Security News
2024 is expected to witness a surge in cyberattacks driven by global events and the widespread accessibility of advanced technologies. In this Help Net Security round-up, we present segments from previously recorded videos where cybersecurity experts discuss predictions for 2024, providing a comprehensive perspective on the challenges and opportunities awaiting organizations.
ExpressVPN has removed the split tunneling feature from the latest version of its software after finding that a bug exposed the domains users were visiting to configured DNS servers. A bug in this feature caused DNS requests of users not to be directed to ExpressVPN's infrastructure, as they should, but to the user's internet service provider.
The U.S. Justice Department (DoJ) on Friday announced the seizure of online infrastructure that was used to sell a remote access trojan (RAT) called Warzone RAT. The domains – www.warzone[.]ws and...
Choosing the right partner when outsourcing cybersecurityIn this Help Net Security interview, Anya Shpilman, Senior Executive, Cyber Security Services at WDigital, discusses the benefits and potential risks of outsourcing cybersecurity services. Key strategies for ISO 27001 compliance adoptionIn this Help Net Security interview, Robin Long, founder of Kiowa Security, shares insights on how best to approach the implementation of the ISO/IEC 27001 information security standard.
Recent versions of the Raspberry Robin malware are stealthier and implement one-day exploits that are deployed only on systems that are susceptible to them. According to a report from Check Point, Raspberry Robin has recently used at least two exploits for 1-day flaws, which indicates that the malware operator either has the capability to develop the code or has sources that provide it.
By 2025, Britain is set to ditch physical immigration status documents such as Biometric Residence Permits and Biometric Residence Cards in a bid to make its borders digital, which is in-line with developed countries like Australia. Presently, students, workers, immigrants and their dependents from non-EU countries residing in the UK are eventually issued Biometric Residence Permits, cards which are proof of their immigration status in the country.
Apple macOS users are the target of a new Rust-based backdoor that has been operating under the radar since November 2023.The backdoor codenamed “RustDoor” by Bitdefender, has been found to impersonate an update for Microsoft Visual Studio and target both Intel and Arm architectures.
More than 70,000 presumably legit websites have been hijacked and drafted into a network that crooks use to distribute malware, serve phishing pages, and share other dodgy stuff, according to researchers. In the case of VexTrio, tens of thousands of websites are compromised so that their visitors are redirected to pages that serve up malware downloads, show fake login pages to steal credentials, or perform some other fraud or cyber-crime.
Amusing story about a penguin named "Squid." As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.
In disclosing yet another vulnerability in its Connect Secure, Policy Secure, and ZTA gateways, Ivanti has confused the third-party researchers who discovered it. Researchers at watchTowr blogged today about not being credited with the discovery of CVE-2024-22024 - the latest in a series of vulnerabilities affecting Ivanti gateways as the vendor continues to develop patches for supported versions.