Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
Critical VMware vCenter Server bugs fixed (CVE-2024-38812)
Broadcom has released fixes for two vulnerabilities affecting VMware vCenter Server that can be triggered by sending a specially crafted network packet, and could lead to remote code execution (CVE-2024-38812) or privilege escalation (CVE-2024-38813).
Apple releases iOS 18, with security and privacy improvements
Apple has launched iOS 18, the latest significant iteration of the operating system powering its iPhones. Along with many new features and welcome customization options, iOS 18 brings several changes for improving users’ security and privacy.
Striking the balance between cybersecurity and operational efficiency
In this Help, Net Security interview, Michael Oberlaender, ex-CISO, and book author, discusses how to strike the right balance between security and operational efficiency.
Essential metrics for effective security program assessment
In this Help Net Security interview, Alex Spivakovsky, VP of Research & Cybersecurity at Pentera, discusses essential metrics for evaluating the success of security programs.
CrowdSec: Open-source security solution offering crowdsourced protection
Crowdsec is an open-source solution that offers crowdsourced protection against malicious IPs.
Detecting vulnerable code in software dependencies is more complex than it seems
In this Help Net Security interview, Henrik Plate, CISSP, security researcher, Endor Labs, discusses the complexities AppSec teams face in identifying vulnerabilities within software dependencies.
The proliferation of non-human identities
97% of non-human identities (NHIs) have excessive privileges, increasing unauthorized access and broadening the attack surface, according to Entro Security’s 2025 State of Non-Human Identities and Secrets in Cybersecurity report.
The growing danger of visual hacking and how to protect against it
In this Help Net Security interview, Robert Ramsey, CEO at Rain Technology, discusses the growing threat of visual hacking, how it bypasses traditional cybersecurity measures, and the importance of physical barriers like switchable privacy screens.
EchoStrike: Generate undetectable reverse shells, perform process injection
EchoStrike is an open-source tool designed to generate undetectable reverse shells and execute process injection on Windows systems.
Compliance frameworks and GenAI: The Wild West of security standards
In this Help Net Security interview, Kristian Kamber, CEO at SplxAI, discusses how security challenges for GenAI differ from traditional software. Unlike predictable software, GenAI introduces dynamic, evolving threats, requiring new strategies for defense and compliance.
Windows users targeted with fake human verification pages delivering malware
For a while now, security researchers have been warning about fake human verification pages tricking Windows users into inadvertently installing malware.
Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488)
Researchers have released technical details about CVE-2024-45488, a critical authentication bypass vulnerability affecting One Identity’s Safeguard for Privileged Passwords (SPP), which could allow attackers to gain full administrative access to the virtual appliance.
FBI forced Flax Typhoon to abandon its botnet
A botnet operated by the Chinese state-sponsored threat actor known as Flax Typhoon has been disrupted by the law enforcement agency and abandoned by the group, FBI Director Chris Wray confirmed on Wednesday.
Hackers breaching construction firms via specialized accounting software
Firms in the construction industry are getting breached by hackers via internet-exposed servers running Foundation accounting software, Huntress researchers are warning.
Ghost: Criminal communication platform compromised, dismantled by international law enforcement
Another encrypted communication platform used by criminals has been dismantled and its alleged mastermind arrested, the Australian Federal Police has announced on Tuesday.
PoC exploit for exploited Ivanti Cloud Services Appliance flaw released (CVE-2024-8190)
CVE-2024-8190, an OS command injection vulnerability in Ivanti Cloud Services Appliance (CSA) v4.6, is under active exploitation.
Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461)
CVE-2024-43461, a spoofing vulnerability affecting Windows MSHTML – a software component used by various apps for rendering web pages on Windows – “was exploited as a part of an attack chain relating to CVE-2024-38112, prior to July 2024,” Microsoft has revealed.
How to detect and stop bot activity
Bad bot traffic continues to rise year-over-year, accounting for nearly a third of all internet traffic in 2023.
How digital wallets work, and best practices to use them safely
In this Help Net Security video, Kayne McGladrey, IEEE Senior Member, discusses best practices for using digital wallets safely.
Trends and dangers in open-source software dependencies
A C-suite perspective on potential vulnerabilities within open-source dependencies or software packages reveals that, while remediation costs for dependency risks are perilously high, function-level reachability analysis still offers the best value in this critical area, according to Endor Labs.
Differential privacy in AI: A solution creating more problems for developers?
In the push for secure AI models, many organizations have turned to differential privacy. But is the very tool meant to protect user data holding back innovation?
The ripple effects of regulatory actions on CISO reporting
In this Help Net Security video, Sara Behar, Content Manager at YL Ventures, discusses how recent regulatory actions and high-profile legal incidents involving cybersecurity leaders have influenced CISO reporting.
The cybersecurity workforce of the future requires diverse hiring practices
The global cybersecurity workforce gap reached a new high with an estimated 4.8 million professionals needed to effectively secure organizations, a 19% year-on-year increase, according to ISC2.
Data disposal and cyber hygiene: Building a culture of security within your organization
To build a defense against data breaches, organizations must go beyond the traditional methods of cyber hygiene and expand their domain to include policies governing data protection from creation to disposal of IT assets, safeguarding sensitive, confidential data at all stages.
Organizations overwhelmed by numerous and insecure remote access tools
Organizations are combating excessive remote access demands with an equally excessive number of tools that provide varying degrees of security, according to Claroty.
Gateways to havoc: Overprivileged dormant service accounts
Service accounts are often overprivileged, forgotten about and lack proper password security protocols. Some of these once-productive service accounts become dormant over time, making them suitable targets for threat actors.
Beyond human IAM: The rising tide of machine identities
Remember when managing user accounts was your biggest headache? Those were simpler times. Today, we’re drowning in a sea of machine identities, and it’s time to learn how to swim – or risk going under.
Cybersecurity jobs available right now: September 18, 2024
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.
Rising identity security risks: Why organizations must act now
As the priority for managing digital identities intensifies, organizations are encountering severe identity security risks.
New infosec products of the week: September 20, 2024
Here’s a look at the most interesting products from the past week, featuring releases from anecdotes, F5 Networks, Gcore, Rapid7, Strivacity, and Veritas Technologies.