WinRAR zero day exploited by RomCom hackers in targeted attacks

ESET researchers have discovered a previously unknown vulnerability in WinRAR, exploited in the wild by Russia-aligned group RomCom. If you use WinRAR or related components such as the Windows... Read more »

Smart Buses flaws expose vehicles to tracking, control, and spying

Researchers showed how hackers can exploit flaws in a bus’ onboard and remote systems for tracking, control and spying. Researchers Chiao-Lin ‘Steven Meow’ Yu of Trend Micro Taiwan and... Read more »

MedusaLocker ransomware group is looking for pentesters

MedusaLocker ransomware gang announced on its Tor data leak site that it is looking for new pentesters. MedusaLocker is a ransomware strain that was first observed in late 2019,... Read more »

How Brandolini’s law informs our everyday infosec reality

Brandolini’s law, also known as the “bullshit asymmetry principle”, is simple but devastating: “The amount of energy needed to refute bullshit is an order of magnitude bigger than to... Read more »

From legacy to SaaS: Why complexity is the enemy of enterprise security

In this Help Net Security interview, Robert Buljevic, Technology Consultant at Bridge IT, discusses how the coexistence of legacy systems and SaaS applications is changing the way organizations approach... Read more »

Review: From Day Zero to Zero Day

From Day Zero to Zero Day is a practical guide for cybersecurity pros who want to move beyond reading about vulnerabilities and start finding them. It gives a methodical... Read more »

Pentesting is now central to CISO strategy

Security leaders are rethinking their approach to cybersecurity as digital supply chains expand and generative AI becomes embedded in critical systems. A recent survey of 225 security leaders conducted... Read more »

Breaches are up, budgets are too, so why isn’t healthcare safer?

A new report from Resilience outlines a growing cyber crisis in the U.S. healthcare sector, where ransomware attacks, vendor compromise, and human error continue to cause widespread disruption. In... Read more »

Watching the watchers: Is the Technical Advisory Panel a match for MI5, MI6 and GCHQ?

Dame Muffy Calder is chair of the Technical Advisory Panel (TAP), a small group of experts that advises the Investigatory Powers Commissioner on surveillance technology. Do they have what... Read more »

Google confirms Salesforce CRM breach, faces extortion threat

Google disclosed a Salesforce Customer Relationship Management (CRM) breach exposing data of some prospective Google Ads customers. Google confirmed a breach in a Salesforce CRM instance affecting the data... Read more »
Subscribe to our Newsletter