Help Net Security
HTTP request smuggling vulnerability in Node.js (CVE-2022-35256)
In this Help Net Security video, Austin Jones, Principal Software Engineer at ThreatX, explains what HTTP request smuggling is, and discusses a recently uncovered HTTP request …
Financial crises boost fraud rates, making online consumers more cautious
59% of consumers are more concerned about becoming a victim of fraud now than they were in 2021, according to a research released by Paysafe. This Help Net Security video …
Researchers outline the Lazarus APT offensive toolset
ESET researchers uncovered and analyzed a set of malicious tools that were used by the Lazarus APT group in attacks during the end of 2021. The campaign started with spear …
Detecting fileless malware infections is becoming easier
For some analysts, memory analysis is only an optional step in cybersecurity investigations. Their reasons are simple. One: Handling memory and volatile data is a complex …
The impact of DevSecOps practices on software development
A trending practice for application security, DevSecOps includes integrating security early in the software development life cycle (SDLC) and enables the delivery of reliable …
Why organizations take data sovereignty seriously
According to a Vanson Bourne survey, the vast majority of organizations across France, Germany, the UK, and the US either have sovereignty regulations or policies to keep …
Many IT pros don’t think a ransomware attack can impact Microsoft 365 data
Nearly a quarter of businesses have suffered a ransomware attack, with a fifth occurring in the past 12 months, according to Hornetsecurity. The 2022 Ransomware Report, which …
Week in review: MS Exchange zero-days exploited, AD attack paths, developing secure APIs
SpyCast: Cross-platform mDNS enumeration tool SpyCast is a cross-platform mDNS enumeration tool that can work either in active mode by recursively querying services or in …
The current state of cloud security
Cloud security became much more complicated as COVID-19 hit and remote/hybrid workforces emerged. Organizations are struggling to sufficiently secure new cloud environments …
The significance of parallel tasks execution for security teams
Infosec teams require nimble security tools to operate in realistic conditions, which may involve thousands of simultaneous events. In this Help Net Security video, Leonid …
Top issues driving cybersecurity: Growing number of cybercriminals, variety of attacks
Fortifying cybersecurity defenses remains a work in progress for many organizations, who acknowledge their shortcomings but have yet to commit the necessary resources to the …
Are you inundated by a never-ending stream of cyberattacks?
Trellix released global research revealing the cost of siloed security, weak spots in protection, and lack of confidence amongst security operations teams. The study of 9,000 …
Featured news
Resources
Don't miss
- Five ways OSINT helps financial institutions to fight money laundering
- DevOps in the cloud and what is putting your data at risk
- Russian threat actors using old Cisco bug to target critical infrastructure orgs
- AWS Trusted Advisor flaw allowed public S3 buckets to go unflagged
- Using lightweight LLMs to cut incident response times and reduce hallucinations