Category: Help Net Security

Penetration testing has evolved significantly over the past several years. While uncovering exploitable vulnerabilities remains the core goal, the real differentiator today is how findings are handled after the testing concludes. The method of reporting, delivery, and remediation tracking play…

Read more →

Security teams say they want real-time insight into controls, but still rely on periodic checks that trail daily operations. New RegScale research shows how wide that gap remains and where organizations are directing time, staff, and budget to manage it.…

Read more →

Ping Identity announced its Universal Services, a set of identity services that enable organizations to move beyond authentication and continuously establish, validate, and protect trust across every digital interaction. As impersonation attacks, synthetic identities, and AI-driven social engineering accelerate, enterprises…

Read more →

HackerOne has unveiled the Good Faith AI Research Safe Harbor, a new industry framework that establishes authorisation and legal protections for researchers testing AI systems in good faith. As AI systems scale rapidly across critical products and services, legal ambiguity…

Read more →

A 40-year-old Jordanian man has admitted to selling unauthorized access to computer networks of at least 50 companies, the US Attorney’s Office of the District of New Jersey has announced. Feras Khalil Ahmad Albashiti has pleaded guilty last Thursday to…

Read more →

Endace has announced the release of OSm 7.3, a major software update that makes network packet data faster, more affordable, and more user-friendly. Faster search, API-driven automation, and instant forensics With threats evolving at unprecedented speed and regulations like DORA,…

Read more →

Radware has unveiled the launch of its Radware API Security Service, an end-to-end solution designed to protect APIs throughout their entire lifecycle using real-time production traffic. Radware API Security Service offers APIs advanced protection against the OWASP Top 10 API…

Read more →

Sophos has announced Sophos Workspace Protection, expanding its portfolio to help organizations secure hybrid work and govern the use of emerging technologies, including AI. Built around the Sophos Protected Browser, powered by Island, the solution enables organizations to protect applications,…

Read more →

Let’s Encrypt says its short-lived TLS certificates with a 6-day lifetime are now generally available. Each certificate is valid for 160 hours from the time it is issued. To request one, operators must select the “shortlived” profile in their ACME…

Read more →

A strange charge appears on a bank account. An email claims a package is on the way. A social media account stops accepting a password that worked yesterday. When these moments hit, many people do the same thing. They open…

Read more →

Every interaction online, from signing up for a newsletter to making a purchase, leaves a trace. These traces are collected by data brokers and resold to advertisers, analytics firms, or, in some cases, criminals on the dark web. As personal…

Read more →

Privacy programs are under strain as organizations manage breach risk, new technology, and limited resources. A global study from ISACA shows that AI is gaining ground in privacy work, with use shaped by governance, funding, and how consistently privacy is…

Read more →

Application Security Engineer xAI | USA | On-site – View job details As an Application Security Engineer, you will review and analyze code to identify vulnerabilities, define secure coding standards, and embed security practices into the CI/CD pipeline. You will…

Read more →

Browser extensions are a high-risk attack vector for enterprises, allowing threat actors to bypass traditional security controls and gain a foothold on corporate endpoints. Case in point: A recently identified malicious extension called NexShield proves that a single user install…

Read more →

Law enforcement agencies in Ukraine and Germany have identified two members of a Russian-affiliated ransomware group and carried out searches in western Ukraine. Search (Source: Cyber ​​Police of Ukraine) Investigators also named the alleged organizer, a Russian national, and placed…

Read more →

Keepnet launched its Agentic AI for Behavioral Microlearning solution, which moves success metrics from “completion rates” to behavior change and verifiable incident reduction. Agentic AI autonomously plans, creates, delivers, and optimizes training based on real-time risk data, eliminating manual intervention.…

Read more →

The British Army has announced a new permanent base for its cyber regiment, backed by £279 million in government spending. The plan centres on 13 Signal Regiment, the unit responsible for defending Army networks and supporting cyber operations. The regiment…

Read more →

Cybersecurity is inseparable from geopolitics. Ongoing conflicts, sanctions, trade wars, geoeconomic rivalry, and technological competition have pushed state competition into cyberspace. States use cyber operations to exert pressure on rivals, enabling disruption without resorting to conventional weapons. Infrastructure vulnerabilities in…

Read more →

SEON has unveiled the launch of its AI-powered Identity Verification solution, bringing ID verification, liveness detection and proof of address checks into its unified risk platform. SEON’s solution is built on more than 900 real-time fraud signals, helping organizations assess…

Read more →

AI Strategy and Security is a guide for organizations planning enterprise AI programs. The book targets technology leaders, security professionals, and executives responsible for strategy, governance, and operational execution. It treats AI adoption as an organizational discipline that spans planning,…

Read more →