Rspamd: Open-source spam filtering system
Rspamd is an open-source spam filtering and email processing framework designed to evaluate messages based on a wide range of rules, including regular expressions, statistical …
SOC teams are frustrated with their security tools
Security operations center (SOC) practitioners believe they are losing the battle detecting and prioritizing real threats – due to too many siloed tools and a lack of accurate …
Meet the shared responsibility model with new CIS resources
You can’t fulfill your end of the shared responsibility model if you don’t emphasize secure configurations. Depending on the cloud services you’re using, …
Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: October 2024 Patch Tuesday forecast: Recall can be recalled October arrived, …
100+ domains seized to stymie Russian Star Blizzard hackers
Microsoft and the US Justice Department have seized over 100 domains used by Star Blizzard, a Russian nation-state threat actor. “Between January 2023 and August 2024, …
October 2024 Patch Tuesday forecast: Recall can be recalled
October 2024 Patch Tuesday is now live: Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) October arrived, and Microsoft started the month …
Best practices for implementing threat exposure management, reducing cyber risk exposure
In this Help Net Security interview, Sanaz Yashar, CEO at Zafran, discusses the role of threat exposure management (TEM) in modern cybersecurity strategies. As traditional …
MaLDAPtive: Open-source framework for LDAP SearchFilter parsing, obfuscation, and more!
MaLDAPtive is an open-source framework for LDAP SearchFilter parsing, obfuscation, deobfuscation, and detection. At its core, the project features a custom-built C# LDAP …
Cybercriminals capitalize on poorly configured cloud environments
Off-the-shelf offensive security tools and poorly configured cloud environments create openings in the attack surface, according to Elastic. Adversaries are utilizing …
New infosec products of the week: October 4, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Balbix, Halcyon, Metomic, Red Sift, SAFE Security, Veeam Software, and Legit …
Critical Ivanti Endpoint Manager flaw exploited (CVE-2024-29824)
CVE-2024-29824, an unauthenticated SQL Injection vulnerability in Ivanti Endpoint Manager (EPM) appliances, is being exploited by attackers, the Cybersecurity and …
CUPS vulnerabilities could be abused for DDoS attacks
While the Common UNIX Printing System (CUPS) vulnerabilities recently disclosed by researcher Simone “evilsocket” Margaritelli are not easily exploited for remote …
Featured news
Resources
Don't miss
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)
- RIFT: New open-source tool from Microsoft helps analyze Rust malware