Maximizing security visibility on a budget
In this Help Net Security interview, Barry Mainz, CEO at Forescout, discusses the obstacles organizations encounter in attaining security visibility, particularly within cloud and hybrid…
Category: HelpnetSecurity
Millions of Synology NAS devices vulnerable to zero-click attacks (CVE-2024-10443)
Synology has released fixes for an unauthenticated “zero-click” remote code execution flaw (CVE-2024-10443, aka RISK:STATION) affecting its popular DiskStation and BeeStation network attached storage (NAS)…
Whispr: Open-source multi-vault secret injection tool
Whispr is an open-source CLI tool designed to securely inject secrets from secret vaults, such as AWS Secrets Manager and Azure Key Vault, directly into…
Hiring guide: Key skills for cybersecurity researchers
In this Help Net Security interview, Rachel Barouch, an Organizational Coach for VCs and startups and a former VP HR in both a VC and…
Strong privacy laws boost confidence in sharing information with AI
53% of consumers report being aware of their national privacy laws, a 17-percentage point increase compared to 2019, according to Cisco. Informed consumers are also…
Week in review: Windows Themes spoofing bug “returns”, employees phished via Microsoft Teams
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Patching problems: The “return” of a Windows Themes spoofing vulnerabilityDespite…
How open-source MDM solutions simplify cross-platform device management
In this Help Net Security interview, Mike McNeil, CEO at Fleet, talks about the security risks posed by unmanaged mobile devices and how mobile device…
50% of financial orgs have high-severity security flaws in their apps
Security debt, defined for this report as flaws that remain unfixed for longer than a year, exists in 76% of organizations in the financial services…
OpenPaX: Open-source kernel patch that mitigates memory safety errors
OpenPaX is an open-source kernel patch that mitigates common memory safety errors, re-hardening systems against application-level memory safety attacks using a simple Linux kernel patch.…
Threat actors are stepping up their tactics to bypass email protections
Although most organizations use emails with built-in security features that filter out suspicious messages, criminals always find a way to bypass these systems. With the…
Infosec products of the month: October 2024
Here’s a look at the most interesting products from the past month, featuring releases from: Action1, Balbix, BreachLock, Commvault, Dashlane, Data Theorem, Edgio, ExtraHop, Fastly,…
Sophos mounted counter-offensive operation to foil Chinese attackers
Sophos conducted defensive and counter-offensive operation over the last five years with multiple interlinked nation-state adversaries based in China targeting perimeter devices, including Sophos Firewalls.…