The fight against commercial spyware misuse is heating up
Though there are organizations out there investigating how commercial spyware is misused to target journalists, human rights defenders and dissidents,...
Read more →Category: HelpnetSecurity
On-premises JetBrains TeamCity servers vulnerable to auth bypass (CVE-2024-23917)
JetBrains has patched a critical authentication bypass vulnerability (CVE-2024-23917) affecting TeamCity On-Premises continuous integration and deployment servers. About CVE-2024-23917 CVE-2024-23917...
Read more →
Cybersecurity teams hesitate to use automation in TDIR workflows
Despite reported threat detection, investigation, and response (TDIR) improvements in security operations, more than half of organizations still experienced significant...
Read more →
Prowler: Open-source security tool for AWS, Google Cloud Platform, Azure
Prowler is an open-source security tool designed to assess, audit, and enhance the security of AWS, GCP, and Azure. It’s...
Read more →
Common cloud security mistakes and how to avoid them
According to recent surveys, 98% of organizations keep their financial, business, customer and/or employee information in the cloud but, at...
Read more →
Enhancing adversary simulations: Learn the business to attack the business
In this Help Net Security interview, Jamieson O’Reilly, Founder of DVULN, discusses adversary simulations, shedding light on challenges rooted in...
Read more →
Spoutible API exposed encrypted password reset tokens, 2FA secrets of users
A publicly exposed API of social media platform Spoutible may have allowed threat actors to scrape information that can be...
Read more →
Cisco Motific reduces GenAI security, trust, and compliance risks
Cisco announced Motific, Cisco’s SaaS product that allows for trustworthy GenAI deployments in organizations. Born from Outshift, Cisco’s incubation business,...
Read more →
ResumeLooters target job search sites in extensive data heist
Group-IB identified a large-scale malicious campaign primarily targeting job search and retail websites of companies in the Asia-Pacific region. The...
Read more →
IBM LinuxONE 4 Express protects sensitive private data
IBM announced IBM LinuxONE 4 Express, extending the latest performance, security and AI capabilities of LinuxONE to small and medium...
Read more →
Lagging Mastodon admins urged to patch critical account takeover flaw (CVE-2024-23832)
Five days after Mastodon developers pushed out fixes for a remotely exploitable account takeover vulnerability (CVE-2024-23832), over 66% of Mastodon...
Read more →
Exploring NIST Cybersecurity Framework 2.0
In this Help Net Security video, Dan Erel, VP of Security at SeeMetrics, discusses NIST Cybersecurity Framework (CSF) 2.0. NIST...
Read more →