CVE-2024-3400 exploited: Unit 42, Volexity share more details about the attacks
UPDATE: April 17, 05:50 AM ET New story: Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation Earlier today, Palo Alto Networks revealed that a …
Palo Alto Networks firewalls under attack, hotfixes incoming! (CVE-2024-3400)
UPDATE: April 30, 09:30 AM ET New story: Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades UPDATE: April 17, 05:50 AM ET New …
Strategies to cultivate collaboration between NetOps and SecOps
In this Help Net Security interview, Debby Briggs, CISO at Netscout, discusses breaking down silos between NetOps and SecOps. Practical steps include scheduling strategy …
Why women struggle in the cybersecurity industry
The workplace experiences of women in cybersecurity are dramatically worse than men across virtually every category, according to a WiCyS and Aleria survey. Previous studies …
New infosec products of the week: April 12, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Akamai, Bitdefender, Siemens, Veriato, and Index Engines. SINEC Security Guard …
CISA warns about Sisense data breach
Business intelligence / data analytics software vendor Sisense has apparently suffered a data breach that spurred the company and the US Cybersecurity and Infrastructure …
Ransomware group maturity should influence ransom payment decision
Your organization has been hit by ransomware and a decision has to be made on whether or not to make the ransom payment to get your data decrypted, deleted from …
How Google’s 90-day TLS certificate validity proposal will affect enterprises
Announced last year, Google’s proposal to reduce the lifespan of TLS (transport layer security) certificates from 13 months to 90 days could be implemented in the near future. …
Leveraging AI for enhanced compliance and governance
In this Help Net Security interview, Dr. Joseph Sweeney, Advisor at IBRS, discusses the risks of integrating AI into information management systems. He talks about emerging …
Graylog: Open-source log management
Graylog is an open-source solution with centralized log management capabilities. It enables teams to collect, store, and analyze data to get answers to security, application, …
37% of publicly shared files expose personal information
Many sensitive documents stored on platforms such as Google Drive, Slack, and other collaborative work applications have been left unattended for several months or even years. …
New covert SharePoint data exfiltration techniques revealed
Varonis Threat Labs researchers have uncovered two techniques attackers can use can use for covert data and file exfiltration from companies’ SharePoint server. …
Featured news
Resources
Don't miss
- Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221)
- New Microsoft accounts will be “passwordless by default”
- Why SMEs can no longer afford to ignore cyber risk
- Preparing for the next wave of machine identity growth
- Hottest cybersecurity open-source tools of the month: April 2025