Security News

MITRE has been breached by attackers via two zero-day vulnerabilities in Ivanti's Connect Secure VPN devices. The attackers have also managed to move laterally and compromise the company network's VMware infrastructure, MITRE confirmed late last week.

In this Help Net Security video, Sonu Shankar, Chief Strategy Officer at Phosphorus, discusses how Blackjack’s Fuxnet malware should be a wakeup call to industrial operators about the...

Cyber resilience is a top priority for global organizations, and understanding threats plays a crucial role in building and maintaining a layered security approach. This Help Net Security round-up presents excerpts from previously recorded videos featuring security experts discussing various cybersecurity aspects and best practices in different domains.

In this Help Net Security video, Trevor Hilligoss, VP of SpyCloud Labs, discusses the 2024 SpyCloud Identity Exposure Report, an annual report examining the latest trends in cybercrime and its impact. Researchers recaptured nearly 1.38 billion passwords circulating the darknet in 2023, an 81.5% year-over-year increase from 759 million in 2022.

In today's rapidly evolving digital landscape, organizations face an increasingly complex array of cybersecurity threats. The proliferation of cloud services and remote work arrangements has...

Many companies consider AI-powered threats to be the top cloud security threat to their business. Concerningly, less than half are confident in their ability to tackle those threats, according to a recent Aqua Security survey.

According to McAfee, apps, whether for communication, productivity, or gaming, are among the biggest threats to mobile security. Technavio expects the global mobile security software market to grow by $2.75 billion between 2020 and 2025, expanding at a CAGR of 9.68%. In this Help Net Security video, Michael Covington, VP of Portfolio Strategy at Jamf, discusses planning a mobile security strategy.

GSM Association's Fraud and Security Group has published the first version of a framework for describing, in a structured way, how adversaries attack and use mobile networks, based on the tactics, techniques and procedures that they use.The Mobile Threat Intelligence Framework is focused on mobile network-related attacks that are not already covered by existing public frameworks like MITRE ATT&CK and MITRE FiGHT. In scope are 2G, 3G, 4G, 5G, including all kind of telecommunication service enablers and future mobile technology evolutions.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

A threat actor quietly spent the last two years integrating themself in the core team of maintainers of XZ Utils, a free software command-line data compressor widely used in Linux systems. The CVE-2024-3094 backdoor found in XZ Utils was implemented to interfere with authentication in SSHD, the OpenSSH server software that handles SSH connections.