SquarePhish: Advanced phishing tool combines QR codes and OAuth 2.0 device code flow
In this Help Net Security video, Security Consultant Kam Talebzadeh and Senior Security Researcher Nevada Romsdahl from Secureworks, showcase SquarePhish, a tool that combines …
Three ransomware gangs consecutively attacked the same network
Hive, LockBit and BlackCat, three prominent ransomware gangs, consecutively attacked the same network, according to Sophos. The first two attacks took place within two hours, …
Why there is no quick fix for cyber attacks
Cybersecurity threats keep evolving, meaning that most, if not all, organizations could be dangerously exposed as the digital ecosystem develops. While some organizations …
How attackers abuse Quickbooks to send phone scam emails
INKY researchers disclosed the latest variant of the tried-and-true phone scam, a low-tech phone scam where attackers extract personal information by sending out spoofed …
The impact of DNS attacks on global organizations
Often we see stories about cyber attacks that breached an organisations’ security parameters, and advice on how we can protect against future threats. However, what is often …
Destructive firmware attacks pose a significant threat to businesses
As business workforces become increasingly distributed, IT leaders say it’s harder than ever to defend against firmware attacks, according to HP Wolf Security. The growing …
Attackers are leveraging Follina. What can you do?
As the world is waiting for Microsoft to push out a patch for CVE-2022-30190, aka “Follina”, attackers around the world are exploiting the vulnerability in a …
Zero-day bug exploited by attackers via macro-less Office documents (CVE-2022-30190)
A newly numbered Windows zero-day vulnerability (CVE-2022-30190) is being exploited in the wild via specially crafted Office documents (without macros), security researchers …
RansomHouse: Bug bounty hunters gone rogue?
A new cybercrime outfit that calls itself RansomHouse is attempting to carve out a niche of the cyber extortion market for itself by hitting organizations, stealing their …
Help Net Security: Healthcare Cybersecurity Report has been released
Our newest report takes a closer look at one of the most targeted industries today – healthcare. As exhausted healthcare professionals struggle with an extraordinary …
Should businesses be concerned about APT-style attacks?
As we enter 2022, organizations are re-evaluating their cybersecurity strategies to lower risks and best defend against potential threats. Through budget, risk tolerance, …
Ransomware attacks decrease, operators started rebranding
Positive Technologies experts have analyzed the Q3 2021 cybersecurity threatscape and found a decrease in the number of unique cyberattacks. However, there’s been an increase …
Featured news
Resources
Don't miss
- Coinflow CISO on crypto payments security under AI pressure
- Vigolium: Open-source vulnerability scanner
- Anthropic: Claude Mythos identified 10,000+ software flaws
- Actively exploited Trend Micro Apex One flaw gets CISA warning (CVE-2026-34926)
- High-severity SharePoint RCE bug patched by Microsoft (CVE-2026-45659)