WinRAR vulnerable to remote code execution, patch now! (CVE-2023-40477)
RARLAB has fixed a high-severity RCE vulnerability (CVE-2023-40477) in the popular file archiver tool WinRAR. About CVE-2023-40477 A widely used Windows-only utility, WinRAR …
Chrome will tell users when extensions they use are removed from Chrome Web Store
Google will be extending the Safety check feature within the Chrome browser to alert users when a previously installed extension is no longer available in the Chrome Web …
Network detection and response in the modern era
In this Help Net Security interview, David Gugelmann, CEO at Exeon, sheds light on the current cyber threats and their challenges for network security. He discusses the role …
Organizations invest in AI tools to elevate email security
To counteract new and emerging threat methods enhanced by artificial intelligence, specialized email security vendors are leveraging a synergy of AI and human insights to …
Week in review: VPNs vulnerable to TunnelCrack attacks, Cybertech Africa 2023
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Deception technology and breach anticipation strategies In this Help Net …
Zimbra users in Europe, Latin America face phishing threat
ESET researchers have uncovered a mass-spreading phishing campaign aimed at collecting Zimbra account users’ credentials. Zimbra Collaboration is an open-core collaborative …
Reinventing OT security for dynamic landscapes
From understanding the challenges of disparate OT protocols and the increasing convergence with IT to grappling with the monumental role of human error, our latest interview …
New infosec products of the week: August 18, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Action1, MongoDB, Bitdefender, SentinelOne and Netskope. Action1 platform update …
30% of phishing threats involve newly registered domains
Phishing remains the most dominant and fastest growing internet crime, largely due to the ubiquity of email and the ceaseless issue of human error that is preyed upon by …
Federal agencies gear up for zero trust executive order deadline
Federal agencies are prepared to meet the zero trust executive order requirements from the Biden Administration with just over a year until the deadline, according to …
Citrix ShareFile vulnerability actively exploited (CVE-2023-24489)
CVE-2023-24489, a critical Citrix ShareFile vulnerability that the company has fixed in June 2023, is being exploited by attackers. GreyNoise has flagged on Tuesday a sudden …
Phishers use QR codes to target companies in various industries
A phishing campaign using QR codes has been detected targeting various industries, with the aim to acquire Microsoft credentials. “The most notable target, a major …
Featured news
Resources
Don't miss
- KillChainGraph: Researchers test machine learning framework for mapping attacker behavior
- AIDEFEND: Free AI defense framework
- Boards are being told to rethink their role in cybersecurity
- Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms
- New framework aims to outsmart malware evasion tricks