News – Help Net Security

ESET researchers have identified multiple samples of two previously unknown Linux backdoors: WolfsBane and FireWood. The goal of the backdoors and tools discovered is cyberespionage that targets sensitive data such as system information, user credentials, and specific files and directories. These tools are designed to maintain persistent access and execute commands stealthily, enabling prolonged intelligence gathering while evading detection. WolfsBane execution chain (Source: ESET) WolfsBane Researchers discovered the WolfsBane samples at VirusTotal, uploaded from Taiwan, … More → The post Researchers unearth two previously unknown Linux backdoors appeared first on Help Net Security.

The Computer Emergency Response Team of Ukraine (CERT-UA), part of the State Service of Special Communications and Information Protection (SSSCIP), has joined forces with the simulation training platform Cyber Ranges to unveil TRYZUB, a cyber resilience training and capability development service. TRYZUB primarily protects military, government entities, and critical infrastructure sectors such as energy, healthcare, finance, telecommunications, and education. Its training is designed for military units, law enforcement, government agencies, and operators of essential infrastructure … More → The post Ukrainian cyberwar experience becomes blueprint for TRYZUB cyber training service appeared first on Help Net Security.

AxoSyslog is a syslog-ng fork, created and maintained by the original creator of syslog-ng, Balazs Scheidler, and his team. “We first started by making syslog-ng more cloud-ready: we packaged syslog-ng in a container, added helm charts, and made it more suitable for use in cloud-native environments. We’ve also improved the monitoring and operational experience to help AxoSyslog better integrate with modern telemetry pipelines,” Balazs Scheidler, CEO of Axoflow, told Help Net Security. AxoSyslog is not … More → The post AxoSyslog: Open-source scalable security data processor appeared first on Help Net Security.

Human-led penetration testing is an essential practice for any organization seeking to proactively address potential attack vectors. However, this indispensable pentesting method is often limited by several factors: high resource demands, project time constraints, dispersed communication, and lack of continuous visibility into evolving vulnerabilities. Plainsea‘s innovative all-in-one platform addresses these challenges through an augmented penetration testing approach that results in a continuous, streamlined, and collaborative service. Designed for MSSPs and security teams, the platform enables … More → The post Product showcase: Augmenting penetration testing with Plainsea appeared first on Help Net Security.

The CWE list of the 25 most dangerous software weaknesses demonstrates the currently most common and impactful software flaws. Identifying the root causes of these vulnerabilities provides insights to shape investments, policies, and practices that proactively prevent their occurrence. The CWE top 25 most dangerous software weaknesses list was calculated by analyzing public vulnerability information in Common Vulnerabilities and Exposures (CVE) Records for CWE root cause mappings. This year’s dataset included 31,770 CVE Records for … More → The post CWE top 25 most dangerous software weaknesses appeared first on Help Net Security.

In this Help Net Security interview, Brooke Motta, CEO of RAD Security, talks about how cloud-specific threats have evolved and what companies should be watching out for. She discusses the growing complexity of cloud environments and the importance of real-time detection to protect against increasingly sophisticated attacks. Motta also shares practical advice for SMBs and organizations navigating compliance and cloud security challenges. How have cloud-specific threats evolved over the past few years, and what new … More → The post Enhancing visibility for better security in multi-cloud and hybrid environments appeared first on Help Net Security.

In 2024, businesses reported taking an average of 7.3 months to recover from cybersecurity breaches – 25% longer than expected and over a month past the anticipated timeline of 5.9 months, according to Fastly. Cybersecurity leaders feel unprepared for future threats Recovery times were even worse for companies that planned on cutting back cybersecurity spending. They faced an average of 68 incidents each – 70% above the average – and their recovery times stretched to … More → The post Full recovery from breaches takes longer than expected appeared first on Help Net Security.

GitHub is calling on maintainers of open source projects to apply for the newly opened Secure Open Source Fund, to get funding and knowledge to improve the security and sustainability of their software. The program is funded by companies (AmEx Chainguard, Microsoft, 1Password, Shopify, Stripe, etc.), venture funds (e.g., Mayfield Fund) and nonprofits (e.g., the Alfred P. Sloan Foundation). About the program Applicants that get chosen will receive, among other things: $10,000 per project (delivered … More → The post GitHub Secure Open Source Fund: Project maintainers, apply now! appeared first on Help Net Security.

Oracle Linux offers a secure, streamlined platform for deploying and managing applications across on-premises, cloud, and edge environments. Designed for demanding workloads, it includes tools for automation, virtualization, high availability, cloud-native development, Kubernetes, and more. Oracle Linux, 9 Update 5 for the 64-bit Intel and AMD (x86_64) and 64-bit Arm (aarch64) platforms is now generally available. This release is packaged with the following kernel options: Unbreakable Enterprise Kernel (UEK) Release 7 Update 3, 5.15.0-302.167.6 for … More → The post Oracle Linux 9 Update 5 brings security updates, OpenJDK 17, .NET 9.0 appeared first on Help Net Security.

Apple has released emergency security updates for macOS Sequoia that fix two zero-day vulnerabilities (CVE-2024-44309, CVE-2024-44308) that “may have been actively exploited on Intel-based Mac systems”. About CVE-2024-44309 and CVE-2024-44308 CVE-2024-44309 affects WebKit, the browser engine used in the Safari web browser and all iOS and iPadOS web browsers, and can be triggered when it’s made to process maliciously crafted web content. It can enable a cross site scripting (XSS) attack. CVE-2024-44308 affects JavaScriptCore – … More → The post Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308) appeared first on Help Net Security.