Omni Hotels suffer prolonged IT outage due to cyberattack
Texas-based Omni Hotels & Resorts has been responding to a cyberattack that started last Friday, which resulted in the unavailability of many of its IT systems. According …
Escalating cyber threats: Bots, fraud farms, and cryptojacking surge, urgently requiring attention
The motivations behind cyberattacks are as diverse as the methods employed. Whether driven by financial gain, political agendas, or sheer malice, cybercriminals exploit …
Researchers automated jailbreaking of LLMs with other LLMs
AI security researchers from Robust Intelligence and Yale University have designed a machine learning technique that can speedily jailbreak large language models (LLMs) in an …
Transforming cybersecurity from reactive to proactive with attack path analysis
An attack path is important to prioritize potential risks in cloud environments. The attack path offers the ability to look at cloud environments from the attacker’s …
Why legacy system patching can’t wait
The persistent neglect of patching legacy systems is plaguing critical infrastructure and industries. The consequences of such neglect can be damaging to organizations, …
Apple news: iLeakage attack, MAC address leakage bug
On Wednesday, Apple released security updates for all supported branches of iOS and iPadOS, macOS, tvOS, watchOS and Safari. This time around, the updates did not garner as …
“Disappearing” implants, followed by first fixes for exploited Cisco IOS XE zero-day
Cisco has released the first fixes for the IOS XE zero-day (CVE-2023-20198) exploited by attackers to ultimately deliver a malicious implant. The fixes were made available on …
Cisco IOS XE zero-day exploited by attackers to deliver implant (CVE-2023-20198)
A previously unknown vulnerability (CVE-2023-20198) affecting networking devices running Cisco IOS XE software is being exploited by a threat actor to take control of the …
Dangerous vulnerability can be exploited to carry out massive DDoS attacks (CVE-2023-44487)
Cloudflare, Google, and Amazon AWS revealed that a zero-day vulnerability in the HTTP/2 protocol has been used to mount massive, high-volume DDoS attacks, which they dubbed …
Why zero trust delivers even more resilience than you think
Ten years ago, zero trust was an exciting, innovative perspective shift that security experts were excited to explore; today, it’s more likely to be framed as an inevitable …
Is your identity safe? Exploring the gaps in threat protection
A recent study from Silverfort has identified the identity attack surface as today’s most substantial weakness in cybersecurity resilience. Traditional approaches, such …
IEEE 802.11az provides security enhancements, solves longstanding problems
In this Help Net Security interview, Jonathan Segev, IEEE 802.11 Task Group (TG) Chair of next-generation positioning (TGaz) at IEEE, discusses IEEE 802.11az. The new standard …
Featured news
Sponsored
Don't miss
- CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040)
- The rising influence of AI on the 2024 US election
- 10 colleges and universities shaping the future of cybersecurity education
- What is multi-factor authentication (MFA), and why is it important?
- MITRE breached by nation-state threat actor via Ivanti zero-days