Category: Help Net Security

Personal liability is becoming a routine part of the CISO job. In Splunk’s 2026 CISO Report, titled From Risk to Resilience in the AI Era, 78% of CISOs said they are concerned about their own liability for security incidents, up…

Read more →

Industrial operators continue to run remote access portals, building automation servers, and other operational technology services on public IP address ranges. Palo Alto Networks, Siemens, and Idaho National Laboratory describe the scope of that exposure in the Intelligence-Driven Active Defense…

Read more →

Here’s a look at the most interesting products from the past month, featuring releases from Aikido Security, Avast, Armis, Black Duck, Compliance Scorecard, Fingerprint, Gremlin, Impart Security, Portnox, Redpanda, Socure, SpecterOps, Veza, and Virtana. Gremlin launches Disaster Recovery Testing for…

Read more →

AWS Security Hub Extended is a plan within Security Hub that simplifies how customers procure, deploy, and integrate a full-stack enterprise security solution across endpoint, identity, email, network, data, browser, cloud, AI, and security operations. The plan allows customers to…

Read more →

AI models are being folded into fraud and influence operations that follow long standing tactics. A February 2026 update to OpenAI’s Disrupting Malicious Uses of Our Models report details how ChatGPT and related API access were used in romance scams,…

Read more →

Encrypted messaging platforms are becoming a primary channel for Authorised Push Payment (APP) fraud, with Telegram representing a growing share of reported cases, according to the Revolut report. APP scam origination by % Social Media platform (Source: Revolut) The platform…

Read more →

The Scattered Lapsus$ Hunters (SLH) hacking collective has launched a recruitment push aimed specifically at women, offering cash payments for participating in voice-phishing (vishing) attacks. A few days ago, threat intelligence firm Dataminr detected posts on a public Telegram channel…

Read more →

Anthropic has acquired Vercept to help push Claude’s computer use capabilities further. People are using Claude for increasingly complex work, including writing and running code across entire repositories, synthesizing research from dozens of sources, and managing workflows that span multiple…

Read more →

The Samsung Galaxy S26 series is out, offering plenty of security features that protect personal data while providing users with transparency and control over how their information is used. The feature that grabbed the spotlight is the built-in Privacy Display…

Read more →

Packet inspection remains a routine activity across enterprise networks, incident response workflows, and malware investigations. Continuous use places long-term stability and parsing accuracy at the center of daily operations. Wireshark version 4.6.4 addresses two vulnerabilities affecting protocol dissectors and resolves…

Read more →

Intellicheck announced the roll out of its enriched Desktop Application. The new Desktop Application allows any sized organization to immediately stop identity theft and fraud losses. Implementation is immediate. No system integration is needed. This comes at minimal cost. The…

Read more →

Lightrun has announced real-time AI SRE built on live, in-line runtime context. This enables AI agents and engineering teams to dynamically generate missing evidence without redeployments, prove root causes with live execution data (“ground truth”), and validate fixes directly in…

Read more →

Routine employee activity across corporate systems carries an average annual cost of $19.5 million per organization. That figure comes from the 2026 Cost of Insider Risks Global Report, conducted by the Ponemon Institute and based on data from 354 organizations…

Read more →

Deploying the IntellaStore IV Network Security Appliance from APCON means easy installation, dedicated network packet capture, and a seamless workflow from traffic of interest to security and compliance tools. The release of APCON’s IntellaStore IV empowers network security engineers, business…

Read more →

Veza announced an expansion of the Veza Platform with the introduction of Veza Access Agents, a set of purpose-built AI Agents designed to automate complex identity and access governance tasks for enterprises. Veza also announced advancements to its AI Agent…

Read more →

Open source code sits inside nearly every commercial application, and development teams continue to add new dependencies. Black Duck’s 2026 Open Source Security and Risk Analysis Report data shows that nearly all audited codebases contain open source components, with average…

Read more →

In this Help Net Security interview, Joni Klippert, CEO at StackHawk, discusses what defines DAST coverage in 2026 and why scan completion does not equal security. She explains how AI-driven DAST testing automates attack surface discovery, supports business-logic testing in…

Read more →

Digital Forensics, Investigation, and Response, 5th Edition presents a structured survey of the digital forensics discipline. The book spans foundational principles, platform specific analysis, specialized branches, and incident response integration. About the author Chuck Easttom has many years of practical…

Read more →

This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Pompelmi: Open-source secure file upload scanning for Node.js Software teams building services in JavaScript are adding more layers of defense to handle…

Read more →

A “highly sophisticated” cyber threat actor has been exploiting a zero-day authentication bypass vulnerability (CVE-2026-20127) in Cisco Catalyst SD-WAN Controller (formerly vSmart), Cisco has announced today. The vulnerability was reported by Australian Signals Directorate’s Australian Cyber Security Centre, who said…

Read more →