Please turn on your JavaScript for this page to function normally.
attacks
Escalating cyber threats: Bots, fraud farms, and cryptojacking surge, urgently requiring attention

The motivations behind cyberattacks are as diverse as the methods employed. Whether driven by financial gain, political agendas, or sheer malice, cybercriminals exploit …

GenAI
Researchers automated jailbreaking of LLMs with other LLMs

AI security researchers from Robust Intelligence and Yale University have designed a machine learning technique that can speedily jailbreak large language models (LLMs) in an …

path
Transforming cybersecurity from reactive to proactive with attack path analysis

An attack path is important to prioritize potential risks in cloud environments. The attack path offers the ability to look at cloud environments from the attacker’s …

patch
Why legacy system patching can’t wait

The persistent neglect of patching legacy systems is plaguing critical infrastructure and industries. The consequences of such neglect can be damaging to organizations, …

Apple
Apple news: iLeakage attack, MAC address leakage bug

On Wednesday, Apple released security updates for all supported branches of iOS and iPadOS, macOS, tvOS, watchOS and Safari. This time around, the updates did not garner as …

Cisco
“Disappearing” implants, followed by first fixes for exploited Cisco IOS XE zero-day

Cisco has released the first fixes for the IOS XE zero-day (CVE-2023-20198) exploited by attackers to ultimately deliver a malicious implant. The fixes were made available on …

Cisco
Cisco IOS XE zero-day exploited by attackers to deliver implant (CVE-2023-20198)

A previously unknown vulnerability (CVE-2023-20198) affecting networking devices running Cisco IOS XE software is being exploited by a threat actor to take control of the …

CVE-2023-44487
Dangerous vulnerability can be exploited to carry out massive DDoS attacks (CVE-2023-44487)

Cloudflare, Google, and Amazon AWS revealed that a zero-day vulnerability in the HTTP/2 protocol has been used to mount massive, high-volume DDoS attacks, which they dubbed …

zero trust
Why zero trust delivers even more resilience than you think

Ten years ago, zero trust was an exciting, innovative perspective shift that security experts were excited to explore; today, it’s more likely to be framed as an inevitable …

digital identity
Is your identity safe? Exploring the gaps in threat protection

A recent study from Silverfort has identified the identity attack surface as today’s most substantial weakness in cybersecurity resilience. Traditional approaches, such …

Jonathan Segev
IEEE 802.11az provides security enhancements, solves longstanding problems

In this Help Net Security interview, Jonathan Segev, IEEE 802.11 Task Group (TG) Chair of next-generation positioning (TGaz) at IEEE, discusses IEEE 802.11az. The new standard …

ransomware
Ransomware dwell time hits new low

Median attacker dwell time—the time from when an attack starts to when it’s detected—shrunk from 10 to eight days for all attacks, and to five days for ransomware attacks …

Don't miss

Cybersecurity news