Massive botnet hits Microsoft 365 accounts
A recently discovered botnet of over 130,000 compromised devices is launching coordinated password-spraying attacks against Microsoft 365 (M365) accounts. Security...
Read more →Category: HelpnetSecurity
Account takeover detection: There’s no single tell
Account takeover (ATO) is one of the most prevalent attack types; Proofpoint says that in 2024, 99% of the customer...
Read more →
Man vs. machine: Striking the perfect balance in threat intelligence
In this Help Net Security interview, Aaron Roberts, Director at Perspective Intelligence, discusses how automation is reshaping threat intelligence. He...
Read more →
Misconfig Mapper: Open-source tool to uncover security misconfigurations
Misconfig Mapper is an open-source CLI tool built in Golang that discovers and enumerates instances of services used within your...
Read more →
Week in review: PostgreSQL 0-day exploited in US Treasury hack, top OSINT books to learn from
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: A PostgreSQL zero-day was also...
Read more →
Security and privacy concerns challenge public sector’s efforts to modernize
For most public sector organizations, digital transformation is a work in progress, with the complexity of integrating new systems and...
Read more →
Mastering the cybersecurity tightrope of protection, detection, and response
In this Help Net Security interview, Chester Wisniewski, Director and Global Field CISO at Sophos, discusses the shifting ransomware landscape,...
Read more →
How to secure Notes on iOS and macOS
Apple allows you to lock your notes using your iPhone passcode or a separate password, ensuring your private information stays...
Read more →
New infosec products of the week: February 21, 2025
Here’s a look at the most interesting products from the past week, featuring releases from 1Password, Fortinet, Pangea, Privacera, and...
Read more →
Cybersecurity jobs available right now in the USA: February 20, 2025
Compliance & Privacy Specialist McKesson | Remote – View job details As a Compliance & Privacy Specialist, you will identify...
Read more →
PRevent: Open-source tool to detect malicious code in pull requests
Apiiro security researchers have released open source tools that can help organizations detect malicious code as part of their software...
Read more →
Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
A new, improved version of Darcula, a cat-themed phishing-as-a-service (PhaaS) platform aimed at serving Chinese-speaking criminals, will be released this...
Read more →