Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.

News

vmware
VMware pushes admins to uninstall vulnerable, deprecated vSphere plugin (CVE-2024-22245, CVE-2024-22250)

VMware Enhanced Authentication Plug-in (EAP), a plugin for VMware vSphere, has two vulnerabilities (CVE-2024-22245, CVE-2024-22250) that could be exploited by attackers to …

cybersecurity startups to watch
10 cybersecurity startups to watch in 2024

At Help Net Security, we’ve been following the cybersecurity business landscape closely for the past 25 years. Through our Industry News section, we’ve been …

TruffleHog
TruffleHog: Open-source solution for scanning secrets

TruffleHog is an open-source scanner that identifies and addresses exposed secrets throughout your entire technology stack. “TruffleHog was originally a research tool I …

API
The importance of a good API security strategy

In 2024, API requests accounted for 57% of dynamic internet traffic around the globe, according to the Cloudflare 2024 API Security & Management Report, confirming that …

Active Directory
Active Directory outages can cost organizations $100,000 per day

Nearly every organization has core systems services tied to Active Directory that will go down during an outage, according to Cayosoft. Consequences of system downtime for …

US Department of Justice
Alleged Raccoon Infostealer operator extradited, verification site set up for victims

A Ukrainian national was extradited to the United States from the Netherlands after being indicted for crimes related to fraud, money laundering, and aggravated identity …

LockBit takedown
LockBit takedown: Infrastructure disrupted, criminals arrested, decryption keys recovered

In the wake of yesterday’s surprise law enforcement takeover of LockBit’s leak site, the UK National Crime Agency (NCA) and Europol have shared more information …

LockBit seizure notice
LockBit disrupted by international law enforcement task force

On Monday afternoon, LockBit’s leak site has been taken over by a coalition of law enforcement agencies and is showing a seizure notice that promises more details today, …

Critical ConnectWise ScreenConnect vulnerabilities fixed, patch ASAP!

UPDATE (February 22, 2024, 05:40 a.m. ET): Now designated as CVE-2024-1709 and CVE-2024-1708, the vulnerabilities are under active exploitation. Go here for up-to-date …

Securities and Exchange Commission
How to make sense of the new SEC cyber risk disclosure rules

SEC’s new cybersecurity risk management, strategy, governance, and incident disclosure rules, which require increased transparency around cybersecurity incidents, have been in …

Patrick Harding
How decentralized identity is shaping the future of data protection

In this Help Net Security interview, Patrick Harding, Chief Architect at Ping Identity, discusses the promises and implications of decentralized identity (DCI) in …

GitHub CoPilot
36% of code generated by GitHub CoPilot contains security flaws

Security debt, defined as flaws that remain unfixed for longer than a year, exists in 42% of applications and 71% of organizations, according to Veracode. Worryingly, 46% of …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools