WithSecure Archives - Help Net Security

WithSecure

Understanding your attack surface makes it easier to prioritize technologies and systems

January 24, 2023

It has been observed that attackers will attempt to start exploiting vulnerabilities within the first fifteen minutes of their disclosure. As the time to patch gets shorter, …

Why encrypting emails isn’t as simple as it sounds

January 16, 2023

The quality of protected communications matters – a lot. If the sent material is highly sensitive and the legislation and/or policy demands high security, opportunistic …

Red, purple, or blue? When it comes to offensive security operations, it’s not just about picking one color

November 10, 2022

When people find out that I’ve spent much of my career being hired by companies to steal their secrets, they usually ask, “Are we doing enough? Do we need a red team?” …

IRISSCERT brings eminent cybersecurity experts to its conference in Dublin

October 26, 2022

The Irish Reporting and Information Security Service’s (IRISSCERT) Conference on Cybercrime will be on the 10th of November 2022 in the Aviva stadium. This all-day conference …

Data visualization: An invaluable tool in a defender’s arsenal

October 21, 2022

Visibility is always a priority, but it’s vital when responding to an incident. Time is always working against incident responders. Looking through rows of text data and …

Top outcomes organizations want from their security investments

October 17, 2022

Preventing data breaches and safeguarding remote workers are among the top security priorities and outcomes organizations want from their security investments, according to …

Weakness in Microsoft Office 365 Message Encryption could expose email contents

October 14, 2022

WithSecure researchers are warning organizations of a security weakness in Microsoft Office 365 Message Encryption (OME) that could be exploited by attackers to obtain …

Thwarting attackers in their favorite new playground: Social media

September 14, 2022

For years, LinkedIn has been utilized by threat actors looking to refine their attacks. From simple spear-phishing attacks to reconnaissance, the professional networking site …

Incident response in the cloud can be simple if you are prepared

August 17, 2022

If your business has moved toward off-premises computing, there’s a bonus to the flexibility and scalability services that AWS and Microsoft 365 can provide. Incident response …

Introducing the book: If It’s Smart, It’s Vulnerable

August 9, 2022

All our devices and gadgets are going online, just like our computers did. But once we’ve successfully connected our devices to the internet, do we have any hope of keeping …

Targeted campaign uses infostealer to hijack Facebook Business accounts

July 26, 2022

WithSecure researchers have discovered an ongoing operation, dubbed “DUCKTAIL”, that targets individuals and organizations operating on Facebook’s Ads and …

Detectree: Open-source tool simplifies data analysis for blue teams, reduces alert fatigue

July 22, 2022

Many companies struggle to understand malicious activity and its effects while a security incident is in progress. It eats up time and resources that defenders need to contain …

WithSecure

Understanding your attack surface makes it easier to prioritize technologies and systems

Why encrypting emails isn’t as simple as it sounds

Red, purple, or blue? When it comes to offensive security operations, it’s not just about picking one color

IRISSCERT brings eminent cybersecurity experts to its conference in Dublin

Data visualization: An invaluable tool in a defender’s arsenal

Top outcomes organizations want from their security investments

Weakness in Microsoft Office 365 Message Encryption could expose email contents

Thwarting attackers in their favorite new playground: Social media

Incident response in the cloud can be simple if you are prepared

Introducing the book: If It’s Smart, It’s Vulnerable

Targeted campaign uses infostealer to hijack Facebook Business accounts

Detectree: Open-source tool simplifies data analysis for blue teams, reduces alert fatigue

Don't miss

Patch your Jira Service Management Server and Data Center and check for compromise! (CVE-2023-22501)

We can’t rely on goodwill to protect our critical infrastructure

The emergence of trinity attacks on APIs

Hybrid cloud storage security challenges

Vulnerability in Cisco industrial appliances is a potential nightmare (CVE-2023-20076)