Category: Help Net Security

Most CISOs spend their time thinking about account takeover and phishing, but identity document fraud is becoming a tougher challenge. A new systematic review shows how attackers are pushing past old defenses and how detection models are struggling to keep…

Read more →

In this Help Net Security video, Dinesh Nagarajan, Global Partner, Cyber Security Services at IBM Consulting, walks through a situation in which an employee shared production source code with a public AI tool. The tool learned from the code, including…

Read more →

Insurers judge organizations by the strength of their identity controls and by how consistently those controls are applied, according to a new Delinea report. CISOs are entering a market that rewards maturity and penalizes gaps that once passed without scrutiny.…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Bedrock Data, Immersive, Kentik, Minimus, and Synack. Kentik AI Advisor brings intelligence and automation to network design and operations Kentik has launched the Kentik AI…

Read more →

AI is changing how scams are built, shared, and trusted. A new global survey from Bitdefender shows how far the problem has spread. AI is helping scams evolve faster than people can respond Over seven in ten consumers encountered some…

Read more →

In what may be a repeat of the Salesloft Drift supply chain compromise, Salesforce confirmed that they’ve identified unusual activity involving Gainsight-published apps connected to Salesforce. “Our investigation indicates this activity may have enabled unauthorized access to certain customers’ Salesforce…

Read more →

There is a serious security problem inside Comet, the AI-powered agentic browser made by Perplexity, SquareX researchers say: Comet’s MCP API allows the browser’s built-in (but hidden from the user) extensions to issue commands directly to a user’s device, and…

Read more →

Oligo Security announced new capabilities to protect the broadest spectrum of AI deployments, including AI applications, LLMs, and agentic AI. The new platform modules address the largest blind spot in AI security by securing production AI technologies that remain largely…

Read more →

A new infostealer is targeting macOS users by masquerading as the legitimate DynamicLake UI enhancement and productivity utility and possibly Google’s Drive for desktop app. Multi-stage delivery Dubbed DigitStealer by Jamf researchers, this threat is unusually sophisticated. Before it’s run,…

Read more →

Bedrock Data announced Bedrock Data ArgusAI and Natural Language Policy. ArgusAI is a new product that expands the company’s capabilities into artificial intelligence governance. It allows enterprises to understand what data their AI models and agents access during training and…

Read more →

ID-Pal has announced a major enhancement to its document-fraud detection feature, ID-Detect, delivering even more powerful defences against AI-generated digital manipulation—one of the fastest-growing threats facing financially regulated enterprises and payments providers. ID-Pal’s document-fraud detection feature has now been strengthened…

Read more →

Minimus announced the general availability of Image Creator, a new feature that empowers customers to build their own hardened container images, fully powered and secured by Minimus’ container security software and software supply chain security technology. The launch marks a…

Read more →

Passwords sit at the core of every critical system, but many organizations still overlook how fragile their password workflows can be. When something goes wrong, security teams rush to uncover who had access, how those passwords were stored and whether…

Read more →

When AI models generate code, they deliver power and risk at the same time for security teams. That tension is at the heart of the new tool called BlueCodeAgent, designed to help developers and security engineers defend against code-generation threats.…

Read more →

Privacy rules like GDPR and CCPA are meant to help app stores be clearer about how apps use your data. But in the Google Play Store, those privacy sections often leave people scratching their heads. A new study looks at…

Read more →

State groups, criminal crews, and hybrid operators are all using familiar IT entry points to reach systems that support industrial processes, according to the latest Operational Technology Threat Report from Trellix. The report covers attacks observed from April through September…

Read more →

Security leaders often feel prepared for a major cyber incident, but performance data shows a different reality. Teams continue to miss key steps during practice scenarios, and the gap between confidence and capability keeps growing. Findings from Immersive’s Cyber Workforce…

Read more →

Veeam Software launches Veeam Data Platform v13, delivering the resilience, flexibility, and intelligence needed for an AI-powered future. With a modern platform architecture, AI-powered intelligence, an expansive hypervisor integration model, and new security capabilities, Veeam Data Platform v13 delivers a…

Read more →

Strata Identity announced the availability of the AI Identity Gateway, an enterprise-grade runtime identity and policy-enforcement control point for agentic behavior. As part of Maverics for Agentic Identity, the AI Identity Gateway provides organizations with a reliable way to authenticate,…

Read more →

Immersive announced the general availability of Dynamic Threat Range, a new capability within its Immersive One platform that transforms how organizations validate and improve cyber readiness. Dynamic Threat Range runs authentic, full-chain, live-fire attacks within supported enterprise environments, delivering a…

Read more →