Guide to mitigating credential stuffing attacks
We have a collective unaddressed weakness when it comes to basic cybersecurity. Out of the many reports circulating in the news today, many statistics revolve…
Category: HelpnetSecurity
Open-source Rafel RAT steals info, locks Android devices, asks for ransom
The open-source Rafel RAT is being leveraged by multiple threat actors to compromise Android devices and, in some cases, to lock them, encrypt their contents,…
Cracking down on cybercrime: Who you gonna call?
As cybercrime continues to grow, law enforcement agencies worldwide face increased challenges in safeguarding organizations and individuals. In this article, we highlight law enforcement agencies…
Why are threat actors faking data breaches?
Earlier this year Europcar discovered a hacker selling info on its 50 million customers on the dark web. The European car rental company immediately launched…
1 out of 3 breaches go undetected
Organizations continue to struggle in detecting breaches as they become more targeted and sophisticated, with more than 1 out of 3 organizations citing their existing…
Week in review: CDK Global cyberattack, critical vCenter Server RCE fixed
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: The rise of SaaS security teamsIn this Help Net Security…
Intel-powered computers affected by serious firmware flaw (CVE-2024-0762)
A vulnerability (CVE-2024-0762) in the Phoenix SecureCore UEFI, which runs on various Intel processors, could be exploited locally to escalate privileges and run arbitrary code…
US bans Kaspersky antivirus software due to national security risks
The US Department of Commerce has announced an upcoming US-wide ban of cybersecurity and antivirus software by Kaspersky, as its “ability to gather valuable US…
Pressure mounts on CISOs as SEC bares teeth with legal action
A Panaseer investigation into organizations’ annual 10-K filings reported to the SEC shows that from January-May 2024, at least 1,327 filings mentioned NIST – a…
Cilium: Open-source eBPF-based networking, security, observability
Cilium is an open-source, cloud-native solution that leverages eBPF technology in the Linux kernel to provide, secure, and monitor network connectivity between workloads. What is…
New infosec products of the week: June 21, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Atsign, Datadog, Metomic, NinjaOne, Verimatrix, and Veritas Technologies. Datadog App…
Crown Equipment cyberattack confirmed, manufacturing disrupted for weeks
Ohio-based Crown Equipment, which is among the largest industrial and forklift truck manufacturers in the world, has become a victim of a cyberattack “by an…