Please turn on your JavaScript for this page to function normally.
Zix
Phishers using Zix to “legitimize” emails in the eyes of Office 365 users

UPDATE: May 19, 2021 – 03:10 AM ET Mirko Zorz, Editor in Chief, Help Net Security The page you are on used to contain a news item based on research from Abnormal …

Patch Tuesday
May 2021 Patch Tuesday: Adobe fixes exploited Reader 0-day, Microsoft patches 55 holes

On this May 2021 Patch Tuesday: Adobe has fixed a Reader flaw exploited in attacks in the wild, as well as delivered security updates for eleven other products, including …

brain
Counterfit: Open-source tool for testing the security of AI systems

After developing a tool for testing the security of its own AI systems and assessing them for vulnerabilities, Microsoft has decided to open-source it to help organizations …

Exim
21 vulnerabilities found in Exim, update your instances ASAP!

A code audit of Exim, a widely used mail transfer agent, has revealed 21 previously unknown vulnerabilities, some of which can be chained together to achieve unauthenticated …

Apple
Apple fixes four zero-days under attack

A week after Apple patched a macOS zero-day exploited by Shlayer malware for months for months, the company has released new security updates for macOS, iOS, iPadOS and watch …

Kubestriker
Kubestriker: A security auditing tool for Kubernetes clusters

Kubestriker is an open-source, platform-agnostic tool for identifying security misconfigurations in Kubernetes clusters. It performs a variety of checks on a range of services …

MITRE ATT&CK
MITRE ATT&CK v9 is out and includes ATT&CK for Containers

The Mitre Corporation has released the ninth version of its ATT&CK knowledge base of adversary tactics and techniques, which now also includes a newly created ATT&CK …

ransomware
48 recommendations for a global fight against ransomware

The Institute for Security and Technology’s Ransomware Task Force (RTF) has released a comprehensive strategic framework to help worldwide organizations fight against …

ransomware
Q1 2021 ransomware trends: Most attacks involved threat to leak stolen data

The vast majority of ransomware attacks now include the theft of corporate data, Coveware says, but victims of data exfiltration extortion have very little to gain by paying a …

Mac malware
Apple patches macOS zero-day exploited by malware for months (CVE-2021-30657)

Apple has patched a critical macOS zero-day (CVE-2021-30657) that has been exploited by Shlayer malware for months and has finally introduced/enabled the App Tracking …

lock
Organizations can no longer afford to overlook encrypted traffic

Whether you’re a small business operating out of a single office or a global enterprise with a huge and distributed corporate network, not inspecting the encrypted traffic …

QNAP
QNAP NAS devices under ransomware attack

QNAP NAS device owners are once again under attack by ransomware operators, who are exploiting a recently fixed vulnerability to lock data on vulnerable devices by using the …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released whent there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools