New open-source project takeover attacks spotted, stymied
The OpenJS Foundation has headed off a “credible takeover attempt” similar to the one that resulted in a backdoor getting included in the open-source XZ Utils …
5 free red teaming resources to get you started
Red teaming is evaluating the effectiveness of your cybersecurity by eliminating defender bias and adopting an adversarial perspective within your organization. Tactics may …
AI set to enhance cybersecurity roles, not replace them
In this Help Net Security interview, Caleb Sima, Chair of CSA AI Security Alliance, discusses how AI empowers security pros, emphasizing its role in enhancing skills and …
31% of women in tech consider switching roles over the next year
31% of women in tech are considering leaving their organization over the next 12 months due foremost to poor management, followed by a lack of training and a desire for better …
A critical vulnerability in Delinea Secret Server allows auth bypass, admin access
Organizations with on-prem installations of Delinea Secret Server are urged to update them immediately, to plug a critical vulnerability that may allow attackers to bypass …
eBook: Why CISSP?
As new cyber threats emerge daily in our connected world, there’s never been a greater urgency for cybersecurity professionals than now. What can CISSP certification do for …
How to protect IP surveillance cameras from Wi-Fi jamming
Gone are the days of criminals cutting camera wires to evade detection: with the proliferation of affordable internet-connected cameras, burglars must resort to Wi-Fi jamming. …
Geopolitical tensions escalate OT cyber attacks
In this Help Net Security interview, Andrew Ginter, VP of Industrial Security at Waterfall Security, discusses operational technology (OT) cyber attacks and their 2024 Threat …
Zarf: Open-source continuous software delivery on disconnected networks
Zarf is a free, open-source tool that enables continuous software delivery on disconnected networks. It currently offers fully automated support for K3s, K3d, and Kind and is …
Week in review: Palo Alto Networks firewalls under attack, Microsoft patches two exploited zero-days
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Palo Alto Networks firewalls under attack, hotfixes incoming! (CVE-2024-3400) …
CVE-2024-3400 exploited: Unit 42, Volexity share more details about the attacks
UPDATE: April 17, 05:50 AM ET New story: Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation Earlier today, Palo Alto Networks revealed that a …
Palo Alto Networks firewalls under attack, hotfixes incoming! (CVE-2024-3400)
UPDATE: April 30, 09:30 AM ET New story: Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades UPDATE: April 17, 05:50 AM ET New …
Featured news
Resources
Don't miss
- Millions of Android devices roped into Badbox 2.0 botnet. Is yours among them?
- June 2025 Patch Tuesday forecast: Second time is the charm?
- Why IAM should be the starting point for AI-driven cybersecurity
- Protecting patient data starts with knowing where it’s stored
- Ransomware and USB attacks are hammering OT systems