November 2024
Week in review: 0-days exploited in Palo Alto Networks firewalls, two unknown Linux backdoors identified
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 2,000 Palo Alto Networks devices compromised in latest attacks Attackers have …
Security for AI Copilots in SaaS apps identifies risky access permissions
Securiti announced a new solution – Security for AI Copilots in SaaS apps. The biggest impediment in adopting AI Copilots, like Microsoft 365 Copilot, is the security of …
SentinelOne AI-SPM detects misconfigurations and vulnerabilities in AI applications
SentinelOne announced new AI security posture management (AI-SPM) capabilities to protect and secure the use of AI services in the workplace. Built on SentinelOne’s …
Proxmox Virtual Environment 8.3: SDN-firewall integration, faster container backups, and more!
The Proxmox Virtual Environment 8.3 enterprise virtualization solution features management tools and a user-friendly web interface, allowing you to deploy open-source …
The limits of AI-based deepfake detection
In this Help Net Security interview, Ben Colman, CEO of Reality Defender, discusses the challenges of detecting high-quality deepfakes in real-world applications. He addresses …
Why the NIS2 Directive causes growing pains for businesses
In this Help Net Security video, Dror Liwer, co-founder of Coro, discusses how the EU’s NIS2, its latest security directive for businesses, officially became enforceable …
Cybercriminals turn to pen testers to test ransomware efficiency
Threat actors are recruiting pen testers to test and improve the reliability of their ransomware for affiliate programs, according to Cato Networks. Any good developer knows …
Deepfake attacks occur every five minutes
As cybercriminals continue to adapt their techniques to find new ways through defenses, AI-assisted fraud is growing increasingly sophisticated and frequent, according to …
New infosec products of the week: November 22, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Aon, Arkose Labs, HiddenLayer, Hornetsecurity, Radware, and Tanium. Arkose Device ID …
US charges five alleged members of Scattered Spider gang
Law enforcement unsealed criminal charges against five alleged members of Scattered Spider, who allegedly targeted employees of companies nationwide with phishing text …
Active network of North Korean IT front companies exposed
An analysis of the websites belonging to companies that served as a front for getting North Korean IT workers remote jobs with businesses worldwide has revealed an active …
2,000 Palo Alto Networks devices compromised in latest attacks
Attackers have compromised around 2,000 Palo Alto Networks firewalls by leveraging the two recently patched zero-days (CVE-2024-0012 and CVE-2024-9474), Shadowserver …
Featured news
Resources
Don't miss
- Hackers probe, exploit newly patched BeyondTrust RCE flaw (CVE-2026-1731)
- Brutus: Open-source credential testing tool for offensive security
- Why secure OT protocols still struggle to catch on
- Edge computing’s biggest lie: “We’ll patch it later”
- Cyber risk is becoming a hold-period problem for private equity firms