searchtwitterarrow rightmail strokearrow leftmail solidfacebooklinkedinplusangle upmagazine plus
Help Net Security - Daily information security news with a focus on enterprise security.
  • News
  • Features
  • Expert analysis
  • Reviews
  • Events
  • Whitepapers
  • Industry news
  • Newsletters
  • (IN)SECURE Magazine

SANS ISC

Get our top stories in your inbox

Phishers tricking users via fake LinkedIn Private Shared Document

February 18, 2021

Phishers are trying to trick users into opening a “LinkedIn Private Shared Document” and entering their login credentials into a fake LinkedIn login page, security …

Easily exploitable RCE in Oracle WebLogic Server under attack (CVE-2020-14882)

October 29, 2020

A critical and easily exploitable remote code execution vulnerability (CVE-2020-14882) in Oracle WebLogic Server is being targeted by attackers, SANS ISC has warned. Oracle …

Attackers are probing Citrix controllers and gateways through recently patched flaws

July 10, 2020

Earlier this week, Citrix released security updates for Citrix Application Delivery Controller (ADC), Citrix Gateway, and the Citrix SD-WAN WANOP appliance, and urged admins …

Attackers are bypassing F5 BIG-IP RCE mitigation – you might want to patch after all

July 8, 2020

Attackers are bypassing a mitigation for the BIG-IP TMUI RCE vulnerability (CVE-2020-5902) originally provided by F5 Networks, NCC Group’s Research and Intelligence …

Better cybersecurity hinges on understanding actual risks and addressing the right problems

July 7, 2020

SANS Technology Institute’s Internet Storm Center (ISC) has been a valuable warning service and source of critical cyber threat information to internet users, …

Kwampirs threat actor continues to breach transnational healthcare orgs

March 31, 2020

The Kwampirs (aka Orangeworm) attack group continues to target global healthcare entities in this time of crisis, the FBI has warned. “Targeted entities range from major …

First patches for the Citrix ADC, Gateway RCE flaw released

January 21, 2020

As attackers continue to hit vulnerable Citrix (formerly Netscaler) ADC and Gateway installations, Citrix has released permanent fixes for some versions and has promised to …

January 2020 Patch Tuesday: Microsoft nukes Windows crypto flaw flagged by the NSA

January 14, 2020

As forecasted, January 2020 Patch Tuesday releases by Microsoft and Adobe are pretty light: the “star of the show” is CVE-2020-0601, a Windows flaw flagged by the …

Exploits for Citrix ADC and Gateway flaw abound, attacks are ongoing

January 13, 2020

With several exploits targeting CVE-2019-19781 having been released over the weekend and the number of vulnerable endpoints still being over 25,000, attackers are having a …

Critical Exim flaw exploitable locally and remotely, patch ASAP!

June 7, 2019

A critical vulnerability in Exim, the mail transfer agent (MTA) deployed on over half of all Internet-facing mail servers, may allow attackers to run commands as the …

Adobe plugs critical RCE Flash Player flaw, update ASAP! Exploitation may be imminent

November 21, 2018

Adobe has released a Flash Player update that plugs a critical vulnerability (CVE-2018-15981) that could lead to remote code execution, and is urging users to implement it as …

Apache Struts 2.3.x vulnerable to two year old RCE flaw

November 6, 2018

The Apache Software Foundation is urging users that run Apache Struts 2.3.x to update the Commons FileUpload library to close a serious vulnerability that could be exploited …

Posts navigation

1 2
architecture

Why enterprises need rugged devices with integrated endpoint management systems

  • Five factors driving investment in IDV
  • 2021 will be the year of hybrid working: How can CTOs keep staff secure and productive?
Whitepaper – EDR to secure mobile devices: Coverage, limits & recommendations

What's new

hand

Attackers disrupting COVID-19 efforts and critical supply chains

identity

Five factors driving investment in IDV

architecture

Why enterprises need rugged devices with integrated endpoint management systems

businessman

C-level executives driving the adoption of MACH across their organizations

Don't miss

architecture

Why enterprises need rugged devices with integrated endpoint management systems

identity

Five factors driving investment in IDV

tracking

CNAME-based tracking increasingly used to bypass browsers’ anti-tracking defenses

2021 will be the year of hybrid working: How can CTOs keep staff secure and productive?

template

Third-party risk management programs still largely a checkbox exercise

Help Net Security - Daily information security news with a focus on enterprise security.
Follow us
  • Features
  • News
  • Expert Analysis
  • Reviews
  • Events
  • Whitepapers
  • Industry news
  • Newsletters
  • Twitter

In case you’ve missed it

  • Chief Legal Officers face mounting compliance, privacy and cybersecurity obligations
  • How do I select a network monitoring solution for my business?
  • Tips for boosting the “Sec” part of DevSecOps
  • How do I select a DRM solution for my business?

(IN)SECURE Magazine ISSUE 67 (November 2020)

  • Hardware security: Emerging attacks and protection mechanisms
  • Justifying your 2021 cybersecurity budget
  • Cooking up secure code: A foolproof recipe for open source
  • Mapping the motives of insider threats
Read online
© Copyright 1998-2021 by Help Net Security
Read our privacy policy | About us | Advertise