Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
chess
Deception security doesn’t have to be onerous or expensive

When talking about deception security, most infosec pros’ mind turns to honeypots and decoy systems – additional solutions that companies have to buy, deploy, and …

magnifying glass
Security audit of Dovecot mailserver reveals good security practices

Dovecot – a popular open source IMAP and POP3 server for Linux/UNIX-like systems – is as secure as its developers claim it is. A security audit performed by German …

NetSess
Net Cease: Microsoft researchers unveil anti-reconnaissance tool

Microsoft researchers Itai Grady and Tal Be’ery have released Net Cease, a PowerShell script that prevents attackers who have already compromised an endpoint from …

terminal
Quickly audit and adjust SSH server configurations with SSH-audit

SSH-audit is a standalone open source tool for auditing and fixing SSH server configurations. It has no dependencies and will run wherever Python is available. It supports …

Compromising Linux virtual machines via FFS Rowhammer attack

A group of Dutch researchers have demonstrated a variant of the Rowhammer attack that can be used to successfully compromise Linux virtual machines on cloud servers. The Flip …

https
Faulty TLS implementation opens VISA sites, users to attack

A group of researchers has discovered 184 HTTPS servers that are wide open to attackers looking to inject seemingly valid content into encrypted sessions. Some of these …

servers
Attackers keep flinging assorted ImageMagick 0day exploits

It’s been a week since the existence of several flaws affecting popular image processing library ImageMagick have been made public. At the time, one of these, a remote …

Web servers and sites under attack via ImageMagick zero-day flaw

A zero-day remote code execution flaw has been found in ImageMagick, an image processing library that allows image uploads from untrusted users (site visitors) and is widely …

Broken glass
Over 3 million servers running outdated JBoss software open to attack

Spurred by the recent discovery that the Samas (aka SamSam) ransomware is being spread via compromised servers running out-of-date versions of Red Hat’s JBoss server …

servers
Cisco UCS servers can be hijacked with malicious HTTP request

A data center server platform running Cisco’s Unified Computing System (UCS) Central Software can be compromised by unauthenticated, remote attackers with a single, …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools