Collaborate Disseminate
In this Help Net Security interview, John Cohen, Executive Director, Program for Countering Hybrid Threats at the Center for Internet Security, discusses the four pillars of the National Framework for Action, emphasizing how these measures can combat t… Continue reading Enhancing national security: The four pillars of the National Framework for Action
In this Help Net Security interview, Detective Superintendent Ian Kirby, CEO of the National Cyber Resilience Centre Group (NCRCG), discusses the emerging cyber threats and strategies organizations can use to increase cyber resilience. He emphasizes ba… Continue reading Effective strategies for measuring and testing cyber resilience
Argus is an open-source toolkit that simplifies information gathering and reconnaissance. It features a user-friendly interface and a collection of powerful modules, enabling the exploration of networks, web applications, and security configurations. A… Continue reading Argus: Open-source information gathering toolkit
Recently, IBM X-Force released its 2024 Cloud Threat Landscape Report. This uses incident data and insights to reveal how attackers successfully compromise organizations by leveraging adversary-in-the-middle (AITM) attacks to bypass multi-factor authen… Continue reading Evolving cloud threats: Insights and recommendations
Broadcom has released new patches for previously fixed vulnerabilities (CVE-2024-38812, CVE-2024-38813) in vCenter Server, one of which hasn’t been fully addressed the first time and could allow attackers to achieve remote code execution. The vul… Continue reading VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812)
Attackers have exploited an XSS vulnerability (CVE-2024-37383) in the Roundcube Webmail client to target a governmental organization of a CIS country, Positive Technologies (PT) analysts have discovered. The vulnerability was patched in May 2024, in Ro… Continue reading Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383)
Government information technology leaders find themselves at a challenging balance point: On one end of the scale are increasing threats from cyber actors, bolstered by advanced technology like artificial intelligence (AI); on the other end is a longst… Continue reading IT security and government services: Balancing transparency and security
In this Help Net Security interview, Dr Kathryn Jones, Head of School, Computer Science and Informatics at Cardiff University, discusses the challenges and misconceptions that deter women from pursuing careers in cybersecurity. Dr Jones also outlines t… Continue reading Myths holding women back from cybersecurity careers
The ultimate guide to AI security: key AI security risks, vulnerabilities and strategies for protection. 61% of companies use AI, but few secure it. This whitepaper covers the key AI risks being overlooked from LLMs to RAG. Inside the Securing GenAI wh… Continue reading Whitepaper: Securing GenAI
In the last couple of days, Fortinet has released critical security updates for FortiManager, to fix a critical vulnerability that is reportedly being exploited by Chinese threat actors. Security updates are trickling out The company, which is known fo… Continue reading Fortinet releases patches for undisclosed critical FortiManager vulnerability