Category: Help Net Security

In this Help Net Security interview, Rik Mistry, Managing Partner at Interval Group, discusses how to align IT strategy with business goals. He explains how security, governance, and orchestration shape IT operations and why early collaboration between IT and security…

Read more →

Businesses are increasingly being pulled into lawsuits over how they collect and share user data online. What was once the domain of large tech firms is now a widespread legal risk for companies of all sizes. The latest analysis from…

Read more →

When employees stop falling for phishing emails, it is rarely luck. A new study shows that steady, mandatory phishing training can cut risky behavior over time. After one year of continuous simulations and follow-up lessons, employees were half as likely…

Read more →

Healthcare leaders continue to treat cybersecurity as a technical safeguard instead of a strategic business function, according to the 2025 US Healthcare Cyber Resilience Survey by EY. The study, based on responses from 100 healthcare executives, outlines six areas where…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from 1touch.io, Barracuda Networks, Bitdefender, Forescout, and Komodor. Bitdefender GravityZone Security Data Lake unifies telemetry from multiple tools Security Data Lake empowers both in-house security teams…

Read more →

Cisco has fixed two critical vulnerabilities (CVE-2025-20358, CVE-2025-20354) affecting Unified Contact Center Express (UCCX), which may allow attackers to bypass authentication, compromise vulnerable installations, and elevate privileges to root. The good news is that there is currently no evidence of…

Read more →

Ping Identity announced “Identity for AI,” a new solution designed to secure the world of AI agents. As organizations embrace agentic AI to boost productivity and commerce, Ping Identity is redefining how enterprises enable this new class of autonomous digital…

Read more →

Team Cymru announced RADAR, a new real-time discovery module designed to give threat analysts visibility into all internet-facing infrastructure, whether known or unknown, without waiting on asset inventories, third-party scans, or compliance-oriented tools. “Our RADAR solution is about giving defenders…

Read more →

Incident responders from Mandiant have wrapped up their investigation into the SonicWall cloud backup service hack, and the verdict is in: the culprit is a state-sponsored threat actor (though the specific nation wasn’t disclosed). “[The incident] was isolated to the…

Read more →

Prowler launched Prowler Lighthouse AI, an intelligent security assistant and MCP Server, that brings autonomous AI directly into DevSecOps workflows. Available immediately, Prowler’s AI innovations combine agentic reasoning with automation to accelerate risk analysis, streamline compliance and guide teams through…

Read more →

State-aligned hacking groups have spent the past six months ramping up espionage, sabotage, and cybercrime campaigns across multiple regions, according to ESET’s APT Activity Report covering April through September 2025. The research highlights how operations linked to Russia, China, Iran,…

Read more →

1touch.io unveils Kontxtual, an AI-driven data platform engineered for the AI era. Built to accelerate enterprise innovation without compromising control, Kontxtual harnesses the power of AI and LLMs to deliver real-time data, identity, usage, and risk insights, assuring sovereignty and…

Read more →

MajorKey Technologies announced IDProof+, a high-assurance identity verification solution leveraging biometric technology. Developed in collaboration with identity verification innovator authID, IDProof+ is designed to help enterprises combat AI-driven fraud and streamline remote workforce onboarding. Key benefits of IDProof+ include: Integration…

Read more →

Aptori announced Code-Q (Code Quick Fix), a new agent in its AI-powered security platform that automatically generates, validates and applies code-level remediations for confirmed vulnerabilities. Building on Aptori’s AI Triage, which delivers deterministic vulnerability validation, Code-Q extends that intelligence into…

Read more →

Hypori announced the expansion of its platform with the launch of the Hypori Secure Workspace Ecosystem, a suite of next-generation products designed to give organizations flexibility, scalability, and control over secure mobile access. The new portfolio introduces Hypori Mobile and…

Read more →

Binarly released the Binarly Transparency Platform 3.5 with Java ecosystem support, enterprise-grade YARA integration, and operational upgrades. With this update, Binarly’s cryptographic algorithm identification engine now supports Java archives (JARs) and JVM bytecode, scanning both standalone and embedded files inside…

Read more →

When you ask a large language model to summarize a policy or write code, you probably assume it will behave safely. But what happens when someone tries to trick it into leaking data or generating harmful content? That question is…

Read more →

Prismatic announced its MCP flow server for production-ready AI integrations. The new offering enables companies to transform fragile AI toolchains into reliable, deterministic workflows that can securely power mission-critical applications. AI agents are now embedded in every workflow — from…

Read more →

Bitdefender announced Bitdefender GravityZone Security Data Lake and Data Lake for Managed Detection and Response (MDR), solutions that help organizations cut through alert overload and complexity by unifying security telemetry from multiple tools into a single, intelligent platform. The new…

Read more →

Information moves across cloud platforms, personal devices, and AI tools, often faster than security teams can track it. Proofpoint’s 2025 Data Security Landscape report shows that most organizations faced data loss last year, usually caused by their own people. With…

Read more →