Cisco IOS XE zero-day exploited by attackers to deliver implant (CVE-2023-20198)
A previously unknown vulnerability (CVE-2023-20198) affecting networking devices running Cisco IOS XE software is being exploited by a threat actor to take control of the …
AI-enabled bots can solve CAPTCHAs faster than humans
Companies are losing revenue in the fight against malicious bot attacks, according to survey by Kasada. Despite spending millions of dollars on traditional bot management …
Endpoint malware attacks decline as campaigns spread wider
In Q2 2023, 95% of malware now arrives over encrypted connections, endpoint malware volumes are decreasing despite campaigns growing more widespread, ransomware detections are …
Dangerous vulnerability can be exploited to carry out massive DDoS attacks (CVE-2023-44487)
Cloudflare, Google, and Amazon AWS revealed that a zero-day vulnerability in the HTTP/2 protocol has been used to mount massive, high-volume DDoS attacks, which they dubbed …
Why zero trust delivers even more resilience than you think
Ten years ago, zero trust was an exciting, innovative perspective shift that security experts were excited to explore; today, it’s more likely to be framed as an inevitable …
Cybercriminals can go from click to compromise in less than a day
The median dwell time in ransomware engagements dropped to just under 24 hours from 4.5 days in the previous year and 5.5 days in the year before that, according to …
Automotive cybersecurity: A decade of progress and challenges
As connected cars become a standard feature in the market, the significance of automotive cybersecurity rises, playing an essential role in ensuring the safety of road users. …
Companies rethinking degree requirements for entry-level cybersecurity jobs
While the threat landscape is evolving for most on the front lines, little has changed in recent years, according to ISACA. The research finds that of the cybersecurity …
Are executives adequately guarding their gadgets?
Today, individual citizens, rather than businesses or governmental bodies, are the main entry points for cyberattacks. However, security solutions haven’t evolved …
Evolving conversations: Cybersecurity as a business risk
Board members often lack technical expertise and may not fully grasp cyber risks. On the other hand, CISOs are more accustomed to interfacing with IT staff. This is …
The hidden costs of neglecting cybersecurity for small businesses
In this Help Net Security interview, Raffaele Mautone, CEO of Judy Security, talks about the cybersecurity problems that small businesses face and the need for prioritization …
Kubernetes attacks in 2023: What it means for the future
In 2023, a wave of new attacks targeting Kubernetes has been reported, from Dero and Monero crypto mining to Scarleteel and RBAC-Buster. In this Help Net Security video, Jimmy …
Featured news
Resources
Don't miss
- Coinflow CISO on crypto payments security under AI pressure
- Vigolium: Open-source vulnerability scanner
- Anthropic: Claude Mythos identified 10,000+ software flaws
- Actively exploited Trend Micro Apex One flaw gets CISA warning (CVE-2026-34926)
- High-severity SharePoint RCE bug patched by Microsoft (CVE-2026-45659)