PuTTY vulnerability can be exploited to recover private keys (CVE-2024-31497)
A vulnerability (CVE-2024-31497) in PuTTY, a popular SSH and Telnet client, could allow attackers to recover NIST P-521 client keys due to the “heavily biased”…
Category: HelpnetSecurity
Cisco Duo provider breached, SMS MFA logs compromised
Hackers have managed to compromise a telephony provider for Duo, the Cisco-owned company providing secure access solutions, and steal MFA (multi-factor authentication) SMS message logs…
Tanium Automate reduces manual processes for repeatable tasks
Alongside Tanium Guardian and its partnership with Microsoft Copilot for Security, Tanium Automate serves as another critical component in support of the autonomous endpoint management…
New open-source project takeover attacks spotted, stymied
The OpenJS Foundation has headed off a “credible takeover attempt” similar to the one that resulted in a backdoor getting included in the open-source XZ…
IDnow VideoIdent Flex blends AI technology with human interaction
IDnow has unveiled VideoIdent Flex, a new version of its expert-led video verification service that blends advanced AI technology with human interaction. The human-based video…
5 free red teaming resources to get you started
Red teaming is evaluating the effectiveness of your cybersecurity by eliminating defender bias and adopting an adversarial perspective within your organization. Tactics may include anything…
AI set to enhance cybersecurity roles, not replace them
In this Help Net Security interview, Caleb Sima, Chair of CSA AI Security Alliance, discusses how AI empowers security pros, emphasizing its role in enhancing…
31% of women in tech consider switching roles over the next year
31% of women in tech are considering leaving their organization over the next 12 months due foremost to poor management, followed by a lack of…
A critical vulnerability in Delinea Secret Server allows auth bypass, admin access
Organizations with on-prem installations of Delinea Secret Server are urged to update them immediately, to plug a critical vulnerability that may allow attackers to bypass…
ShadowDragon Horizon enhancements help users conduct investigations from any device
ShadowDragon announced significant enhancements to its Open-Source Intelligence Investigative platform Horizon. These updates represent a milestone in the evolution of investigative technology, offering capabilities to…
How to protect IP surveillance cameras from Wi-Fi jamming
Gone are the days of criminals cutting camera wires to evade detection: with the proliferation of affordable internet-connected cameras, burglars must resort to Wi-Fi jamming.…
Geopolitical tensions escalate OT cyber attacks
In this Help Net Security interview, Andrew Ginter, VP of Industrial Security at Waterfall Security, discusses operational technology (OT) cyber attacks and their 2024 Threat…