
Microsoft patches three exploited zero-days (CVE-2023-21715, CVE-2023-23376, CVE-2023-21823)
The February 2023 Patch Tuesday is upon us, with Microsoft releasing patches for 75 CVE-numbered vulnerabilities, including three actively exploited zero-day flaws …

Apple fixes actively exploited WebKit zero-day in iOS, macOS (CVE-2023-23529)
Apple has released security updates that fix a WebKit zero-day vulnerability (CVE-2023-23529) that “may have been actively exploited.” The bug has been fixed in …

Malware that can do anything and everything is on the rise
“Swiss Army knife” malware – multi-purpose malware that can perform malicious actions across the cyber-kill chain and evade detection by security controls – is on …

Steps CISA should take in 2023
Recently, I was asked to imagine that I had been granted an hour with top officials at the Cybersecurity and Infrastructure Security Agency (CISA) – what advice would I …

Get hired in cybersecurity: Expert tips for job seekers
The dire shortage of information security experts has left organizations struggling to keep up with the growing demand for their skills. Still, getting a job in cybersecurity …

Actionable intelligence is the key to better security outcomes
Despite the widespread belief that understanding the cyber threat actors who could be targeting their organization is important, 79% of respondents stated that their …

Vulnerabilities open Korenix JetWave industrial networking devices to attack
Three vulnerabilities found in a variety of Korenix JetWave industrial access points and LTE cellular gateways may allow attackers to either disrupt their operation or to use …

DHL, MetaMask phishing emails target Namecheap customers
A surge of phishing emails impersonating DHL and MetaMask have started hitting inboxes of Namecheap customers last week, attempting to trick recipients into sharing personal …

Can we predict cyber attacks? Bfore.AI says they can
Recently, at Cybertech Tel Aviv 2023, I met with Luigi Lenguito, CEO at Bfore.AI, who introduced me to their technology. In this Help Net Security interview, Lenguito talks …

Cybercriminals exploit fear and urgency to trick consumers
Cybercriminals remained active in spying and information stealing, with lottery-themed adware campaigns used as a tactic to obtain people’s contact details, according to …

Week in review: VMware ESXi servers under attack, ChatGPT’s malicious potential, Reddit breached
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: While governments pass privacy laws, companies struggle to change In this …

February 2023 Patch Tuesday forecast: A Valentine’s date
Patch Tuesday falls on Valentine’s Day this year but will it be a special date? While there have been ongoing cyber-attacks of all kinds, it has been relatively quiet on the …
Featured news
Resources
Don't miss
- NTLM relay attacks are back from the dead
- Africa’s cybersecurity crisis and the push to mobilizing communities to safeguard a digital future
- Google open-sources privacy tech for age verification
- You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad code
- Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)