January 2024
Tsurugi Linux: Tailoring user experience for digital forensics and OSINT investigations
Tsurugi Linux is a heavily customized open-source distribution focused on supporting DFIR investigations. The project focuses mainly on live forensics analysis, post-mortem …
Geopolitical tensions combined with technology will drive new security risks
Misinformation and disinformation are biggest short-term risks, while extreme weather and critical change to Earth systems are greatest long-term concern, according to the …
Windows SmartScreen bug exploited to deliver powerful info-stealer (CVE-2023-36025)
A vulnerability (CVE-2023-36025) that Microsoft fixed in November 2023 continues to be exploited by malware peddlers: this time around, the delivered threat is a variant of …
Trellix XDR Platform for RDR strengthens operational resilience
Trellix announced Trellix XDR Platform for Ransomware Detection and Response (RDR), available immediately worldwide. Trellix XDR Platform for RDR provides visibility across an …
Juniper fixes critical RCE in its SRX firewalls and EX switches (CVE-2024-21591)
Juniper Networks has fixed a critical pre-authentication remote code execution (RCE) vulnerability (CVE-2024-21591) in Junos OS on SRX firewalls and EX switches. About …
Flipping the BEC funnel: Phishing in the age of GenAI
For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic (and usually poorly-written) email and fire it out to thousands of …
Preventing insider access from leaking to malicious actors
In this Help Net Security video, John Morello, CTO of Gutsy, discusses the often-overlooked aspect of cybersecurity – the offboarding process. He outlines the real-world …
Adalanche: Open-source Active Directory ACL visualizer, explorer
Adalanche provides immediate insights into the permissions of users and groups within an Active Directory. It’s an effective open-source tool for visualizing and …
Key elements for a successful cyber risk management strategy
In this Help Net Security interview, Yoav Nathaniel, CEO at Silk Security, discusses the evolution of cyber risk management strategies and practices, uncovering common …
Government organizations’ readiness in the face of cyber threats
Cyber threats targeting government organizations have become increasingly sophisticated, posing significant risks to national security, public infrastructure, and sensitive …
Week in review: GitLab account takeover flaw, attackers exploiting Ivanti Connect Secure zero-days
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Social engineer reveals effective tricks for real-world intrusions In this …
Akira ransomware attackers are wiping NAS and tape backups
“The Akira ransomware malware, which was first detected in Finland in June 2023, has been particularly active at the end of the year,” the Finnish National …
Featured news
Resources
Don't miss
- Attackers are exploiting critical SAP S/4HANA vulnerability (CVE-2025-42957)
- Stealthy attack serves poisoned web pages only to AI agents
- September 2025 Patch Tuesday forecast: The CVE matrix
- Google fixes actively exploited Android vulnerabilities (CVE-2025-48543, CVE-2025-38352)
- CyberFlex: Flexible Pen testing as a Service with EASM