On February 2024 Patch Tuesday, Microsoft has delivered fixes for 72 CVE-numbered vulnerabilities, including two zero-days (CVE-2024-21412, CVE-2024-21351) that are being leveraged by attackers in the wild. About CVE-2024-21412 and CVE-2024-21351 CVE-2024-21412 allows attackers to bypass the Microsoft Defender SmartScreen…
Tag: Help Net Security
Sumsub Deepfake Detection combats AI-driven identity fraud
Sumsub has launched a Deepfake Detection feature integrated into its Video Identification solution. This comes as AI-powered fraud increasingly targets businesses, not just individual users. Sumsub’s 2023 Identity Fraud Report revealed a 10x increase in the number of deepfakes detected…
Global malicious activity targeting elections is skyrocketing
With more voters than ever in history heading to the polls in 2024, Resecurity has identified a growing trend of malicious cyber-activity targeting sovereign elections globally. In an era of unprecedented geopolitical volatility, this trend is particularly concerning, as Time…
Sigma Software Studio unifies and streamlines software development processes
Sigma Defense Systems launched Sigma Software Studio, a DevSecOps platform poised to revolutionize software development for the DoD and government agencies. Rooted in Sigma’s collaboration with PEO Digital and Black Pearl, Sigma Software Studio, is a DevSecOps platform designed for…
Nucleus Security raises $43 million to redefine how businesses manage their attack surface
Nucleus Security has announced it has secured $43 million in Series B funding led by Arthur Ventures and Lead Edge Capital. This milestone marks a significant leap forward in the company’s mission to redefine how enterprises manage risk exposure from…
Attackers injected novel DSLog backdoor into 670 vulnerable Ivanti devices (CVE-2024-21893)
Hackers are actively exploiting a vulnerability (CVE-2024-21893) in Ivanti Connect Secure, Policy Secure and Neurons for ZTA to inject a “previously unknown and interesting backdoor” dubbed DSLog. CVE-2024-21893 patches and exploitation Ivanti disclosed CVE-2024-21893 – a server-side request forgery (SSRF)…
Roundcube webmail XSS vulnerability exploited by attackers (CVE-2023-43770)
CVE-2023-43770, a vulnerability in the Roundcube webmail software that has been fixed in September 2023, is being exploited by attackers in the wild, CISA has warned by adding the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. About CVE-2023-43770 Roundcube…
The future of cybersecurity: Anticipating changes with data analytics and automation
In this Help Net Security interview, Mick Baccio, Staff Security Strategist at Splunk SURGe, discusses the future of cybersecurity, emphasizing the importance of data analytics and automation in addressing evolving threats. He points out the changes in threat tactics, the…
Protecting against AI-enhanced email threats
Generative AI based on large language models (LLMs) has become a valuable tool for individuals and businesses, but also cybercriminals. Its ability to process large amounts of data and quickly generate results has contributed to its widespread adoption. AI in…
Product showcase: SearchInform Risk Monitor – next-gen DLP based insider threat mitigation platform
Basically, DLP systems are aimed at prevention of data leaks, and in real-life mode they monitor and block (if required) transmitting of confidential data. However, the traditional approach to DLP system isn’t sufficient. That’s why SearchInform offers the next-gen platform…