News – Help Net Security

APT29 (aka Cozy Bear, aka Midnight Blizzard) is, once again, targeting European diplomats with fake invitations to wine-tasting events, Check Point researchers have shared. Cozy Bear uses wine-tastings and dinners as a lure In early 2024, Zscaler flagged a low-volume phishing campaign aimed at delivering the WINELOADER backdoor to European diplomats. The lure was a PDF file containing a fake invitation letter supposedly send by the Ambassador of India, inviting diplomats to a wine-tasting event. … More → The post Cozy Bear targets EU diplomats with wine-tasting invites (again) appeared first on Help Net Security.

The future of the Common Vulnerabilities and Exposures (CVE) program hangs in the balance: MITRE, the not-for-profit US organization that runs it, could lose the US federal funding that helps them maintain it. But others have been waiting in the wings and are getting ready to pick up the vulnerability tracking mantle. “On Wednesday, April 16, 2025, the current contracting pathway for MITRE to develop, operate, and modernize CVE and several other related programs, such … More → The post Funding uncertainty may spell the end of MITRE’s CVE program appeared first on Help Net Security.

For CISOs, mergers and acquisitions (M&A) bring both potential and risk. These deals can drive growth, but they also open the door to serious cybersecurity threats that may derail the transaction. Strong due diligence, smart risk planning, and a shared security mindset can help keep deals on track and protect the business. Key cybersecurity risks in M&A 1. Inherited vulnerabilities: Acquiring a company means inheriting its existing cybersecurity weaknesses. If the target company has unresolved … More → The post When companies merge, so do their cyber threats appeared first on Help Net Security.

AI readiness in cybersecurity involves more than just possessing the latest tools and technologies; it is a strategic necessity. Many companies could encounter serious repercussions, such as increased volumes of advanced cyber threats, if they fail to exploit AI due to a lack of clear objectives, inadequate data readiness or misalignment with business priorities. Foundational concepts are vital for constructing a robust AI-readiness framework for cybersecurity. These concepts encompass the organization’s technology, data, security, governance … More → The post Strategic AI readiness for cybersecurity: From hype to reality appeared first on Help Net Security.

MITRE’s Attack Flow project aims to translate complex cyber operations into a structured language. By describing how adversaries sequence and combine offensive techniques to reach their objectives, Attack Flow offers defenders, analysts, and decision-makers a tool to see the bigger picture. Threat intelligence Cyber threat intel (CTI) teams can use Attack Flow to show how attackers behave, not just what tools they use. It tracks activity across incidents, campaigns, or threat groups. Because it’s machine-readable, … More → The post Attack Flow: Learn how cyber adversaries combine and sequence offensive techniques appeared first on Help Net Security.

By now, most CISOs agree: passwords are the weakest link in the authentication chain. They’re easy to guess, hard to manage, and constantly reused. Even the most complex password policies don’t stop phishing or credential stuffing. That’s why passwordless authentication is gaining serious ground. Adopting passwordless authentication comes with challenges, including resistance to change, integration with legacy systems, and initial costs. Organizations may also have concerns about security, user experience, accessibility, compliance, and data privacy. … More → The post The future of authentication: Why passwordless is the way forward appeared first on Help Net Security.

Despite being present on virtually every employee’s browser, extensions are rarely monitored by security teams or controlled by IT, according to LayerX. Most extensions have access to sensitive data 99% of enterprise users have at least one extension installed in their browsers, and 53% have more than 10 browser extensions. This widespread usage means almost every employee represents a potential attack vector. 53% of enterprise users have installed a browser extension with “high” or “critical” … More → The post Browser extensions make nearly every employee a potential attack vector appeared first on Help Net Security.

American car rental company Hertz has suffered a data breach linked to last year’s exploitation of Cleo zero-day vulnerabilities by a ransomware gang. The breach resulted in information of an unknown number of customers of Hertz and Hertz’s subsidiaries Dollar and Thrifty to be compromised. Hertz data breach notifications “Cleo is a vendor that provides a file transfer platform used by Hertz for limited purposes,” the company shared – though it did not specify what … More → The post Hertz data breach: Customers in US, EU, UK, Australia and Canada affected appeared first on Help Net Security.

The Nagios Security Team has fixed three critical vulnerabilities affecting popular enterprise log management and analysis platform Nagios Log Server. About the flaws The vulnerabilities, discovered and reported by security researchers Seth Kraft and Alex Tisdale, include: 1. A stored XSS vulnerability (CVE-2025-29471) in the web interface of Nagios Log Server that allows a standard (low-privilege) user to inject a malicious JavaScript payload into their profile’s ’email’ field to achieve privilege escalation. “When an administrator … More → The post Critical flaws fixed in Nagios Log Server appeared first on Help Net Security.

Digital certificates are the unsung heroes of the internet, silently verifying that the websites, apps, and services you use are legit and your data is safe. For years, we’ve leaned on certificates with maximum validity term stretching for months and, in some cases, even years. While convenient, these long-lived certificates are increasingly risky, and now the industry’s major browser makers, like Apple and Google, are throwing down the gauntlet: 90-day maximum validity term from Google, … More → The post Why shorter SSL/TLS certificate lifespans matter appeared first on Help Net Security.