Help Net Security

A ViewState code injection attack spotted by Microsoft threat researchers in December 2024 could be easily replicated by other attackers, the company warned. “In the course of investigating, remediating, and building protections against this activity, we observed an insecure practice whereby developers have incorporated various publicly disclosed ASP.NET machine keys from publicly accessible resources, such as code documentation and repositories, which threat actors have used to perform malicious actions on target servers.” The attack ASP.NET … More →

The post Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys appeared first on Help Net Security.

The way we manage digital identity is fundamentally broken. The root of the problem lies in traditional, centralized identity models, where a single organization holds and controls a user’s credentials, creating an attractive target for attackers. The bigger the database, the bigger the prize. Self-sovereign identity (SSI) presents a radical shift in how we think about digital identity. Instead of relying on centralized authorities, SSI puts control directly into the hands of individuals. Users store … More →

The post Self-sovereign identity could transform fraud prevention, but… appeared first on Help Net Security.

NSA’s Research Directorate released version 11.3 of Ghidra, an open-source software reverse engineering (SRE) framework. It offers advanced analysis tools, enabling users to dissect and examine compiled code across multiple platforms, including Windows, macOS, and Linux. Ghidra 11.3 is fully backward compatible with project data from previous versions. However, programs and data type archives created or modified in 11.3 will not be compatible with earlier versions of Ghidra. Visual Studio Code Ghidra 11.3 replaces the … More →

The post Ghidra 11.3 released: New features, performance improvements, bug fixes appeared first on Help Net Security.

The implementation of new regulatory measures that impact the UK, EU, and beyond are driving organizations to enhance vigilance in addressing evolving cybersecurity and operational risks, according to AuditBoard. The research showed 91% of respondents report feeling concerned about cybersecurity threats to their organization, and 86% are aware of incidents within their industry in the past year. Compliance pressure grows among organizations Organizations are under constant pressure to adopt more proactive and strategic approaches to … More →

The post Infosec pros struggle under growing compliance appeared first on Help Net Security.

Cyber fraud (which includes activity such as hacking, deepfakes, voice cloning and highly sophisticated phishing schemes) rose by 14% year over year, according to Trustpair. US faces cyber fraud growth The proprietary research, which is based on a survey of 200 senior finance, treasury, and accounts payable executives, reveals that 90% of US companies were targeted by cyber fraud in the past year, compared to 79% of companies in 2023. The surge in fraud is … More →

The post Overconfident execs are making their companies vulnerable to fraud appeared first on Help Net Security.

Here’s a look at the most interesting products from the past week, featuring releases from Dynatrace, Nymi, Qualys, SafeBreach, and Satori. Qualys TotalAppSec enables organizations to address risks across web applications and APIs Qualys TotalAppSec unifies API security, web application scanning, and web malware detection across on-premises to hybrid and multi-cloud environments, providing companies with a comprehensive view of their application security risk and posture. SafeBreach exposure validation platform identifies security gaps SafeBreach launched SafeBreach … More →

The post New infosec products of the week: February 7, 2025 appeared first on Help Net Security.

Expel announced expanded security information and event management (SIEM) coverage, including a new low-cost data lake offering, allowing customers to meet compliance and data storage requirements more effectively while strengthening their overall security posture. Additionally, Expel extended integration coverage and support for several industry-leading SIEM and extended detection and response (XDR) products, including Sumo Logic Cloud SIEM and CrowdStrike Falcon LogScale environments. “Organizations are navigating an increasingly complex landscape when it comes to the balance … More →

The post Expel expands SIEM capabilities to meet mounting data storage needs appeared first on Help Net Security.

Chainalysis’ latest report on how the ransomware landscape changed from 2023 to 2024 shows a promising trend: An increasing number of victims refuses to pay the ransom. The total volume of ransom payments decreased year-over-year by approximately 35%, the blockchain analysis firm says. In 2023, victims delivered $1.25 billion to ransomware attackers and data theft and extortion gangs. In 2024, the number fell to $813.55 million. Ransomware payments vs. data leak site victims, 2024 (Source: … More →

The post Ransomware payments plummet as more victims refuse to pay appeared first on Help Net Security.

ActiveState launched its Vulnerability Management as a Service (VMaas) offering that revolutionizes how organizations manage open source and accelerates secure software delivery. ActiveState’s Vulnerability Management as a Service combines Application Security Posture Management (ASPM) and Intelligent Remediation capabilities with expert guidance. This solution enables DevSecOps teams to not only identify vulnerabilities in open source packages, but also to automatically prioritize, remediate, and deploy fixes into production without breaking changes, ensuring that applications are truly secured. … More →

The post ActiveState accelerates secure software delivery appeared first on Help Net Security.

Corero Network Security announced new advancements in multi-site resiliency and intelligent traffic management, further strengthening its ability to deliver always-on DDoS protection. Designed to mitigate large-scale cyberattacks, operational failures, and data center outages, Corero’s solution eliminates single points of failure by automatically adapting when a security component, data center, or network segment goes offline—ensuring seamless operations without disruption or manual intervention. Modern organizations require continuous availability, but traditional solutions lack resilience in the face of … More →

The post Corero Network Security unveils automated DDoS-aware resiliency appeared first on Help Net Security.

