Barracuda email security appliances hacked via zero-day vulnerability (CVE-2023-2868)
A vulnerability (CVE-2023-2868) in Barracuda Networks’ Email Security Gateway (ESG) appliances has been exploited by attackers, the company has warned. About CVE-2023-2868 CVE-2023-2868 is a critical remote command injection vulnerability affec.....»»
Comcast Business MDR limits the impact of cyber threats
Comcast Business has expanded its cybersecurity portfolio with the launch of its Comcast Business Managed Detection and Response (MDR) solution. The solution combines an advanced security analytics platform and Security Operations Center (SOC) to hel.....»»
PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389)
More details of and a proof-of-concept exploit for an unauthenticated OS command injection vulnerability (CVE-2024-2389) in Flowmon, Progress Software’s network monitoring/analysis and security solution, have been published. The critical vulner.....»»
Prophet Security emerges from stealth and raises $11 million
Prophet Security emerged from stealth with $11 million in seed financing led by Bain Capital Ventures (BCV) with participation from several security leaders and angel investors. At the core of the company’s unveiling is Prophet AI for Security Oper.....»»
Photos: GISEC Global 2024
GISEC Global is taking place from April 23 to April 25, 2024, at the Dubai World Trade Centre. Here are a few photos from the event, featured vendors include: Waterfall Security Solutions, Netskope, Google Cloud, Huawei, NetSPI, SecureLink, Cloudflar.....»»
Binarly releases Transparency Platform v2.0 to improve software supply chain security
Binarly releases the Binarly Transparency Platform v2.0 with features for continuous post-build compliance, visibility into the security posture of IoT and XIoT devices, and the ability to identify malicious behavior and hidden backdoors within binar.....»»
GISEC Global 2024 video walkthrough
In this Help Net Security video, we take you inside GISEC Global, which is taking place from April 23 to April 25, 2024, at the Dubai World Trade Centre. The video features the following vendors: Sophos, Waterfall Security Solutions, UAE Cyber Securi.....»»
eBook: Cloud security skills
Demonstrating a sound understanding of cloud security key principles and practices opens various professional opportunities. But first, you need the right mix of technical and soft skills to emerge as a leader. Inside this eBook: Why a career in clou.....»»
Cybersecurity jobs available right now: April 24, 2024
Blockchain Security Researcher StarkWare | Israel | On-site – View job details The Security Researcher will be responsible for conducting in-depth research and analysis on the security of blockchain systems, protocols and the infrastr.....»»
AI set to play key role in future phishing attacks
A staggering increase in QR code phishing (quishing) attacks during 2023 saw them skyrocket up the list of concerns for cyber teams globally, according to Egress. Attacks were both prolific and highly successful, demonstrating how cybercriminals effe.....»»
GenAI can enhance security awareness training
One of the biggest concerns over generative AI is its ability to manipulate us, which makes it ideal for orchestrating social engineering attacks. From mining someone’s digital footprint to crafting highly convincing spear phishing emails, to voice.....»»
Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028)
For nearly four years and perhaps even longer, Forest Blizzard (aka Fancy Bear, aka APT28) has been using a custom tool that exploits a specific vulnerability in Windows Print Spooler service (CVE-2022-38028). Dubbed GooseEgg, the tool is a launcher.....»»
Forcepoint DSPM safeguards sensitive information by examining data context and content
Forcepoint has launched Forcepoint Data Security Posture Management (DSPM), driven by AI to deliver real-time visibility, ease privacy compliance and minimize risks for data stored in multi-clouds and networks, including endpoints. Forcepoint DSPM ha.....»»
Invicti Predictive Risk Scoring identifies highest-risk applications
Invicti announced its new AI-enabled Predictive Risk Scoring capability. The feature assigns predicted risk to applications and helps organizations gain a strategic view of their overall application security risk. Predictive Risk Scoring allows organ.....»»
Beyond higher temperatures: Preparing for national security risks posed by climate change
When talk turns to climate change, certain images pop to mind—maybe polar bears on ever-shrinking ice floes, coral reefs drained of color, or more powerful hurricanes hitting the coast......»»
Fisker appoints chief restructuring officer after missing payment to noteholder
Fisker said in its 2023 annual report that it may have to file for bankruptcy protection within 30 days if it does not get relief from its creditors. A forbearance agreement with one noteholder expires May 1......»»
Vastly bigger than the Black Summer: 84 million hectares of northern Australia burned in 2023
It may come as a surprise to hear 2023 was Australia's biggest bushfire season in more than a decade. Fires burned across an area eight times as big as the 2019–20 Black Summer bushfires that tore through 10 million hectares in southeast Australia......»»
How to disable VBS in Windows 11 to improve gaming
Windows 11's security features can cause a drop in gaming performance. If you want to make sure yours isn't impacted, here's how to turn off VBS in Windows 11......»»
iPhone isn"t secureable enough for the South Korea military - but Android is
An iPhone ban in the South Korean military that has less to do with security and more to do with a poorly crafted mobile device management suite coupled with nationalism may be expanding to the rank-and-file.iPhone 15 Pro Max and iPhone 14 Pro MaxThe.....»»
Trellix Email Security for Microsoft Office 365 improves email defense
Trellix announced Trellix Email Security for Microsoft Office 365. Combining threat detection, threat intelligence, and security expertise, Trellix offers Microsoft Office 365 customers more cost-effective alternative to Microsoft Defender for Office.....»»
CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040)
A vulnerability (CVE-2024-4040) in enterprise file transfer solution CrushFTP is being exploited by attackers in a targeted fashion, according to Crowdstrike. The vulnerability allows attackers to escape their virtual file system and download system.....»»