Category: Help Net Security

Cybersecurity advice is everywhere. We’re constantly reminded to update our passwords, enable two-factor authentication, and avoid clicking suspicious links. Yet, beneath these practical steps lie deeper cyber hygiene habits that, despite their importance, are frequently overlooked. These underlying mindsets and…

Read more →

Cybersecurity professionals may be concerned about the constantly shifting threat landscape. From the increased use of artificial intelligence (AI) by malicious actors to the expanding attack surface, cybersecurity risks evolve, and defenders need to mitigate them. Despite a period of…

Read more →

A new report from Gen highlights a sharp rise in online threats, capping off a record-breaking 2024. Between October and December alone, 2.55 billion cyber threats were blocked – an astonishing rate of 321 per second. The risk of encountering…

Read more →

BlackLock is on track to become the most active ransomware-as-a-service (RaaS) outfit in 2025, according to ReliaQuest. Its success is primarily due to their unusually active presence and good reputation on the ransomware-focused Russian-language forum RAMP, and their aggressive recruiting…

Read more →

Unit21 launched its new scams solution that helps financial institutions and fintechs detect and stop scams before they cause financial harm. Using AI automation, the new solution can be integrated into a fraud team’s workflow to accelerate investigations and response…

Read more →

Boomi unveiled its API Management (APIM) solution, delivering cloud-scale APIM alongside integration and automation, data management, and AI capabilities as part of the Boomi Enterprise Platform. Comprised of Boomi’s existing API Management offering along with assets recently acquired from both…

Read more →

ProcessUnity announced the next generation of the Global Risk Exchange. This platform transforms the third-party assessment process, reducing friction for both organizations and their third parties while streamlining vendor onboarding and accelerating assessment cycles. “The Global Risk Exchange makes the…

Read more →

In this Help Net Security, Oded Hareven, CEO of Akeyless Security, discusses how enterprises should adapt their cybersecurity strategies to address the growing need for machine-to-machine (M2M) security. According to Hareven, machine identities must be secured and governed similarly to…

Read more →

Your business can’t realize the many benefits of cloud computing without ensuring performance and availability in its cloud environments. Let’s look at some examples. Scalability: To scale your business’s cloud computing services, you need those services to be available and…

Read more →

Airport Cybersecurity Engineer II Salt Lake City Corporation | USA | On-site – View job details As an Airport Cybersecurity Engineer II, you will develop and implement policies, procedures, and training plans for security and network administration. Assess and mitigate…

Read more →

A new, improved variant of the XCSSET macOS malware has been spotted “in limited attacks” by Microsoft’s threat researchers. XCSSET macOS malware XCSSET in information-stealing and backdoor-injecting malware targeting Mac users. It’s usually distributed via infected Xcode projects – a…

Read more →

Discover the top Open-Source Intelligence (OSINT) books in this curated list. From investigative techniques to digital footprint analysis, these titles offer insights for security professionals, journalists, and researchers looking to master the art of gathering and analyzing publicly available data.…

Read more →

The suspected Chinese state-sponsored hackers who breached workstations of several US Treasury employees in December 2024 did so by leveraging not one, but two zero-days, according to Rapid7 researchers. It was initially reported that the attackers compromised the Treasury’s BeyondTrust…

Read more →

Two Estonian nationals may spend the next 20 years in prison for stealing hundreds of millions of dollars through a massive cryptocurrency Ponzi scheme, the US Department of Justice announced last week. The fraudulent operation “According to court documents, Sergei…

Read more →

In this Help Net Security interview, Natalia Belaya, CISO at Cloudera, discusses common misconceptions about cloud security, the balance between protection and business agility, and overlooked risks that CISOs should prioritize. Belaya also offers practical strategies for integrating cloud-native security…

Read more →

Orbit is an open-source platform built to streamline large-scale Nuclei scans, enabling teams to manage, analyze, and collaborate on security findings. It features a SvelteKit-based web frontend and a Go-powered backend, with Terraform and Ansible handling infrastructure and automation. “I…

Read more →

In this Help Net Security video, Bart Koek, Field CTO at Immuta, discusses their 2025 State of Data Security Report, highlighting emerging challenges for IT and data security leaders. Key takeaways from the report: GenAI is causing significant change management…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) February 2025 Patch Tuesday is here, and Microsoft has delivered fixes for 56 vulnerabilities, including two zero-days…

Read more →

Regardless of job title, 92% of executives stated they had some degree of confidence in their organization’s ability to meet compliance requirements and tackle advanced threats with current staff and tools, but confidence levels differed across leadership roles, according to…

Read more →

MetricStream has unveiled its annual forecast of key trends shaping the future of GRC and Cyber GRC. These 2025 predictions offer a roadmap for building resilience strategies, addressing emerging risks, and seizing new opportunities. AI comes of age: risks, rewards,…

Read more →