Category: HelpnetSecurity

10
Jul
2024

Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112)

CVE-2024-38112, a spoofing vulnerability in Windows MSHTML Platform for which Microsoft has released a fix on Tuesday, has likely been…

Share: X : Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112)Facebook : Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112)Linkedin : Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112)Reddit : Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112)Telegram : Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112)WhatsApp : Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112)Email : Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112)
10
Jul
2024

Google removes enrollment barrier for prospective Advanced Protection Program users

Google has removed a potential obstacle for high-risk users who want to enroll in the company’s Advanced Protection Program (APP):…

Share: X : Google removes enrollment barrier for prospective Advanced Protection Program usersFacebook : Google removes enrollment barrier for prospective Advanced Protection Program usersLinkedin : Google removes enrollment barrier for prospective Advanced Protection Program usersReddit : Google removes enrollment barrier for prospective Advanced Protection Program usersTelegram : Google removes enrollment barrier for prospective Advanced Protection Program usersWhatsApp : Google removes enrollment barrier for prospective Advanced Protection Program usersEmail : Google removes enrollment barrier for prospective Advanced Protection Program users
10
Jul
2024

Cybersecurity jobs available right now: July 10, 2024

CISO HoneyBook | Israel | On-site – View job details As a CISO, you will develop and implement a multi-year…

Share: X : Cybersecurity jobs available right now: July 10, 2024Facebook : Cybersecurity jobs available right now: July 10, 2024Linkedin : Cybersecurity jobs available right now: July 10, 2024Reddit : Cybersecurity jobs available right now: July 10, 2024Telegram : Cybersecurity jobs available right now: July 10, 2024WhatsApp : Cybersecurity jobs available right now: July 10, 2024Email : Cybersecurity jobs available right now: July 10, 2024
10
Jul
2024

Diversifying cyber teams to tackle complex threats

Technologies such as GenAI, ML and IoT are giving threat actors new tools that make it easier to target consumers…

Share: X : Diversifying cyber teams to tackle complex threatsFacebook : Diversifying cyber teams to tackle complex threatsLinkedin : Diversifying cyber teams to tackle complex threatsReddit : Diversifying cyber teams to tackle complex threatsTelegram : Diversifying cyber teams to tackle complex threatsWhatsApp : Diversifying cyber teams to tackle complex threatsEmail : Diversifying cyber teams to tackle complex threats
10
Jul
2024

How companies increase risk exposure with rushed LLM deployments

In this Help Net Security interview, Jake King, Head of Threat & Security Intelligence at Elastic, discusses companies’ exposure to…

Share: X : How companies increase risk exposure with rushed LLM deploymentsFacebook : How companies increase risk exposure with rushed LLM deploymentsLinkedin : How companies increase risk exposure with rushed LLM deploymentsReddit : How companies increase risk exposure with rushed LLM deploymentsTelegram : How companies increase risk exposure with rushed LLM deploymentsWhatsApp : How companies increase risk exposure with rushed LLM deploymentsEmail : How companies increase risk exposure with rushed LLM deployments
10
Jul
2024

BunkerWeb: Open-source Web Application Firewall (WAF)

BunkerWeb is an open-source Web Application Firewall (WAF) distributed under the AGPLv3 free license. The solution’s core code is entirely…

Share: X : BunkerWeb: Open-source Web Application Firewall (WAF)Facebook : BunkerWeb: Open-source Web Application Firewall (WAF)Linkedin : BunkerWeb: Open-source Web Application Firewall (WAF)Reddit : BunkerWeb: Open-source Web Application Firewall (WAF)Telegram : BunkerWeb: Open-source Web Application Firewall (WAF)WhatsApp : BunkerWeb: Open-source Web Application Firewall (WAF)Email : BunkerWeb: Open-source Web Application Firewall (WAF)
10
Jul
2024

73% of security pros use unauthorized SaaS applications

73% of security professionals admit to using SaaS applications that had not been provided by their company’s IT team in…

