GUI frontends for GnuPG, the free implementation of the OpenPGP standard
GnuPG is a free and comprehensive implementation of the OpenPGP standard. It enables encryption and signing of data and communications, featuring a key management system…
Category: HelpnetSecurity
Deepfakes force a new era in fraud detection, identity verification
The rise in identity fraud over the past two years has significantly impacted all industries, especially finance, banking, fintech, and crypto, according to Regula. With…
New infosec products of the week: January 24, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Bitsight, DataDome, DigitalOcean, Lookout, and XONA Systems. Lookout Mobile Intelligence…
Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw
Cisco has released patches for a critical privilege escalation vulnerability in Meeting Management (CVE-2025-20156) and a heap-based buffer overflow flaw (CVE-2025-20128) that, when triggered, could…
DigitalOcean Per-Bucket Access Keys boosts object storage security
DigitalOcean announced Per-Bucket Access Keys for DigitalOcean Spaces, its S3-compatible object storage service. This feature provides customers with identity-based, bucket-level control over access permissions, helping…
SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006)
A critical zero-day vulnerability (CVE-2025-23006) affecting SonicWall Secure Mobile Access (SMA) 1000 Series appliances is being exploited by attackers. “We strongly advises users of the…
Bitsight Instant Insights accelerates vendor risk assessments
Bitsight unveiled Instant Insights, a new offering from the Bitsight IQ suite of AI-based capabilities. The new feature leverages generative AI to analyze and summarize…
Defense strategies to counter escalating hybrid attacks
In this Help Net Security interview, Tomer Shloman, Sr. Security Researcher at Trellix, talks about attack attribution, outlines solutions for recognizing hybrid threats, and offers…
Web Cache Vulnerability Scanner: Open-source tool for detecting web cache poisoning
The Web Cache Vulnerability Scanner (WCVS) is an open-source command-line tool for detecting web cache poisoning and deception. The scanner, developed by Maximilian Hildebrand, offers…
CISOs are juggling security, responsibility, and burnout
This article gathers excerpts from multiple reports, presenting statistics and insights that may be valuable for CISOs, helping them with informed decision-making, risk management, and…
Stratoshark: Wireshark for the cloud – now available!
Stratoshark is an innovative open-source tool that brings Wireshark’s detailed network visibility to the cloud, providing users with a standardized approach to cloud observability. Stratoshark…
Mirai botnet behind the largest DDoS attack to date
Researchers have uncovered two Mirai-based botnets harnessing Internet of Things (IoT) devices to DDoS target organizations around the world. The Murdoc botnet Qualys researchers have…