US charges five alleged members of Scattered Spider gang
Law enforcement unsealed criminal charges against five alleged members of Scattered Spider, who allegedly targeted employees of companies nationwide with phishing text messages and then…
Category: HelpnetSecurity
Active network of North Korean IT front companies exposed
An analysis of the websites belonging to companies that served as a front for getting North Korean IT workers remote jobs with businesses worldwide has…
2,000 Palo Alto Networks devices compromised in latest attacks
Attackers have compromised around 2,000 Palo Alto Networks firewalls by leveraging the two recently patched zero-days (CVE-2024-0012 and CVE-2024-9474), Shadowserver Foundation’s internet-wide scanning has revealed.…
Researchers unearth two previously unknown Linux backdoors
ESET researchers have identified multiple samples of two previously unknown Linux backdoors: WolfsBane and FireWood. The goal of the backdoors and tools discovered is cyberespionage…
HiddenLayer Automated Red Teaming prevents malicious manipulation of AI models
HiddenLayer launched Automated Red Teaming solution for artificial intelligence, a transformative tool that enables security teams to rapidly and thoroughly assess generative AI system vulnerabilities.…
Ukrainian cyberwar experience becomes blueprint for TRYZUB cyber training service
The Computer Emergency Response Team of Ukraine (CERT-UA), part of the State Service of Special Communications and Information Protection (SSSCIP), has joined forces with the…
CWE top 25 most dangerous software weaknesses
The CWE list of the 25 most dangerous software weaknesses demonstrates the currently most common and impactful software flaws. Identifying the root causes of these…
AxoSyslog: Open-source scalable security data processor
AxoSyslog is a syslog-ng fork, created and maintained by the original creator of syslog-ng, Balazs Scheidler, and his team. “We first started by making syslog-ng…
Product showcase: Augmenting penetration testing with Plainsea
Human-led penetration testing is an essential practice for any organization seeking to proactively address potential attack vectors. However, this indispensable pentesting method is often limited…
Enhancing visibility for better security in multi-cloud and hybrid environments
In this Help Net Security interview, Brooke Motta, CEO of RAD Security, talks about how cloud-specific threats have evolved and what companies should be watching…
Full recovery from breaches takes longer than expected
In 2024, businesses reported taking an average of 7.3 months to recover from cybersecurity breaches – 25% longer than expected and over a month past…
Oracle Linux 9 Update 5 brings security updates, OpenJDK 17, .NET 9.0
Oracle Linux offers a secure, streamlined platform for deploying and managing applications across on-premises, cloud, and edge environments. Designed for demanding workloads, it includes tools…