Category: HelpnetSecurity

Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991)
18
Jul
2024

Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991)

A recently fixed vulnerability (CVE-2024-36991) affecting Splunk Enterprise on Windows “is more severe than it initially appeared,” according to SonicWall’s…

eBook: How CISSP turns career goals into reality
18
Jul
2024

eBook: How CISSP turns career goals into reality

CISSP carries clout. As the world’s leading cybersecurity certification, it opens many professional opportunities worldwide. Find out what led 14…

Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419)
18
Jul
2024

Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419)

Cisco has fixed two critical vulnerabilities that may allow attackers to overwrite files on its Secure Email Gateways (CVE-2024-20401) and…

Fighting AI-powered synthetic ID fraud with AI
18
Jul
2024

Fighting AI-powered synthetic ID fraud with AI

Aided by the emergence of generative artificial intelligence models, synthetic identity fraud has skyrocketed, and now accounts for a staggering…

Laying the groundwork for zero trust in the military
18
Jul
2024

Laying the groundwork for zero trust in the military

In this Help Net Security interview, Curtis Arnold, VP and Chief Scientist at Core4ce, discusses the starting points for military…

Grype: Open-source vulnerability scanner for container images, filesystems
18
Jul
2024

Grype: Open-source vulnerability scanner for container images, filesystems

Grype is an open-source vulnerability scanner designed for container images and filesystems that seamlessly integrates with Syft, a powerful Software…

Appgate launches Malware Analysis Service to safeguard enterprises and government agencies
17
Jul
2024

Appgate launches Malware Analysis Service to safeguard enterprises and government agencies

Appgate has unveiled its new Malware Analysis Service that mitigates cyberthreats for enterprises and government agencies by identifying and neutralizing…

Invicti API Security uncovers hidden and undocumented APIs
17
Jul
2024

Invicti API Security uncovers hidden and undocumented APIs

Invicti announced Invicti API Security, merging comprehensive API discovery with proactive security testing into a single solution. The growth of…

Most GitHub Actions workflows are insecure in some way
17
Jul
2024

Most GitHub Actions workflows are insecure in some way

Most GitHub Actions are susceptible to exploitation; they are overly privileged or have risky dependencies, according to Legit Security. GitHub…

Overlooked essentials: API security best practices
17
Jul
2024

Overlooked essentials: API security best practices

In this Help Net Security, Ankita Gupta, CEO at Akto, discusses API security best practices, advocating for authentication protocols like…

SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
17
Jul
2024

SubSnipe: Open-source tool for finding subdomains vulnerable to takeover

SubSnipe is an open-source, multi-threaded tool to help find subdomains vulnerable to takeover. It’s simpler, produces better output, and has…

Cybersecurity jobs available right now: July 17, 2024
17
Jul
2024

Cybersecurity jobs available right now: July 17, 2024

Adversary Emulation Team Member Australian Federal Police | Australia | On-site – View job details As an Adversary Emulation Team…