Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) April 2025 Patch Tuesday is here, and Microsoft has delivered fixes for 120+ vulnerabilities, including a zero-day (CVE-2025-29824) that’s under active attack. WinRAR MotW bypass flaw fixed, update ASAP (CVE-2025-31334) WinRAR users, upgrade your software as soon as possible: a vulnerability (CVE-2025-31334) that could allow attackers to bypass Windows’ Mark of the … More →

The post Week in review: Microsoft patches exploited Windows CLFS 0-day, WinRAR MotW bypass flaw fixed appeared first on Help Net Security.

A threat actor that has been using known old FortiOS vulnerabilities to breach FortiGate devices for years has also been leveraging a clever trick to maintain undetected read-only access to them after the original access vector was locked down, Fortinet has revealed on Thursday. “[Read-only access] was achieved via creating a symbolic link connecting the user filesystem and the root filesystem in a folder used to serve language files for the SSL-VPN,” Fortinet CISO Carl … More →

The post Hackers exploit old FortiGate vulnerabilities, use symlink trick to retain limited access to patched devices appeared first on Help Net Security.

Today, in the age of quantum threats, AI and sophisticated digital manipulations, the question is: where does the human factor end, and where does technology begin? This reality, primarily in the context of cybersecurity, will be discussed at the Span Cyber Security Arena conference, which will be held in Opatija, May 19-21. After last year’s conference gathered more than 500 visitors in Zagreb in just one day, this year’s three-day edition brings more than 30 … More →

The post Span Cyber Security Arena 2025: Infosec leaders to discuss the future of digital defense appeared first on Help Net Security.

KELA unveiled Digital Cyber Analysts, next-generation AI-powered digital employees designed to transform how security teams consume, prioritize, and act on threat intelligence. These always-on, interactive agents enhance the speed and efficiency of both enterprise security teams, government and law enforcement organizations and security service providers delivering reliable, context-rich insights in seconds that dramatically reduce analyst workload. While the industry faces an increasing cybersecurity talent shortage, combined with the proliferation of threat actors leveraging dark AI … More →

The post KELA Digital Cyber Analysts improves security teams’ efficiency appeared first on Help Net Security.

In this Help Net Security interview, Norah Beers, CISO at Grayscale, discusses key security challenges in managing crypto assets, adversary tactics, private key management, and securing both hot and cold wallets. From a threat modeling perspective, what unique adversary tactics do you see in the crypto space that don’t often appear in traditional finance? The adversaries themselves aren’t fundamentally different between traditional finance and the crypto industry, but certain of the tactics they employ are … More →

The post Why security culture is crypto’s strongest asset appeared first on Help Net Security.

Ransomware attacks increased by nearly 20% in 2024, and the severity rose by 13%, according to At-Bay. The blast radius of ransomware continues to grow as businesses impacted by attacks on vendors and partners increased 43%, while the average cost of these third-party incidents jumped by 72%. “Remote access tools like VPNs and RDP continue to attract a high level of attention from cybercriminals. In 2024, they were correlated with 80% of ransomware attacks, up … More →

The post Ransomware groups push negotiations to new levels of uncertainty appeared first on Help Net Security.

Remote work is seen as more than a temporary solution, it’s a long-term strategy for many organizations. Remote work cybersecurity challenges Unsecured networks: Workers often operate from home or public Wi-Fi networks that don’t have the security features of corporate environments. Bring Your Own Device (BYOD): Personal devices are frequently used for work, but these devices may not have the same security protections as company-issued ones. They often lack up-to-date software, antivirus protection, and can … More →

The post Why remote work is a security minefield (and what you can do about it) appeared first on Help Net Security.

2024 brought about countless new cybersecurity challenges including significant growth of the mobile threat landscape, according to Lookout. Threat actors, ranging from nation-states to individuals, are increasingly targeting mobile devices for the onset of their attacks to steal credentials and infiltrate the enterprise cloud in a pathway known as the modern kill chain. More than ever, organizations of every size across every industry must view mobile targeting as a canary in the coal mine – … More →

The post iOS devices face twice the phishing attacks of Android appeared first on Help Net Security.

Here’s a look at the most interesting products from the past week, featuring releases from Forescout, Index Engines, Jit, RunSafe Security, and Seal Security. Jit launches AI agents to ease AppSec workload Jit has launched its new AI agents to offload specific and tedious tasks from AppSec teams such as creating risk assessments, threat models, and compliance reports; while making it easy to take action on mitigating security risk. As a result, AppSec teams can … More →

The post New infosec products of the week: April 11, 2025 appeared first on Help Net Security.

CyberArk announced the CyberArk Secure AI Agents Solution, which will allow organizations to implement identity-first security for agentic AI using the CyberArk Identity Security Platform. The solution will help organizations mitigate new and unique identity-centric risks as AI agents autonomously communicate with other agents, access sensitive information, escalate privileges, interact with critical infrastructure, and modify their behaviors to accomplish complex tasks. According to Gartner, “By 2028, 25% of enterprise breaches will be traced back to … More →

The post CyberArk releases identity security solution for AI agents appeared first on Help Net Security.

