…Linkedin : Self-sovereign identity could transform fraud prevention, but…Reddit : Self-sovereign identity could transform fraud prevention, but…Telegram : Self-sovereign identity could transform fraud prevention, but…WhatsApp : Self-sovereign identity could transform fraud prevention, but…Email : Self-sovereign identity could transform fraud prevention, but…
07
Feb
2025

Ghidra 11.3 released: New features, performance improvements, bug fixes

NSA’s Research Directorate released version 11.3 of Ghidra, an open-source software reverse engineering (SRE) framework. It offers advanced analysis tools,…

Share: X : Ghidra 11.3 released: New features, performance improvements, bug fixesFacebook : Ghidra 11.3 released: New features, performance improvements, bug fixesLinkedin : Ghidra 11.3 released: New features, performance improvements, bug fixesReddit : Ghidra 11.3 released: New features, performance improvements, bug fixesTelegram : Ghidra 11.3 released: New features, performance improvements, bug fixesWhatsApp : Ghidra 11.3 released: New features, performance improvements, bug fixesEmail : Ghidra 11.3 released: New features, performance improvements, bug fixes
07
Feb
2025

Infosec pros struggle under growing compliance

The implementation of new regulatory measures that impact the UK, EU, and beyond are driving organizations to enhance vigilance in…

Share: X : Infosec pros struggle under growing complianceFacebook : Infosec pros struggle under growing complianceLinkedin : Infosec pros struggle under growing complianceReddit : Infosec pros struggle under growing complianceTelegram : Infosec pros struggle under growing complianceWhatsApp : Infosec pros struggle under growing complianceEmail : Infosec pros struggle under growing compliance
07
Feb
2025

Overconfident execs are making their companies vulnerable to fraud

Cyber fraud (which includes activity such as hacking, deepfakes, voice cloning and highly sophisticated phishing schemes) rose by 14% year…

Share: X : Overconfident execs are making their companies vulnerable to fraudFacebook : Overconfident execs are making their companies vulnerable to fraudLinkedin : Overconfident execs are making their companies vulnerable to fraudReddit : Overconfident execs are making their companies vulnerable to fraudTelegram : Overconfident execs are making their companies vulnerable to fraudWhatsApp : Overconfident execs are making their companies vulnerable to fraudEmail : Overconfident execs are making their companies vulnerable to fraud
07
Feb
2025

New infosec products of the week: February 7, 2025

Here’s a look at the most interesting products from the past week, featuring releases from Dynatrace, Nymi, Qualys, SafeBreach, and…

Share: X : New infosec products of the week: February 7, 2025Facebook : New infosec products of the week: February 7, 2025Linkedin : New infosec products of the week: February 7, 2025Reddit : New infosec products of the week: February 7, 2025Telegram : New infosec products of the week: February 7, 2025WhatsApp : New infosec products of the week: February 7, 2025Email : New infosec products of the week: February 7, 2025
06
Feb
2025

Ransomware payments plummet as more victims refuse to pay

Chainalysis’ latest report on how the ransomware landscape changed from 2023 to 2024 shows a promising trend: An increasing number…

Share: X : Ransomware payments plummet as more victims refuse to payFacebook : Ransomware payments plummet as more victims refuse to payLinkedin : Ransomware payments plummet as more victims refuse to payReddit : Ransomware payments plummet as more victims refuse to payTelegram : Ransomware payments plummet as more victims refuse to payWhatsApp : Ransomware payments plummet as more victims refuse to payEmail : Ransomware payments plummet as more victims refuse to pay
06
Feb
2025

How to customize Safari for private browsing on iOS

Apple’s Safari browser includes several features aimed at enhancing privacy while browsing the web. Two of the most notable privacy…

Share: X : How to customize Safari for private browsing on iOSFacebook : How to customize Safari for private browsing on iOSLinkedin : How to customize Safari for private browsing on iOSReddit : How to customize Safari for private browsing on iOSTelegram : How to customize Safari for private browsing on iOSWhatsApp : How to customize Safari for private browsing on iOSEmail : How to customize Safari for private browsing on iOS
06
Feb
2025

The overlooked risks of poor data hygiene in AI-driven organizations

In this Help Net Security interview, Oliver Friedrichs, CEO at Pangea, discusses why strong data hygiene is more important than…

Share: X : The overlooked risks of poor data hygiene in AI-driven organizationsFacebook : The overlooked risks of poor data hygiene in AI-driven organizationsLinkedin : The overlooked risks of poor data hygiene in AI-driven organizationsReddit : The overlooked risks of poor data hygiene in AI-driven organizationsTelegram : The overlooked risks of poor data hygiene in AI-driven organizationsWhatsApp : The overlooked risks of poor data hygiene in AI-driven organizationsEmail : The overlooked risks of poor data hygiene in AI-driven organizations
06
Feb
2025

Enterprises invest heavily in AI-powered solutions

AI is driving significant changes in attack sources, with 88% of enterprises observing an increase in AI-powered bot attacks in…

Share: X : Enterprises invest heavily in AI-powered solutionsFacebook : Enterprises invest heavily in AI-powered solutionsLinkedin : Enterprises invest heavily in AI-powered solutionsReddit : Enterprises invest heavily in AI-powered solutionsTelegram : Enterprises invest heavily in AI-powered solutionsWhatsApp : Enterprises invest heavily in AI-powered solutionsEmail : Enterprises invest heavily in AI-powered solutions
05
Feb
2025

Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968)

XE Group, a cybercriminal outfit that has been active for over a decade, has been quietly exploiting zero-day vulnerabilities (CVE-2025-25181,…

Share: X : Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968)Facebook : Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968)Linkedin : Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968)Reddit : Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968)Telegram : Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968)WhatsApp : Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968)Email : Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968)
05
Feb
2025

SafeBreach exposure validation platform identifies security gaps

SafeBreach launched SafeBreach exposure validation platform, which combines the power of its time-tested breach and attack simulation (BAS) product—now called…

Share: X : SafeBreach exposure validation platform identifies security gapsFacebook : SafeBreach exposure validation platform identifies security gapsLinkedin : SafeBreach exposure validation platform identifies security gapsReddit : SafeBreach exposure validation platform identifies security gapsTelegram : SafeBreach exposure validation platform identifies security gapsWhatsApp : SafeBreach exposure validation platform identifies security gapsEmail : SafeBreach exposure validation platform identifies security gaps