Attackers leave organizations with no recovery option
Organizations of all sizes are increasingly falling victim to ransomware attacks and inadequately protecting against this rising cyberthreat, according to Veeam. One in seven …
Attackers hacked Barracuda ESG appliances via zero-day since October 2022
Barracuda says that the recently discovered compromise of some of it clients’ ESG appliances via a zero-day vulnerability (CVE-2023-2868) resulted in the deployment of …
Penetration tester develops AWS-based automated cracking rig
Building a custom cracking rig for research can be expensive, so penetration tester Max Ahartz built one on AWS. In this Help Net Security interview, he takes us through the …
Generative AI: The new attack vector for trust and safety
Threat actors are abusing generative AI to carry out child sex abuse material (CSAM), disinformation, fraud and extremism, according to ActiveFence. “The explosion of …
Organizations spend 100 hours battling post-delivery email threats
Nearly every victim of a spear-phishing attack in the last 12 months saw impacts on their organization, including malware infections, stolen data, and reputational damage, …
Top public cloud security concerns for the media and entertainment industry
Media and entertainment (M&E) companies are rapidly turning to cloud storage in efforts to upgrade their security measures, according Wasabi. Survey findings highlighted …
Company size doesn’t matter when it comes to cyberattacks
65% of organizations in the enterprise sector suffered a cyberattack within the last 12 months, which is similar to the results among companies of all sizes (68%), according …
Digital nomads drive changes in identity verification
Over the past year, 4 in 5 financial companies had experienced an increase in the number of verification cases involving foreign documents, according to Regula.
Week in review: Zyxel firewalls vulnerability, phishing campaign targets ChatGPT users
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Wireless Broadband Alliance CEO on key drivers for Wi-Fi adoption in …
Phishers use encrypted file attachments to steal Microsoft 365 account credentials
Phishers are using encrypted restricted-permission messages (.rpmsg) attached in phishing emails to steal Microsoft 365 account credentials. “[The campaigns] are low …
New Buhti ransomware uses leaked payloads and public exploits
A newly identified ransomware operation has refashioned leaked LockBit and Babuk payloads into Buhti ransomware, to launch attacks on both Windows and Linux systems. Use of …
New infosec products of the week: May 26, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Axiado, Delinea, Netscout, Radware, and Veriff. Delinea Cloud Suite updates reduce …
Featured news
Resources
Don't miss
- Roundcube RCE: Dark web activity signals imminent attacks (CVE-2025-49113)
- Balancing cybersecurity and client experience for high-net-worth clients
- CISOs, are you ready for cyber threats in biotech?
- fiddleitm: Open-source mitmproxy add-on identifies malicious web traffic
- Millions of Android devices roped into Badbox 2.0 botnet. Is yours among them?