Atlassian has patched a critical vulnerability (CVE-2023-22527) in Confluence Data Center and Confluence Server that could lead to remote code execution. The good news is that the flaw was fixed in early December 2023 with the release of versions 8.5.4…
Tag: Help Net Security
Fortinet unveils networking solution integrated with Wi-Fi 7
Fortinet announced a comprehensive secure networking solution integrated with Wi-Fi 7. Fortinet’s first Wi-Fi 7 access point, FortiAP 441K, delivers increased speed and capacity, and the new FortiSwitch T1024 is purpose-built with 10 Gigabit Ethernet (GE) access and 90W Power…
Skopenow Grid detects the earliest signals of critical risks
Skopenow launched Grid, its new 360-degree situational awareness solution. Grid equips security, intelligence, and investigative teams worldwide with enhanced proactive threat intelligence capabilities, enabling real-time detection of risks to people, assets, and operations. In a global landscape marked by uncertainty,…
1,700 Ivanti VPN devices compromised. Are yours among them?
Over 1,700 Ivanti Connect Secure VPN devices worldwide have been compromised by attackers exploiting two zero-days with no patches currently available. “Additional threat actors beyond UTA0178 appear to now have access to the exploit and are actively trying to exploit…
Accenture and SandboxAQ offer protection against quantum-based decryption attacks
Accenture and SandboxAQ are partnering to deliver AI and quantum computing solutions to help organizations identify and remediate cybersecurity vulnerabilities. According to recent Accenture research, executives’ top concern for 2024 is the ability to adapt to advancements in technology and…
10 cybersecurity frameworks you need to know about
As cyber threats grow more sophisticated, understanding and implementing robust cybersecurity frameworks is crucial for organizations of all sizes. This article lists the most essential cybersecurity frameworks developed to guide businesses and governments in safeguarding their digital assets. From the…
3 ways to combat rising OAuth SaaS attacks
OAuth attacks are on the rise. In December, the Microsoft Threat Intelligence team observed threat actors misusing OAuth apps to take over a cloud server and mine cryptocurrency, establish persistence following business email compromise and launch spam activity using the…
Tsurugi Linux: Tailoring user experience for digital forensics and OSINT investigations
Tsurugi Linux is a heavily customized open-source distribution focused on supporting DFIR investigations. The project focuses mainly on live forensics analysis, post-mortem analysis, and digital evidence acquisition. Users can also perform malware analysis, OSINT and computer vision activities. “We’ve crafted…
Geopolitical tensions combined with technology will drive new security risks
Misinformation and disinformation are biggest short-term risks, while extreme weather and critical change to Earth systems are greatest long-term concern, according to the Global Risks 2024 Report from the World Economic Forum. Against a backdrop of systemic shifts in global…
Windows SmartScreen bug exploited to deliver powerful info-stealer (CVE-2023-36025)
A vulnerability (CVE-2023-36025) that Microsoft fixed in November 2023 continues to be exploited by malware peddlers: this time around, the delivered threat is a variant of the Phemedrone Stealer. About the malware Phemedrone Stealer is a piece of malware written…