Collaborate Disseminate
Raj Samani, SVP, Chief Scientist, Rapid7, discusses the tactics observed from a recent case of espionage, and what can be learned from such observations. This video was recorded at IRISSCON 2022, an annual conference organized by IRISSCERT. The all-day… Continue reading Tracking the adversary
Microsoft has released its final monthly batch of security updates for 2022, fixing more than four dozen security holes in its various Windows operating systems and related software. The most pressing patches include a zero-day vulnerability in a Windows feature that tries to flag malicious files from the Web, a critical bug in PowerShell, and a dangerous flaw in Windows 11 systems that was detailed publicly prior to this week’s Patch Tuesday. Continue reading Microsoft Patch Tuesday, December 2022 Edition
Kali Linux is a specialized Linux distribution developed by Offensive Security, designed for experienced Linux users who need a customized platform for penetration testing. Kali Linux also comes with several hundred specialized tools for carrying out p… Continue reading 5 Kali Linux tools you should learn how to use
The Irish Reporting and Information Security Service’s (IRISSCERT) Conference on Cybercrime will be on the 10th of November 2022 in the Aviva stadium. This all-day conference will focus on providing attendees with an overview of the current cyber threa… Continue reading IRISSCERT brings eminent cybersecurity experts to its conference in Dublin
A freshly fixed vulnerability (CVE-2022-42889) in the Apache Commons Text library has been getting attention from security researchers these last few days, worrying it could lead to a repeat of the Log4Shell dumpster fire. But the final verdict shows t… Continue reading Apache Commons Text flaw is not a repeat of Log4Shell (CVE-2022-42889)
Microsoft today released updates to fix at least 85 security holes in its Windows operating systems and related software, including a new zero-day vulnerability in all supported versions of Windows that is being actively exploited. However, noticeably absent from this month’s Patch Tuesday are any updates to address a pair of zero-day flaws being exploited this past month in Microsoft Exchange Server. Continue reading Microsoft Patch Tuesday, October 2022 Edition
A still unpatched vulnerability (CVE-2022-41352) in Zimbra Collaboration is being exploited by attackers to achieve remote code execution on vulnerable servers. About the vulnerability Zimbra Collaboration (formerly Zimbra Collaboration Suite) is cloud… Continue reading Unpatched Zimbra RCE bug exploited by attackers (CVE-2022-41352)
QNAP Systems has provided more information about the latest DeadBolt ransomware campaign targeting users of its network-attached storage (NAS) devices and the vulnerability the attackers are exploiting (CVE-2022-27593). About CVE-2022-27593 CVE-2022-27… Continue reading Thousands of QNAP NAS devices hit by DeadBolt ransomware (CVE-2022-27593)
Enterprises are investing more in cybersecurity than ever before, but we’re also seeing a record number of breaches. More than 5.1 billion pieces of personal information were reported stolen last year, and the average cost of a breach has climbed to $4… Continue reading Why it’s past time we operationalized cybersecurity
In this Help Net Security video, we take you inside Black Hat USA 2022 at the Mandalay Bay Convention Center in Las Vegas. The video features the following vendors: Abnormal Security, Adaptive Shield, Airgap, Akamai, Anomali, Arctic Wolf Networks, Aris… Continue reading Black Hat USA 2022 video walkthrough