April 2024
92,000+ internet-facing D-Link NAS devices accessible via “backdoor” account (CVE-2024-3273)
A vulnerability (CVE-2024-3273) in four old D-Link NAS models could be exploited to compromise internet-facing devices, a threat researcher has found. The existence of the …
April 2024 Patch Tuesday forecast: New and old from Microsoft
April 2024 Patch Tuesday is now live: Microsoft patches actively exploited security feature bypass vulnerability (CVE-2024-29988) This month, we have a new product preview …
How can the energy sector bolster its resilience to ransomware attacks?
Since it plays a vital role in every functioning society, the energy sector has always been a prime target for state-backed cybercriminals. The cyber threats targeting this …
WiCyS: A champion for a more diverse cybersecurity workforce
In this Help Net Security interview, Lynn Dohm, Executive Director at Women in CyberSecurity (WiCyS), talks about how the organization supports its members across different …
How malicious email campaigns continue to slip through the cracks
In this Help Net Security video, Josh Bartolomie, VP of Global Threat Services at Cofense, discusses how email will remain a target as long as it remains the predominant form …
Industrial sectors embrace zero trust for enhanced security
Organizations are leveraging zero trust to enhance the safety, security, and reliability of their enterprise across IT and OT environments, according to Xage Security. Zero …
Threat actors are raising the bar for cyber attacks
From sophisticated nation-state-sponsored intrusions to opportunistic malware campaigns, cyber attacks manifest in various forms, targeting vulnerabilities in networks, …
Week in review: 73M customers affected by AT&T data leak, errors led to US govt inboxes compromise
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Cyber attacks on critical infrastructure show advanced tactics and new …
Trellix ZTS enables organizations to strengthen cyber resilience
Trellix announced the Trellix Zero Trust Strategy (ZTS) Solution, available immediately worldwide. Trellix ZTS is leveraging Trellix’s AI-powered XDR Platform to provide …
Cybercriminal adoption of browser fingerprinting
Browser fingerprinting is one of many tactics phishing site authors use to evade security checks and lengthen the lifespan of malicious campaigns. While browser fingerprinting …
Security pros are cautiously optimistic about AI
55% of organizations plan to adopt GenAI solutions within this year, signaling a substantial surge in GenAI integration, according to a Cloud Security Alliance and Google …
22% of employees admit to breaching company rules with GenAI
Disruptive technologies like AI are heightening the longstanding tension between organizational security and employee productivity, according to 1Password. Employees are under …
Featured news
Resources
Don't miss
- When trusted AI connections turn hostile
- Identifying risky candidates: Practical steps for security leaders
- Humanoid robot found vulnerable to Bluetooth hack, data leaks to China
- F5 data breach: “Nation-state attackers” stole BIG-IP source code, vulnerability info
- Microsoft patches three zero-days actively exploited by attackers