Category: Help Net Security

Like many large-scale network security projects, microsegmentation can seem complex, time-consuming, and expensive. It involves managing intricate details about inter-device service connectivity. One web server should connect to specific databases but not to others, or load balancers should connect to…

Read more →

Despite advancements in security technology, many individuals and organizations continue to rely on outdated and vulnerable authentication methods, leaving themselves exposed to cyber threats. This ongoing reliance on insecure methods has led to a steady rise in fraud, with weak…

Read more →

In this Help Net Security interview, Omer Cohen, Chief Security Officer at Descope, discusses the impact of identity federation on organizational security and user experience. He explains how this approach streamlines credential management and enhances security by leveraging trusted identity…

Read more →

Here’s a look at the most interesting products from the past month, featuring releases from: Absolute, anecdotes, ArmorCode, Binarly, Bitdefender, Druva, F5 Networks, Gcore, Guardsquare, Huntress, Ketch, LOKKER, Malwarebytes, NETGEAR, Nudge Security, Prompt Security, Rapid7, Revenera, Skyhigh Security, Strivacity, Tenable,…

Read more →

Storm-0501, an affiliate of several high-profile ransomware-as-a-service outfits, has been spotted compromising targets’ cloud environments and on-premises systems. “Storm-0501 is the latest threat actor observed to exploit weak credentials and over-privileged accounts to move from organizations’ on-premises environment to cloud…

Read more →

Microsoft has made changes to Recall – the screenshot-taking, AI-powered search feature for Copilot+ PCs running Windows 11 – to reassure users worried about security and privacy. The security of the feature has been assessed by Microsoft’s Offensive Research &…

Read more →

SCCMSecrets is an open-source tool that exploits SCCM policies, offering more than just NAA credential extraction. SCCM policies are a key target for attackers in Active Directory environments, as they can expose sensitive technical information, including account credentials. Attackers may…

Read more →

Application programming interfaces (APIs) are essential to how generative AI (GenAI) functions with agents (e.g., calling upon them for data). But the combination of API and LLM issues coupled with rapid rollouts is likely to see numerous organizations having to…

Read more →

Open source has become the foundation of modern application development, with up to 98% of applications incorporating open-source components and open-source code accounting for 70% or more of the typical application. In this Help Net Security video, Donald Fischer, CEO…

Read more →

Despite the rise in cyber threats, many people do not have a holistic view of security, according to Yubico. The results of the survey uncovered concerning patterns and behaviors when it comes to personal and workplace cybersecurity, including the extensive…

Read more →

In this Help Net Security interview, Joe Baguley, CTO EMEA at Broadcom, shares insights on private AI and its significance in data security. He explains how it helps organizations maintain control over sensitive information while addressing the complexities of compliance…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Windows Server 2025 gets hotpatching option, without reboots Organizations that plan to upgrade to Windows Server 2025 once it becomes generally available will be able…

Read more →

After much hyping and following prematurely leaked information by a third party, security researcher Simone Margaritelli has released details about four zero-day vulnerabilities in the Common UNIX Printing System (CUPS) that can be abused by remote, unauthenticated attackers to achieve…

Read more →

SpyCloud released new hosted automation solution, SpyCloud Connect, which delivers custom-built automation workflows to Information Security (InfoSec) and Security Operations (SecOps) teams. The solution enables rapid automation of SpyCloud’s suite of identity threat protection products with a vast array of…

Read more →

AuditBoard announced extensions to its modern connected risk platform to help teams improve efficiency, foster collaboration, and increase the rigor and intentionality of their GRC management programs. Available immediately, these functionalities include: AuditBoard analytics enhancements include nine new out-of-the-box workflows…

Read more →

Tosint is an open-source Telegram OSINT tool that extracts useful information from Telegram bots and channels. It’s suited for security researchers, investigators, and others who want to gather insights from Telegram sources. Several law enforcement agencies utilize Tosint to gather…

Read more →

IoT devices have become integral to how many organizations operate. From Smart TVs in conference rooms to connected sensors and wireless security cameras, these connected devices are now a fixture in the modern workplace. They also, however, present a real…

Read more →

In this Help Net Security interview, Nadir Izrael, CTO at Armis, discusses how AI has transformed cyberwarfare by amplifying attacks’ scale and sophistication. Izrael emphasizes the need for AI-powered defenses and proactive cybersecurity strategies to combat these evolving threats. How…

Read more →

iOS 18 allows you to lock and hide apps to protect the information within them by requiring Face ID, Touch ID, or your passcode for access, while also concealing the content from searches, notifications, and various areas throughout the system.…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Absolute, ArmorCode, Bitdefender, Guardsquare, Malwarebytes, NETGEAR, and Nudge Security. Bitdefender debuts GravityZone PHASR, enhancing security through user behavior analysis GravityZone PHASR enables security teams to…

Read more →