GNOME users at risk of RCE attack (CVE-2023-43641)
If you’re running GNOME on you Linux system(s), you are probably open to remote code execution attacks via a booby-trapped file, thanks to a memory corruption …
Be prepared to patch high-severity vulnerability in curl and libcurl
UPDATE (October 11, 2023, 07:15 a.m. ET): Curl v8.4.0 is out and fixes both CVE-2023-38545, a SOCKS5 heap buffer overflow vulnerability and CVE-2023-38546, a cookie injection …
Why zero trust delivers even more resilience than you think
Ten years ago, zero trust was an exciting, innovative perspective shift that security experts were excited to explore; today, it’s more likely to be framed as an inevitable …
Turning military veterans into cybersecurity experts
In this Help Net Security interview, James Murphy, the Director of the TechVets Programme at the Forces Employment Charity and member of Fortinet’s Veterans Program …
Cybersecurity pros predict rise of malicious AI
76% of cybersecurity professionals believe the world is very close to encountering malicious AI that can bypass most known cybersecurity measures, according to Enea. 26% see …
Cybercriminals can go from click to compromise in less than a day
The median dwell time in ransomware engagements dropped to just under 24 hours from 4.5 days in the previous year and 5.5 days in the year before that, according to …
eBook: Cybersecurity career hacks for newcomers
Are you excited to pursue a cybersecurity career but unsure where to begin? Whether you’re a student, an incoming professional, or ready to work in a different field, the …
$2.7 billion lost to social media scams since 2021
Scams originating on social media have accounted for $2.7 billion in reported losses since 2021, more than any other contact method, according to the Federal Trade Commission. …
Microsoft 365 email senders urged to implement SPF, DKIM and DMARC
In the wake of Google’s announcement of new rules for bulk senders, Microsoft is urging Microsoft 365 email senders to implement SPF, DKIM and DMARC email authentication …
Exploit writers invited to probe Chrome’s V8 engine, Google Cloud’s KVM
Google is asking bug hunters and exploit writers to develop 0-day and n-day exploits in Chrome’s V8 JavaScript engine and Google Cloud’s Kernel-based Virtual …
Selective disclosure in the identity wallet: How users share the data that is really needed
Name, date of birth, address, email address, passwords, tax records, or payroll – all this sensitive user data is stored by companies in huge databases to identify individuals …
Incentivizing secure online behavior across generations
As the landscape of online security continues to evolve, there is a noticeable shift in people’s perceptions of cybersecurity, with an increasing awareness of its vital …
Featured news
Resources
Don't miss
- Google open-sources privacy tech for age verification
- You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad code
- Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)
- GitPhish: Open-source GitHub device code flow security assessment tool
- Healthcare CISOs must secure more than what’s regulated