Category: Help Net Security

In this Help Net Security video, Tim Morris, Chief Security Advisor at Tanium, shares practical best practices to help organizations balance innovation and security while leveraging AI. Morris warns of an even riskier shadow AI trend in which departments, unsatisfied…

Read more →

Outpost24 has launched Outpost24 CyberFlex, a comprehensive application security solution that combines Attack Surface Management (ASM) and Penetration Testing as a Service (PTaaS) to manage and secure an organization’s external-facing applications, and deliver enhanced visibility in a flexible and agile…

Read more →

Palo Alto Networks introduced today Prisma SASE 5G, delivering the functionality and capabilities customers need to stay protected for the future state of mobility and connectivity. The company also announced the expansion of its private 5G collaborations, working with seven…

Read more →

Commix is an open-source penetration testing tool designed to automate the detection and exploitation of command injection vulnerabilities, streamlining security assessments for researchers and ethical hackers. Commix features Easy to use: Commix simplifies the process of identifying and exploiting command…

Read more →

The Chief AI Officer’s Handbook is a comprehensive resource for professionals navigating AI implementation and strategy. It is particularly valuable for Chief AI Officers (CAIOs), offering guidance on defining their role and executing AI-driven business strategies. About the author Jarrod…

Read more →

QR codes have become an integral part of our everyday life due to their simplicity. While they’ve been around for many years, their use exploded during the COVID-19 pandemic, when businesses turned to them for contactless menus, payments, and check-ins.…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Massive botnet hits Microsoft 365 accounts A recently discovered botnet of over 130,000 compromised devices is launching coordinated password-spraying attacks against Microsoft 365 (M365) accounts.…

Read more →

Ransomware attacks against industrial organizations surged by 87% over the past year, while new malware families designed specifically for OT environments emerged. These findings highlight a troubling trend: OT systems are increasingly becoming mainstream targets, and even sophisticated threat actors…

Read more →

Users of the MITRE Caldera cyber security platform have been urged to plug a critical hole (CVE-2025–27364) that may allow unauthenticated attackers to achieve remote code execution. About MITRE Caldera MITRE Caldera is a platform built on the MITRE ATT&CK…

Read more →

The Open Source Security Foundation (OpenSSF), a cross-industry initiative by the Linux Foundation, has announced the initial release of the Open Source Project Security Baseline (OSPS Baseline), a tiered framework of security practices that evolve with the maturity of open…

Read more →

In this Help Net Security interview, David Dumont, Partner at Hunton Andrews Kurth, discusses the implications of the EU AI Act and how organizations can leverage existing GDPR frameworks while addressing new obligations such as conformity assessments and transparency requirements.…

Read more →

In this Help Net Security video, Nathan Parks, Senior Research Specialist at Gartner, discusses their recent research, revealing that only 14% of security leaders effectively balance data security with business goals. 35% of leaders are focused on securing data, while…

Read more →

Here’s a look at the most interesting products from the past month, featuring releases from: 1Password, Armor, BigID, Dynatrace, Fortinet, Legit Security, Netwrix, Nymi, Palo Alto Networks, Pangea, Privacera, Qualys, SafeBreach, Satori, Seal Security, Socure, and Veeam Software. Qualys TotalAppSec…

Read more →

Phishing has been the method most often employed by cybercriminals to achieve initial access to targeted organizations in 2024, according to risk advisory firm Kroll, which expects this trend to continue in 2025. But attackers have also increasingly been using…

Read more →

CalypsoAI launched the CalypsoAI Security Leaderboard, an index of all the major AI models based on their security performance. The CalypsoAI Security Leaderboard ranks all the major models on their ability to withstand advanced security attacks and presents a risk-to-performance (RTP)…

Read more →

Aviatrix launched Aviatrix Kubernetes Firewall, a new solution designed to tackle the pervasive security and application modernization challenges faced by enterprises operating Kubernetes at scale, particularly those in hybrid and multicloud environments. In an era where enterprises are increasingly adopting Kubernetes…

Read more →

Trustmi announced new Behavioral AI, anomaly detection, and risk-scoring capabilities to help enterprise customers combat social engineering attacks on their finance teams, payment systems, suppliers, and processes. The new wave of sophisticated AI-driven social engineering attacks generates highly personalized and…

Read more →

A high-severity vulnerability (CVE-2025-23363) in the Siemens Teamcenter product lifecycle management (PLM) software could allow an attacker to steal users’ valid session data and gain unauthorized access to the vulnerable application. About CVE-2025-23363 Siemens Teamcenter is a suite of applications…

Read more →

F5 introduced the F5 Application Delivery and Security Platform, an Application Delivery Controller (ADC) solution that fully converges high-performance load balancing and traffic management with app and API security capabilities into a single platform. With this platform, F5 is delivering…

Read more →

Agentic AI, which consists of systems that autonomously take action based on high-level goals, is becoming integral to enterprise security, threat intelligence, and automation. While these systems present significant potential, they also introduce new risks that CISOs must address. This…

Read more →