Share: X : 73% of security pros use unauthorized SaaS applicationsFacebook : 73% of security pros use unauthorized SaaS applicationsLinkedin : 73% of security pros use unauthorized SaaS applicationsReddit : 73% of security pros use unauthorized SaaS applicationsTelegram : 73% of security pros use unauthorized SaaS applicationsWhatsApp : 73% of security pros use unauthorized SaaS applicationsEmail : 73% of security pros use unauthorized SaaS applications
09
Jul
2024

Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112)

For July 2024 Patch Tuesday, Microsoft has released security updates and patches that fix 142 CVEs, including two exploited zero-days…

Share: X : Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112)Facebook : Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112)Linkedin : Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112)Reddit : Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112)Telegram : Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112)WhatsApp : Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112)Email : Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112)
09
Jul
2024

Critical vulnerability in the RADIUS protocol leaves networking equipment open to attack

A new critical security vulnerability in the RADIUS protocol, dubbed BlastRADIUS, leaves most networking equipment open to Man-in-the-Middle (MitM) attacks….

Share: X : Critical vulnerability in the RADIUS protocol leaves networking equipment open to attackFacebook : Critical vulnerability in the RADIUS protocol leaves networking equipment open to attackLinkedin : Critical vulnerability in the RADIUS protocol leaves networking equipment open to attackReddit : Critical vulnerability in the RADIUS protocol leaves networking equipment open to attackTelegram : Critical vulnerability in the RADIUS protocol leaves networking equipment open to attackWhatsApp : Critical vulnerability in the RADIUS protocol leaves networking equipment open to attackEmail : Critical vulnerability in the RADIUS protocol leaves networking equipment open to attack
09
Jul
2024

AttackIQ Mission Control simplifies security testing for distributed teams

AttackIQ has introduced a new functionality for enterprise customers – AttackIQ Mission Control. AttackIQ Mission Control enhances AttackIQ Enterprise BAS…

Share: X : AttackIQ Mission Control simplifies security testing for distributed teamsFacebook : AttackIQ Mission Control simplifies security testing for distributed teamsLinkedin : AttackIQ Mission Control simplifies security testing for distributed teamsReddit : AttackIQ Mission Control simplifies security testing for distributed teamsTelegram : AttackIQ Mission Control simplifies security testing for distributed teamsWhatsApp : AttackIQ Mission Control simplifies security testing for distributed teamsEmail : AttackIQ Mission Control simplifies security testing for distributed teams
09
Jul
2024

GuardZoo spyware used by Houthis to target military personnel

Lookout discovered GuardZoo, Android spyware targeting Middle Eastern military personnel. This campaign leverages malicious apps with military and religious themes…

Share: X : GuardZoo spyware used by Houthis to target military personnelFacebook : GuardZoo spyware used by Houthis to target military personnelLinkedin : GuardZoo spyware used by Houthis to target military personnelReddit : GuardZoo spyware used by Houthis to target military personnelTelegram : GuardZoo spyware used by Houthis to target military personnelWhatsApp : GuardZoo spyware used by Houthis to target military personnelEmail : GuardZoo spyware used by Houthis to target military personnel
09
Jul
2024

Chinese APT40 group swifly leverages public PoC exploits

Chinese state-sponsored cyber group APT40 is amazingly fast at adapting public proof-of-concept (PoC) exploits for vulnerabilities in widely used software,…

Share: X : Chinese APT40 group swifly leverages public PoC exploitsFacebook : Chinese APT40 group swifly leverages public PoC exploitsLinkedin : Chinese APT40 group swifly leverages public PoC exploitsReddit : Chinese APT40 group swifly leverages public PoC exploitsTelegram : Chinese APT40 group swifly leverages public PoC exploitsWhatsApp : Chinese APT40 group swifly leverages public PoC exploitsEmail : Chinese APT40 group swifly leverages public PoC exploits