Yet another Chrome zero-day exploited in the wild! (CVE-2023-5217)
Google has fixed another critical zero-day vulnerability (CVE-2023-5217) in Chrome that is being exploited in the wild. About CVE-2023-5217 The vulnerability is caused by a …
How to avoid the 4 main pitfalls of cloud identity management
Securing cloud identities isn’t easy. Organizations need to complete a laundry list of actions to confirm proper configuration, ensure clear visibility into identities, …
The hidden costs of neglecting cybersecurity for small businesses
In this Help Net Security interview, Raffaele Mautone, CEO of Judy Security, talks about the cybersecurity problems that small businesses face and the need for prioritization …
The clock is ticking for businesses to prepare for mandated certificate automation
Many organizations are unprepared for sweeping industry changes that call for mandated certificate automation, according to GMO GlobalSign. There could be significant changes …
Ransomware groups are shifting their focus away from larger targets
One in every six ransomware attacks targeting US government offices was traced back to the LockBit ransomware group, according to Trend Micro. Overall ransomware attack victim …
New twist on ZeroFont phishing technique spotted in the wild
Cybercriminals are leveraging the ZeroFont technique to trick users into trusting phishing emails, SANS ISC handler Jan Kopriva has warned. The ZeroFont phishing attack …
Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129)
UPDATE (September 28, 2023, 03:15 a.m. ET): The CVE-2023-5129 ID has been either rejected or withdrawn by the CVE Numbering Authority (Google), since it’s a duplicate of …
Fake Bitwarden installation packages delivered RAT to Windows users
Windows users looking to install the Bitwarden password manager may have inadvertently installed a remote access trojan (RAT). The ZenRAT malware A malicious website (located …
High number of security flaws found in EMEA-developed apps
Applications developed by organizations in Europe, Middle East and Africa tend to contain more security flaws than those created by their US counterparts, according to …
The pitfalls of neglecting security ownership at the design stage
For companies to avoid bleeding millions through cyber threats, they must build adaptability into their security strategy from the start while considering a range of inputs …
Network Flight Simulator: Open-source adversary simulation tool
Network Flight Simulator is a lightweight utility that generates malicious network traffic and helps security teams evaluate security controls and network visibility. The tool …
Cloud service inefficiencies drain IT budgets
71% of IT professionals stated that cloud-related costs make up 30% or more of their total IT spend, according to Aptum. In the current demanding economic environment, …
Featured news
Resources
Don't miss
- Millions of Android devices roped into Badbox 2.0 botnet. Is yours among them?
- June 2025 Patch Tuesday forecast: Second time is the charm?
- Why IAM should be the starting point for AI-driven cybersecurity
- Protecting patient data starts with knowing where it’s stored
- Ransomware and USB attacks are hammering OT systems