Veeam fixes auth bypass flaw in Backup Enterprise Manager (CVE-2024-29849)
Veeam has patched four vulnerabilities in Backup Enterprise Manager (VBEM), one of which (CVE-2024-29849) may allow attackers to bypass authentication and log in to its…
Category: HelpnetSecurity
CyberArk CORA AI accelerates identity threat detection
CyberArk announced CyberArk CORA AI, a new set of AI-powered capabilities that will be embedded across its identity security platform. CORA AI will translate vast…
Authelia: Open-source authentication and authorization server
Authelia is an open-source authentication and authorization server that offers 2FA and SSO for applications through a web portal. It works alongside reverse proxies to…
CEOs accelerate GenAI adoption despite workforce resistance
CEOs are facing workforce, culture and governance challenges as they act quickly to implement and scale generative AI across their organizations, according to IBM. The…
Technological complexity drives new wave of identity risks
Security leaders are facing increased technological and organizational complexity, which is creating a new wave of identity risks for their organizations, according to ConductorOne. Based…
YouTube has become a significant channel for cybercrime
Social engineering threats – those which rely on human manipulation – account for most cyberthreats faced by individuals in 2024, according to Avast. According to…
Strategies for combating AI-enhanced BEC attacks
In this Help Net Security interview, Robert Haist, CISO at TeamViewer, discusses how AI is being leveraged by cybercriminals to enhance the effectiveness of BEC…
Phishing statistics that will make you think twice before clicking
This article includes excerpts from various reports that offer statistics and insights into the current phishing landscape. AI-driven phishing attacks deceive even the most aware…
eBook: 10 reasons why demand for cloud security is sky-high
Current demand for cloud security specialists far exceeds available talent. Especially for companies seeking protection in multicloud environments, professionals with vendor-neutral knowledge and skills to…
PoC exploit for Ivanti EPMM privilege escalation flaw released (CVE 2024-22026)
Technical details about and a proof-of-concept (PoC) exploit for CVE-2024-22026, a privilege escalation bug affecting Ivanti EPMM, has been released by the vulnerability’s reporter. About…
SEC requires financial institutions to notify customers of breaches within 30 days
The Securities and Exchange Commission (SEC) announced the adoption of amendments to Regulation S-P to modernize and enhance the rules that govern the treatment of…
Cybercriminals shift tactics to pressure more victims into paying ransoms
Ransomware didn’t just grow in the US in 2023, it evolved, with the frequency of ransomware claims jumping 64% year-over-year, according to At-Bay. This was…