Cybersecurity
Forward-thinking CISOs are shining a light on shadow IT – Help Net Security
In this Help Net Security interview, Curtis Simpson, CISO and Chief Advocacy Officer at Armis, discusses how CISOs can balance security and innovation while managing the risks of shadow IT. Rather than focusing on restrictive policies, fostering proactive partnerships with business leaders to identify secure alternatives for unsanctioned tools is essential. Simpson also discusses common…
It takes two: The 2025 Sophos Active Adversary Report
The Sophos Active Adversary Report celebrates its fifth anniversary this year. The report grew out of a simple question: What happens after attackers breach a company? Knowing the adversary’s playbook, after all, helps defenders better battle an active attack. (There’s a reason we started life as “The Active Adversary Playbook.”) At the same time we…
Unveiling WolfsBane: Gelsemium’s Linux counterpart to Gelsevirine
ESET researchers have identified multiple samples of Linux backdoor, which we have named WolfsBane, that we attribute with high confidence to the Gelsemium advanced persistent threat (APT) group. This China-aligned threat actor has a known history dating back to 2014 and until now, there have been no public reports of Gelsemium using Linux malware. Additionally,…
Helping Your Clients Achieve NIST Compliance: A Step by Step Guide for Service Providers
Apr 02, 2025The Hacker NewsCompliance / Data Protection Introduction As the cybersecurity landscape evolves, service providers play an increasingly vital role in safeguarding sensitive data and maintaining compliance with industry regulations. The National Institute of Standards and Technology (NIST) offers a comprehensive set of frameworks that provide a clear path to achieving robust cybersecurity practices….
How Each Pillar of the 1st Amendment is Under Attack – Krebs on Security
“Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances.” -U.S. Constitution, First Amendment. Image: Shutterstock, zimmytws. In an address…
The urgent reality of machine identity security in 2025
The importance of machine identity security has reached a critical juncture in 2025. With machine identities now far outnumbering human ones, securing these digital credentials has become a top cybersecurity priority for enterprises. However, as the CyberArk 2025 State of Machine Identity Security Report shows, many of the 1,200 security leaders in organizations we surveyed—across the U.S., U.K., Australia,…
Security could be the use case AI PCs need | TechTarget
In an era where interest in AI PCs is soaring and injecting life into what was a stagnant endpoint device market, the enthusiasm has been met with a lack of clearly defined use cases. The early use cases touted by hardware and software vendors often revolved around unified communications and collaboration. While that’s a…
How to recognize and prevent deepfake scams – Help Net Security
Deepfakes are a type of synthetic media created using AI and machine learning. In simple terms, they produce videos, images, audio, or text that look and sound real, even though the events depicted never actually happened. These altered clips spread across social media, messaging apps, and video-sharing platforms, blurring the line between reality and fiction….
Stealing user credentials with evilginx
Evilginx, a tool based on the legitimate (and widely used) open-source nginx web server, can be used to steal usernames, passwords, and session tokens, allowing an attacker to potentially bypass multifactor authentication (MFA). In this post, we’ll demonstrate how evilginx works and what information it is able to acquire; we also have advice for detecting…
RomCom exploits Firefox and Windows zero days in the wild
ESET researchers discovered a previously unknown vulnerability in Mozilla products, exploited in the wild by Russia-aligned group RomCom. This is at least the second time that RomCom has been caught exploiting a significant zero-day vulnerability in the wild, after the abuse of CVE-2023-36884 via Microsoft Word in June 2023. This critical vulnerability, assigned CVE-2024-9680 with…