New infosec products of the week: August 18, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Action1, MongoDB, Bitdefender, SentinelOne and Netskope. Action1 platform update bridges…
Category: HelpnetSecurity
30% of phishing threats involve newly registered domains
Phishing remains the most dominant and fastest growing internet crime, largely due to the ubiquity of email and the ceaseless issue of human error that…
Federal agencies gear up for zero trust executive order deadline
Federal agencies are prepared to meet the zero trust executive order requirements from the Biden Administration with just over a year until the deadline, according…
Phishers use QR codes to target companies in various industries
A phishing campaign using QR codes has been detected targeting various industries, with the aim to acquire Microsoft credentials. “The most notable target, a major…
The road ahead for ecommerce fraud prevention
Ecommerce platforms are incorporating sophisticated fraud detection measures, but fraudsters, too, are refining their strategies. In this Help Net Security interview, Eduardo Mônaco, CEO at…
Heavy workloads driving IT professionals to resign
A quarter of IT professionals are seriously contemplating leaving their current jobs within the next six months, potentially costing US companies upwards of 145 billion…
Findlargedir: Find all “blackhole” directories with a huge amount of filesystem entries
Findlargedir is a tool written to help quickly identify “black hole” directories on any filesystem having more than 100k entries in a single flat structure.…
LinkedIn users targeted in account hijacking campaign
LinkedIn users are being targeted in an ongoing account hijacking campaign, are getting locked out of their accounts; the hacked accounts are held for ransom.…
(Re)check your patched NetScaler ADC and Gateway appliances for signs of compromise
Administrators of Citrix NetScaler ADC and Gateway appliances should check for evidence of installed webshells even if they implemented fixes for CVE-2023-3519 quickly: A recent…
Ivanti Avalanche vulnerable to attack by unauthenticated, remote attackers (CVE-2023-32560)
Two stack-based buffer overflow bugs (collectively designated as CVE-2023-32560) have been discovered in Ivanti Avalanche, an enterprise mobility management solution. A buffer overflow arises when…
Why the “voluntary AI commitments” extracted by the White House are nowhere near enough
Representatives from Amazon, Anthropic, Google, Inflection, Meta, Microsoft, and OpenAI recently convened at the White House for a meeting with President Biden with the stated…
How CISOs break down complex security challenges
The role of the CISO has evolved into a critical position that encompasses many responsibilities aimed at safeguarding digital assets, preserving data integrity, and mitigating…