Collaborate Disseminate
In this Help Net Security video, Frank Kim, SANS Institute Fellow, explains why more enterprises must consider many challenges before implementing advanced technology in their platforms. Without adequately assessing and understanding the risks accompan… Continue reading Assessing AI risks before implementation
In this Help Net Security interview, Ben Colman, CEO of Reality Defender, discusses the challenges of detecting high-quality deepfakes in real-world applications. He addresses the effectiveness and limitations of watermarking, AI-based detection, and t… Continue reading The limits of AI-based deepfake detection
In this Help Net Security video, Dror Liwer, co-founder of Coro, discusses how the EU’s NIS2, its latest security directive for businesses, officially became enforceable recently. This means EU companies face more demanding requirements for inter… Continue reading Why the NIS2 Directive causes growing pains for businesses
An analysis of the websites belonging to companies that served as a front for getting North Korean IT workers remote jobs with businesses worldwide has revealed an active network of such companies originating in China. Unearthing North Korean IT front … Continue reading Active network of North Korean IT front companies exposed
Attackers have compromised around 2,000 Palo Alto Networks firewalls by leveraging the two recently patched zero-days (CVE-2024-0012 and CVE-2024-9474), Shadowserver Foundation’s internet-wide scanning has revealed. Compromised devices are predom… Continue reading 2,000 Palo Alto Networks devices compromised in latest attacks
ESET researchers have identified multiple samples of two previously unknown Linux backdoors: WolfsBane and FireWood. The goal of the backdoors and tools discovered is cyberespionage that targets sensitive data such as system information, user credentia… Continue reading Researchers unearth two previously unknown Linux backdoors
AxoSyslog is a syslog-ng fork, created and maintained by the original creator of syslog-ng, Balazs Scheidler, and his team. “We first started by making syslog-ng more cloud-ready: we packaged syslog-ng in a container, added helm charts, and made it mor… Continue reading AxoSyslog: Open-source scalable security data processor
Human-led penetration testing is an essential practice for any organization seeking to proactively address potential attack vectors. However, this indispensable pentesting method is often limited by several factors: high resource demands, project time … Continue reading Product showcase: Augmenting penetration testing with Plainsea
The CWE list of the 25 most dangerous software weaknesses demonstrates the currently most common and impactful software flaws. Identifying the root causes of these vulnerabilities provides insights to shape investments, policies, and practices that pro… Continue reading CWE top 25 most dangerous software weaknesses
In this Help Net Security interview, Brooke Motta, CEO of RAD Security, talks about how cloud-specific threats have evolved and what companies should be watching out for. She discusses the growing complexity of cloud environments and the importance of … Continue reading Enhancing visibility for better security in multi-cloud and hybrid environments