Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source – subscribe here!

Please turn on your JavaScript for this page to function normally.
Cybersecurity projects on GitHub
20 cybersecurity projects on GitHub you should check out

Open-source GitHub cybersecurity projects, developed and maintained by dedicated contributors, provide valuable tools, frameworks, and resources to enhance security practices. …

snake, threat
Prevent and detect Adobe ColdFusion exploitation (CVE-2023-26360, CVE-2023-26359)

When Adobe released security updates for its ColdFusion application development platform last month, it noted that one of the vulnerabilities (CVE-2023-26360) had been …

Kali Linux tools
5 Kali Linux tools you should learn how to use

Kali Linux is a specialized Linux distribution developed by Offensive Security, designed for experienced Linux users who need a customized platform for penetration testing. …

Hand
Critical ManageEngine RCE flaw is being exploited (CVE-2022-35405)

The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2022-35405, a critical remote code execution vulnerability in ManageEngine PAM360, Password …

Metasploit
The past, present and future of Metasploit

Metasploit is the most used penetration testing framework. In this Help Net Security video, Spencer McIntyre, Lead Security Researcher at Rapid7, talks about how Metasploit …

Metasploit
Metasploit 6.2.0 comes with 138 new modules, 148 enhancements and features

Metasploit is the world’s most used penetration testing framework. It helps security teams verify vulnerabilities, manage security assessments, and improve security awareness. …

Patch Tuesday
Microsoft fixes actively exploited zero-day reported by the NSA (CVE-2022-24521)

On this April 2022 Patch Tuesday, Microsoft has released patches for 128 CVE-numbered vulnerabilities, including one zero-day exploited in the wild (CVE-2022-24521) and …

F5
Attackers are bypassing F5 BIG-IP RCE mitigation – you might want to patch after all

Attackers are bypassing a mitigation for the BIG-IP TMUI RCE vulnerability (CVE-2020-5902) originally provided by F5 Networks, NCC Group’s Research and Intelligence …

industrial
Widely available ICS attack tools lower the barrier for attackers

The general availability of ICS-specific intrusion and attack tools is widening the pool of attackers capable of targeting operational technology (OT) networks and industrial …

Hand
AutoSploit: Automated mass exploitation of remote hosts using Shodan and Metasploit

A “cyber security enthusiast” that goes by VectorSEC on Twitter has published AutoSploit, a Python-based tool that takes advantage of Shodan and Metasploit modules …

Rapid7 announces security certifications for Metasploit and Nexpose

Rapid7 is launching certification programs for Nexpose administrators and Metasploit Pro specialists. “Certification enables security professionals to ensure that they …

Microsoft EMET’s protections can be bypassed, researchers show

Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) is a good piece of software and helpful for protecting non-kernel Microsoft applications and third-party …

Don't miss

Cybersecurity news