GenAI makes phishing attacks more believable and cost-effective
GenAI is a powerful tool that can be used by security teams to protect organizations, however, it can also be used by malicious actors, making phishing-related attacks a …
New infosec products of the week: December 6, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Datadog, Fortinet, Radiant Logic, Sweet Security, Tenable, and Veza. FortiAppSec …
Law enforcement shuts down Manson Market cybercrime marketplace
Europol has supported the dismantling of a sophisticated criminal network responsible for facilitating large-scale online fraud. In an operation led by the Hanover Police …
Mitel MiCollab zero-day and PoC exploit unveiled
A zero-day vulnerability in the Mitel MiCollab enterprise collaboration suite can be exploited to read files containing sensitive data, watchTowr researcher Sonny Macdonald …
8 US telcos compromised, FBI advises Americans to use encrypted communications
FBI and Cybersecurity and Infrastructure Security Agency (CISA) officials have advised Americans to use encrypted call and messaging apps to protect their communications from …
Download: The Ultimate Guide to the CCSP
Even the brightest minds benefit from guidance on the journey to success. The Ultimate Guide to the CCSP covers everything you need to know about the world’s leading cloud …
Preparing for Q-day: The essential role of cloud migration in securing enterprise data
As the era of quantum computing draws closer, businesses face a new and unprecedented threat to data security: “Q-day.” This looming turning point—when quantum …
How the Shadowserver Foundation helps network defenders with free intelligence feeds
In this Help Net Security interview, Piotr Kijewski, CEO of The Shadowserver Foundation, discusses the organization’s mission to enhance internet security by exposing …
Solana’s popular web3.js library backdoored in supply chain compromise
A software supply chain attack has lead to the publication of malicious versions of Solana’s web3.js library on the npm registry. Just like the recent Lottie Player …
How widespread is mercenary spyware? More than you think
A targeted hunt on 2,500 mobile devices for indicators of compromise associated with mercenary spyware has revealed that its use is not as rare as one would hope. The results …
Product showcase: Securing Active Directory passwords with Specops Password Policy
Password policies are a cornerstone of cybersecurity for any organization. A good password policy ensures every end user has a strong and unique password, significantly …
PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785)
Researchers have published a proof-of-concept (PoC) exploit for CVE-2024-8785, a critical remote code execution vulnerability affecting Progress WhatsUp Gold, a popular …
Featured news
Resources
Don't miss
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)
- RIFT: New open-source tool from Microsoft helps analyze Rust malware