Collaborate Disseminate
Microsoft followed their October precedent set with Windows 11 24H2 and announced Microsoft Server 2025 on the first of November. We were expecting the official announcement at Microsoft Ignite near the end of the month, but with the early release, ear… Continue reading November 2024 Patch Tuesday forecast: New servers arrive early
Through their past military service, veterans are trained to think like adversaries, often share that mission-driven spirit and excel when working with a team to achieve a larger goal. They develop and champion the unique traits that cybersecurity comp… Continue reading 4 reasons why veterans thrive as cybersecurity professionals
In this Help Net Security interview, Alex Freedland, CEO at Mirantis, discusses the cloud security challenges that CISOs need to tackle as multi-cloud and hybrid environments become the norm. He points out the expanded attack surfaces, the importance o… Continue reading Strategies for CISOs navigating hybrid and multi-cloud security
Vulnerability management has been the standard approach to fending off cyber threats for years. Still, it falls short by focusing on a limited number of vulnerabilities, often resolving only 1% to 20% of issues. In 2024, with the average data breach co… Continue reading Setting a security standard: From vulnerability to exposure management
A vulnerability (CVE-2024-5910) in Palo Alto Networks Expedition, a firewall configuration migration tool, is being exploited by attackers in the wild, the Cybersecurity and Infrastructure Security Agency (CISA) confirmed on Thursday. About CVE-2024-59… Continue reading Critical Palo Alto Networks Expedition bug exploited (CVE-2024-5910)
In a bold move, Apple has published a draft ballot for commentary to GitHub to shorten Transport Layer Security (TLS) certificates down from 398 days to just 45 days by 2027. The Apple proposal will likely go up for a vote among Certification Authority… Continue reading Apple’s 45-day certificate proposal: A call to action
Am I Isolated is an open-source container security benchmark that probes users’ runtime environments and tests for container isolation. The Rust-based container runtime scanner runs as a container, detecting gaps in users’ container runtime isola… Continue reading Am I Isolated: Open-source container security benchmark
In this Help Net Security video, David Cottingham, CEO of Airlock Digital, discusses the 2023-2030 Australian Cyber Security Strategy and reviews joint and individual cybersecurity efforts, progress, and strategies over the past year. The Australian Go… Continue reading A closer look at the 2023-2030 Australian Cyber Security Strategy
A recent spear-phishing campaign targeting industrial and engineering companies in Europe was aimed at saddling victims with the popular GuLoader downloader and, ultimately, a remote access trojan that would permit attackers to steal information from a… Continue reading Industrial companies in Europe targeted with GuLoader
North Korean hackers are targeting crypto-related businesses with phishing emails and novel macOS-specific malware. The crypto-related phishing campaign Since July 2024, phishing emails seemingly containing helpful information on risks related to the r… Continue reading North Korean hackers employ new tactics to compromise crypto-related businesses