Security News

A federal grand jury in Maryland returned an indictment charging a Russian citizen with conspiracy to hack into and destroy computer systems and data. According to court documents, in Jan. 2022, members of the Main Intelligence Directorate of the General Staff of the Russian Federation conspired to use a U.S.-based company's services to distribute malware known in the cybersecurity community as WhisperGate to dozens of Ukrainian government entities' computer systems and destroy those systems and related data in advance of the Russian invasion of Ukraine.

A critical security flaw has been disclosed in Fortra FileCatalyst Workflow that, if left unpatched, could allow an attacker to tamper with the application database. Tracked as CVE-2024-5276, the...

Gitleaks is an open-source SAST tool designed to detect and prevent hardcoded secrets such as passwords, API keys, and tokens in Git repositories. With more than 15 million Docker downloads, 16,200 GitHub stars, 7 million GitHub downloads, thousands of weekly clones, and over 700,000 Homebrew installs, Gitleaks is one of the most trusted secret scanners among security professionals, enterprises, and developers.

Cyberespionage groups have been using ransomware as a tactic to make attack attribution more challenging, distract defenders, or for a financial reward as a secondary goal to data theft. A joint report from SentinelLabs and Recorded Future analysts presents the case of ChamelGang, a suspected Chinese advanced persistent threat that has been using the CatB ransomware strain in attacks that impact high-profile organizations worldwide.

"Each iteration of this report highlights startling new trends: novel malware is growing with no signs of stopping, and threat actors are highly motivated, be it for financial gain or to create chaos," said Ismael Valenzuela, VP of Threat Research and Intelligence at BlackBerry. "In a year where over 50 countries are holding elections, geopolitical tensions are at an all-time high, and every nation will soon be fixated on the Olympic Games, the threat landscape can feel overwhelming to navigate. This report provides a snapshot of where threat actors are looking, how they are operating, and what we can expect in the coming months so defenders can be one step ahead," added Valenzuela.

Last year alone, over 30,000 new vulnerabilities were published, with a new vulnerability emerging approximately every 17 minutes - averaging 600 new vulnerabilities per week, according to Skybox Security. The report highlights a critical gap in remediation efforts, with the average time to patch exceeding 100 days, contrasted against the finding that 75% of new vulnerabilities are exploited in 19 days or less.

Across various tasks, from predictive analytics to code generation, organizations in all sectors are exploring how AI can add value and increase efficiency. In this Help Net Security video, Ryan Booz, PostgreSQL Advocate at Redgate, discusses the key findings of Redgate's State of the Database Landscape Report.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.