Helga Labus, Author at Help Net Security

Helga Labus

Ivanti Avalanche vulnerable to attack by unauthenticated, remote attackers (CVE-2023-32560)

August 16, 2023

Two stack-based buffer overflow bugs (collectively designated as CVE-2023-32560) have been discovered in Ivanti Avalanche, an enterprise mobility management solution. A buffer …

Major vulnerabilities discovered in data center solutions

August 14, 2023

Researchers have discovered serious security vulnerabilities in two widely used data center solutions: CyberPower’s PowerPanel Enterprise Data Center Infrastructure …

Microsoft 365 accounts of execs, managers hijacked through EvilProxy

August 10, 2023

A phishing campaign leveraging the EvilProxy phishing-as-a-service (PhaaS) tool has been spotted targeting Microsoft 365 user accounts of C-level executives and managers at …

Google unveils stronger cellular security for Android 14

August 9, 2023

Google has revealed new cellular security mitigations that will be available for users and enterprises on its soon-to-be-released Android 14, and announced a new release …

North Korean hackers breached Russian missile development firm

August 8, 2023

North Korean state-sponsored hackers have breached Russian missile maker NPO Mashinostroyeniya, according to SentinelLabs researchers. North Korean hackers discovered The …

Keystroke sounds can betray passwords

August 7, 2023

Researchers from several UK universities have proven that the recorded sounds of laptop keystrokes can be used to obtain sensitive user data such as passwords with a high …

Top 12 vulnerabilities routinely exploited in 2022

August 4, 2023

Cybersecurity agencies from member countries of the Five Eyes intelligence alliance have released a list of the top 12 vulnerabilities routinely exploited in 2022, plus 30 …

Google makes removal of personal user info from Search easier

August 4, 2023

Google is making it easier for users to remove personal contact information and personal, non-consensual explicit imagery from Google search results. “Of course, …

Ivanti discloses another vulnerability in MobileIron Core (CVE-2023-35082)

August 3, 2023

Ivanti has disclosed a critical vulnerability (CVE-2023-35082) affecting old, out-of-support versions of MobileIron Core, an enterprise device solution that has since been …

Android n-day bugs pose zero-day threat

August 1, 2023

In the Android ecosystem, n-day vulnerabilities are almost as dangerous as zero-days, according to Google’s review of zero-days exploited in the wild in 2022. N-days …

Ivanti fixes second zero-day exploited by attackers (CVE-2023-35081)

July 31, 2023

Another actively exploited zero-day vulnerability (CVE-2023-35081) affecting Ivanti Endpoint Manager Mobile (EPMM) has been identified and fixed. The first zero-day spotted …

New persistent backdoor used in attacks on Barracuda ESG appliances

July 31, 2023

The Cybersecurity and Infrastructure Agency (CISA) has published an analysis report on the backdoors dropped by attackers exploiting CVE-2023-2868, a remote command injection …

Helga Labus

Ivanti Avalanche vulnerable to attack by unauthenticated, remote attackers (CVE-2023-32560)

Major vulnerabilities discovered in data center solutions

Microsoft 365 accounts of execs, managers hijacked through EvilProxy

Google unveils stronger cellular security for Android 14

North Korean hackers breached Russian missile development firm

Keystroke sounds can betray passwords

Top 12 vulnerabilities routinely exploited in 2022

Google makes removal of personal user info from Search easier

Ivanti discloses another vulnerability in MobileIron Core (CVE-2023-35082)

Android n-day bugs pose zero-day threat

Ivanti fixes second zero-day exploited by attackers (CVE-2023-35081)

New persistent backdoor used in attacks on Barracuda ESG appliances

Don't miss

Malicious ads creep into Bing Chat responses

How should organizations navigate the risks and opportunities of AI?

Why California’s Delete Act matters for the whole country

Yet another Chrome zero-day exploited in the wild! (CVE-2023-5217)

How to avoid the 4 main pitfalls of cloud identity management