Category: Help Net Security

AI security governance provides a stable compass, channeling efforts and transforming AI from an experimental tool to a reliable, enterprise-class solution. With adequate governance built at the center of AI efforts, business leaders can shape AI plans with intention, while…

Read more →

Continuous Threat Exposure Management (CTEM) is a modern cybersecurity strategy originally coined by Gartner analysts, which focuses on identifying, prioritizing, validating, and mobilizing teams to reduce threat exposure across an organization’s full attack surface. It’s in a category of cybersecurity…

Read more →

Flow monitoring tools are useful for tracking traffic patterns, planning capacity, and spotting threats. But many off-the-shelf solutions come with steep licensing costs and hardware demands, especially if you want to process every packet. A research team at the University…

Read more →

Learn how AI technologies can be applied to enhance security, create safe and responsible applications, develop intelligent agents, and improve information discovery. You’ll gain practical skills, explore new tools, and work on projects that help you apply what you learn.…

Read more →

AI is changing how enterprises approach Kubernetes operations, strategy, and scale. The 2025 State of Production Kubernetes report from Spectro Cloud paints a picture of where the industry is heading: AI is shaping decisions around infrastructure cost, tooling, and edge…

Read more →

The Ruđer Bošković Institute (RBI), the largest Croatian science and technology research institute, has confirmed that it was the one of “at least 9,000 institutions worldwide” that were attacked using the Microsoft SharePoint “ToolShell” vulnerabilities. The attack happened on Thursday,…

Read more →

The National Institute of Standards and Technology (NIST) has finalized a lightweight cryptography standard to protect even the smallest networked devices from cyberattacks. Published as Ascon-Based Lightweight Cryptography Standards for Constrained Devices (NIST Special Publication 800-232), the standard offers tools…

Read more →

For August 2025 Patch Tuesday, Microsoft has released security updates resolving 100+ security vulnerabilities in its various solutions, including a relative path traversal flaw in Windows Kerberos (CVE-2025-53779) that allows an authorized attacker to elevate privileges over a network as…

Read more →

Fortinet has released patches for a critical OS command injection vulnerability (CVE-2025-25256) in FortiSIEM, after practical exploit code surfaced in the wild. About CVE-2025-25256 FortiSIEM is a security information and event management platform used by organizations to collect, correlate and…

Read more →

In this Help Net Security interview, Amy Herzog, CISO at AWS, discusses how cloud-native security enables scalable, flexible protection that aligns with how teams build in the cloud. She explains the Shared Responsibility Model and the tools and processes that…

Read more →

The Apricorn Aegis NVX is a hardware-based 256-Bit AES XTS external SSD drive with integrated USB-C cable. Its storage capacities range from 500GB to 2TB. The device is OS free and cross-platform compatible. Design and build The drive comes with…

Read more →

The cybersecurity needs of small and midsize businesses have reached a critical point. Compliance mandates, increasing ransomware attacks, and cyber insurance requirements are driving demand for expert guidance. Yet, hiring a full-time Chief Information Security Officer (CISO) remains out of…

Read more →

Most organizations are juggling too many tools, struggling with security blind spots, and rushing into AI adoption without governance, according to JumpCloud. he average organization now uses more than nine tools to manage core IT functions. That is fueling a…

Read more →

A new study from Dragos and Marsh McLennan puts hard numbers on the global financial risk tied to OT cyber incidents. The 2025 OT Security Financial Risk Report estimates that the most extreme scenarios could place more than $329.5 billion…

Read more →

FortiGuard Labs has reported a dramatic spike in exploitation attempts targeting Citrix Bleed 2, a critical buffer over‑read flaw (CVE‑2025‑5777) affecting Citrix NetScaler ADC (Application Delivery Controller) and Gateway devices. Since July 28, 2025, they have detected over 6,000 exploitation attempts, mostly…

Read more →

Trend Micro announced new agentic AI technology designed to solve the traditional pain points associated with Security Information and Event Management (SIEM). When combined with Trend’s digital twin capabilities it will help to transform security operations by proactively mitigating security risks.…

Read more →

Prove launched Unified Authentication, an authentication solution that passively and persistently recognizes customers, no matter where they appear or how often their devices or credentials change. This launch reflects a critical market shift: identity is no longer just a tool…

Read more →

Rubrik launched Agent Rewind, following the close of Rubrik’s acquisition of Predibase. Agent Rewind, powered by Predibase AI infrastructure, will enable organizations to undo mistakes made by agentic AI by providing visibility into agents’ actions and enabling enterprises to rewind…

Read more →

The RomCom attackers aren’t the only ones that have been leveraging the newly unveiled WinRAR vulnerability (CVE-2025-8088) in zero-day attacks: according to Russian cybersecurity company BI.ZONE, a group tracked as Paper Werewolf has been using it to target Russian organizations.…

Read more →

Instead of focusing only on corporate systems, some APT groups are now going after executives in their personal lives. Home networks, private devices, and even family members have become targets. This approach works because executives often work remotely, store files…

Read more →