Threat actor used Vimeo, Ars Technica to serve second-stage malware
A financially motivated threat actor tracked as UNC4990 is using booby-trapped USB storage devices and malicious payloads hosted on popular...
Read more →Category: HelpnetSecurity
CVEMap: Open-source tool to query, browse and search CVEs
CVEMap is an open-source command-line interface (CLI) tool that allows you to explore Common Vulnerabilities and Exposures (CVEs). It’s designed...
Read more →
Custom rules in security tools can be a game changer for vulnerability detection
In this Help Net interview, Isaac Evans, CEO at Semgrep, discusses the balance between speed and thoroughness in CI/CD pipeline...
Read more →
Zero trust implementation: Plan, then execute, one step at a time
82% of cybersecurity professionals have been working on implementing zero trust last year, and 16% should be on it by...
Read more →
Payment fraud is hitting organizations harder than ever before
96% of US companies were targeted with at least one fraud attempt in the past year, according to Trustpair. 83%...
Read more →
A zero-day vulnerability (and PoC) to blind defenses relying on Windows event logs
A zero-day vulnerability that, when triggered, could crash the Windows Event Log service on all supported (and some legacy) versions...
Read more →
How to make developers accept DevSecOps
According to a recent Dynatrace report, only 50% of CISOs believe that development teams have thoroughly tested the software for...
Read more →
Free ransomware recovery tool White Phoenix now has a web version
White Phoenix is a free ransomware recovery tool for situations where files are encrypted with intermittent encryption. It was tested...
Read more →
Proactive cybersecurity: A strategic approach to cost efficiency and crisis management
In this Help Net Security interview, Stephanie Hagopian, VP of Security at CDW, discusses offensive strategies in the face of...
Read more →
Does CVSS 4.0 solve the exploitability problem?
The newest version of the vulnerability scoring system CVSS 4.0 is here! After a lengthy gap between version 3 (released...
Read more →
Cybercriminals replace familiar tactics to exfiltrate sensitive data
Ransomware attacks are increasing again as cybercriminals’ motivation shifts to data exfiltration, according to Delinea. The familiar tactics of crippling...
Read more →
Database management enters a new era of complexity
Increasing complexity, the rapid adoption of emerging technologies and a growing skills gap are the biggest concerns facing IT leaders...
Read more →