North Korean IT workers are extorting employers, FBI warns

The FBI is on a mission to raise awareness about the threat that North Korean IT workers present to organizations in the US and around the world. While corporate espionage comes to mind first, the threat goes beyond that: “In recent months, in ad… Continue reading North Korean IT workers are extorting employers, FBI warns

GUI frontends for GnuPG, the free implementation of the OpenPGP standard

GnuPG is a free and comprehensive implementation of the OpenPGP standard. It enables encryption and signing of data and communications, featuring a key management system and support for public key directories. While primarily a command-line tool, GnuPG… Continue reading GUI frontends for GnuPG, the free implementation of the OpenPGP standard

Juniper enterprise routers backdoored via “magic packet” malware

A stealthy attack campaign turned Juniper enterprise-grade routers into entry points to corporate networks via the “J-magic” backdoor, which is loaded into the devices’ memory and spawns a reverse shell when instructed to do so. &#822… Continue reading Juniper enterprise routers backdoored via “magic packet” malware

Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw

Cisco has released patches for a critical privilege escalation vulnerability in Meeting Management (CVE-2025-20156) and a heap-based buffer overflow flaw (CVE-2025-20128) that, when triggered, could terminate the ClamAV scanning process on endpoints ru… Continue reading Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw

SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006)

A critical zero-day vulnerability (CVE-2025-23006) affecting SonicWall Secure Mobile Access (SMA) 1000 Series appliances is being exploited by attackers. “We strongly advises users of the SMA1000 product to upgrade to the hotfix release version t… Continue reading SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006)

Defense strategies to counter escalating hybrid attacks

In this Help Net Security interview, Tomer Shloman, Sr. Security Researcher at Trellix, talks about attack attribution, outlines solutions for recognizing hybrid threats, and offers advice on how organizations can protect themselves against hybrid atta… Continue reading Defense strategies to counter escalating hybrid attacks

Web Cache Vulnerability Scanner: Open-source tool for detecting web cache poisoning

The Web Cache Vulnerability Scanner (WCVS) is an open-source command-line tool for detecting web cache poisoning and deception. The scanner, developed by Maximilian Hildebrand, offers extensive support for various web cache poisoning and deception tech… Continue reading Web Cache Vulnerability Scanner: Open-source tool for detecting web cache poisoning

Funding soars in a milestone year for Israeli cybersecurity

In this Help Net Security video, Or Salom, Analyst at YL Ventures, discusses the State of the Cyber Nation Report 2024. The report reveals resilience and growth in the Israeli cybersecurity industry, with total investments reaching $4 billion across 89… Continue reading Funding soars in a milestone year for Israeli cybersecurity

Stratoshark: Wireshark for the cloud – now available!

Stratoshark is an innovative open-source tool that brings Wireshark’s detailed network visibility to the cloud, providing users with a standardized approach to cloud observability. Stratoshark incorporates much of Wireshark’s codebase, including its us… Continue reading Stratoshark: Wireshark for the cloud – now available!

Mirai botnet behind the largest DDoS attack to date

Researchers have uncovered two Mirai-based botnets harnessing Internet of Things (IoT) devices to DDoS target organizations around the world. The Murdoc botnet Qualys researchers have laid bare the “Murdoc” botnet, consisting of some 1,300 … Continue reading Mirai botnet behind the largest DDoS attack to date