The Spanish National Police has arrested a hacker suspected of having breached national and international agencies (including the United Nation’s International Civil Aviation Organization and NATO), Spanish universities and companies, and released stolen data on the dark web. The attacks The National Police began the investigation in February 2024, after a Madrid business association discovered that a hacker boasted on an underground criminal forum that they have information stolen from the association’s website. “Once the … More →

The post Suspected NATO, UN, US Army hacker arrested in Spain appeared first on Help Net Security.

Onapsis announced Onapsis Control Central for SAP application security testing and custom code security supporting RISE with SAP transformations. As the latest addition to its Onapsis Control product line, Control Central is a reinvention of Onapsis’ award-winning Control product. Control Central is a key component of the Onapsis Secure RISE Accelerator, working to streamline and de-risk large RISE with SAP projects for global enterprises. For organizations driving DevSecOps initiatives, Control Central offers application security testing … More →

The post Onapsis Control Central secures SAP software development lifecycle appeared first on Help Net Security.

Cyabra introduces Insights, a new AI-feature designed to transform complex social media disinformation data into clear, actionable answers in seconds. False narratives, fake accounts, and AI-generated content are spreading faster than ever, costing businesses and governments billions annually and eroding public trust and reputations. With AI-generated disinformation spreading six times faster than the truth—especially during high-stakes events like elections and holiday seasons—the need for rapid-response tools has never been more critical. Insights takes the complexity … More →

The post Cyabra Insights protects against AI-driven digital disinformation appeared first on Help Net Security.

In this Help Net Security interview, Oliver Friedrichs, CEO at Pangea, discusses why strong data hygiene is more important than ever as companies integrate AI into their operations. With AI-driven applications handling sensitive enterprise data, poor access controls and outdated security practices can lead to serious risks. Friedrichs shares key best practices to mitigate risks, ensure data reliability, and adapt security strategies for the AI landscape. How do data hygiene practices align with broader cybersecurity … More →

The post The overlooked risks of poor data hygiene in AI-driven organizations appeared first on Help Net Security.

AI is driving significant changes in attack sources, with 88% of enterprises observing an increase in AI-powered bot attacks in the last two years, according to Arkose Labs. 53% said they have lost between $10 million to over $500 million during the past two years due to negative consequences related to cyberattacks. Enterprises are investing heavily in AI-powered solutions, which make up 21% of cybersecurity budgets today and will increase to 27% by 2026. 62% … More →

The post Enterprises invest heavily in AI-powered solutions appeared first on Help Net Security.

Apple’s Safari browser includes several features aimed at enhancing privacy while browsing the web. Two of the most notable privacy features are Intelligent Tracking Prevention (ITP) and Private Browsing mode. Intelligent Tracking Prevention (ITP) Intelligent Tracking Prevention (ITP) is a feature built into Safari to prevent advertisers and websites from tracking your browsing activity across different sites. It works by limiting the ability of trackers (like cookies) to follow you across websites. ITP is enabled … More →

The post How to customize Safari for private browsing on iOS appeared first on Help Net Security.

XE Group, a cybercriminal outfit that has been active for over a decade, has been quietly exploiting zero-day vulnerabilities (CVE-2025-25181, CVE-2024-57968) in VeraCore software, a popular solution for warehouse management and order fulfillment. According to Intezer and Solis Security researchers, their targets are companies in the manufacturing and distribution sectors. “In one instance, the group was found to have compromised an organization in 2020, maintaining persistent access to an endpoint for over four years,” Intezer … More →

The post Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968) appeared first on Help Net Security.

SafeBreach launched SafeBreach exposure validation platform, which combines the power of its time-tested breach and attack simulation (BAS) product—now called Validate—and its new attack path validation product, Propagate. Together, they provide enterprise security teams with deeper insight into threat exposure and a more comprehensive view of cyber risk. According to the Gartner Hype Cycle Report, “Adversarial exposure validation technologies offer offensive security technologies simulating threat actor tactics, techniques and procedures to validate the existence of … More →

The post SafeBreach exposure validation platform identifies security gaps appeared first on Help Net Security.

There will be no patches for EOL Zyxel routers under attack via CVE-2024-40891, the company has confirmed. Meanwhile, Netgear has issued patches for critical flaws affecting its routers and wireless access points. Zyxel vulnerability: Exploited, no patches CVE-2024-40891, a command injection vulnerability in Zyxel CPE Series telecommunications devices that has been known since July 2024 and is currently being exploited by attackers, will not be patched by the manufacturer since the affected devices “are legacy … More →

The post Swap EOL Zyxel routers, upgrade Netgear ones! appeared first on Help Net Security.

Satori announced its new capabilities, enabling security teams to be in control of all customer data across the development lifecycle in a simple, cost-effective, and holistic way. These capabilities automate the daunting tasks of discovering data, risk assessment, providing granular access control, and mitigating security risks quickly across cloud platforms like AWS, Snowflake, Databricks, and MongoDB. A recent report by Gartner found that 75% of organizations are working to consolidate their cloud-native security vendors. Security … More →

The post Satori provides visibility into data store risk levels appeared first on Help Net Security.