US President Donald Trump has signed an Executive Order on Wednesday to revoke security clearance held by Chris Krebs, the former director of the Cybersecurity and Infrastructure Security Agency (CISA), and his colleagues at SentinelOne. “The Order also suspends any active security clearance held by individuals at entities associated with Krebs, including SentinelOne, pending a review of whether such clearances are consistent with the national interest,” the White House announced. The EO also effectively orders … More →

The post Trump orders revocation of security clearances for Chris Krebs, SentinelOne appeared first on Help Net Security.

Fortinet has released patches for flaws affecting many of its products, among them a critical vulnerability (CVE-2024-48887) in its FortiSwitch appliances that could allow unauthenticated attackers to gain access to and administrative privileges on vulnerable devices. About CVE-2024-48887 Fortinet offers a range of FortiSwitch networking appliances, including access switches, distribution switches (for managing traffic), industrial/rugged switches, and core switches designed for data centers. Fortinet describes CVE-2024-48887 as an unverified password change vulnerability in the FortiSwitch … More →

The post FortiSwitch vulnerability may give attackers control over vulnerable devices (CVE-2024-48887) appeared first on Help Net Security.

Seal Security launched Seal Base Images, a solution designed to future-proof containerized applications. Seal Base Images delivers secure, continuously updated, and vulnerability-free base images, effectively eliminating up to 99% of potential future vulnerabilities. Standard container base images frequently contain unpatched vulnerabilities, creating significant security risks. Slow and inconsistent patching processes, coupled with unclear SBOMs, leave applications exposed. Seal Base Images directly addresses these challenges by providing hardened, reliably maintained base images with fast, consistent vulnerability … More →

The post Seal Base Images mitigates container vulnerabilities appeared first on Help Net Security.

Keysight Technologies announces the Next-Generation Embedded Security Testbench, a consolidated and scalable test solution designed to address the increasing complex security testing demands of modern chips and embedded devices. This new solution offers enhanced flexibility, reduces test setup complexities, and improves the reliability and repeatability of critical security evaluations. The proliferation of connected devices and the escalating sophistication of security threats create significant challenges for developers and security labs. Traditional security testing often involves cumbersome … More →

The post Keysight simplifies security testing for modern chips and embedded devices appeared first on Help Net Security.

One of the most pressing concerns with AI adoption is data leakage. Consider this: An employee logs into their favorite AI chatbot, pastes sensitive corporate data, and asks for a summary. Just like that, confidential information is ingested into a third-party model beyond your control. Even with data loss prevention (DLP) policies, AI data leaks are challenging to prevent. If the AI system is cloud-based and employees can access it externally, companies may never know … More →

The post How to find out if your AI vendor is a security risk appeared first on Help Net Security.

From a psychological standpoint, we all crave attention, and likes and comments fuel that need, encouraging us to share even more on social media. In the corporate world, this risk grows exponentially because it’s not just our personal information at stake, but the security of the entire company. Social media oversharing creates a cybersecurity risk for companies Every piece of data we share is like a puzzle piece. LinkedIn reveals job titles, Facebook and Instagram … More →

The post From likes to leaks: How social media presence impacts corporate security appeared first on Help Net Security.

Packed with real-world scenarios, hands-on techniques, and insights into widely used tools, the third edition of the bestselling Ultimate Kali Linux Book offers a practical path to learning penetration testing with Kali Linux. About the author Glen D. Singh, a seasoned cybersecurity author and lecturer, brings deep expertise in cybersecurity operations, offensive security tactics, and enterprise networking. He holds an MSc in Cybersecurity and numerous industry certifications. Inside the book One of the best things … More →

The post Review: The Ultimate Kali Linux Book, Third Edition appeared first on Help Net Security.

Forescout announced new Forescout eyeScope cloud visibility and monitoring solution, expanding the Forescout 4D Platform to the cloud. Forescout also announced a new, small footprint, edge data collector for enterprises that require Forescout’s asset intelligence capabilities managed from the cloud for streamlined deployment and faster time to value. Forescout’s asset intelligence and control for managed, unmanaged, and agentless devices has never been more essential. As the latest “Riskiest Connected Devices in 2025” report from Forescout … More →

The post Forescout eyeScope provides organizations with insight into their security posture appeared first on Help Net Security.

Enzoic for AD Lite Password Auditor is an innovative tool designed to integrate with an organization’s Active Directory environment seamlessly. Enzoic analyzed the 2024 AD Lite Password Auditor data to produce this report. New mandates and heightened awareness in 2024 have pushed organizations to scan an unprecedented number of AD accounts using the Enzoic AD Lite Password Auditor. Between 2020 and 2024, Enzoic AD Lite Password Auditor user scans increased 315%, highlighting the rapid increase … More →

The post Enzoic AD Lite Password Audit Report appeared first on Help Net Security.

WhatsApp users are urged to update the Windows client app to plug a serious security vulnerability (CVE-2025-30401) that may allow attackers to trick users into running malicious code. Meta classifies the vulnerability as a spoofing issue that makes all WhatsApp for Windows versions prior to v2.2450.6 display sent attachments according to their MIME (media) type – i.e., the metadata that says what kind of file it is: audio, image, message, text, application, etc. – but … More →

The post WhatsApp vulnerability could be used to infect Windows users with malware (CVE-2025-30401) appeared first on Help Net Security.