Category: Help Net Security

UserLock brings modern identity and access management (IAM) to Active Directory, adding granular multi-factor authentication (MFA), contextual access controls, single sign-on (SSO) and real-time session management. It helps AD-first teams secure logons and govern access to network and SaaS resources…

Read more →

AI development keeps accelerating while the safeguards around it move on uneven ground, according to The International AI Safety Report. Security leaders are being asked to judge exposure without dependable benchmarks. Developers build layered defenses Across the AI ecosystem, developers…

Read more →

Application Security Manager Oddity | Israel | On-site – View job details As an Application Security Manager, you will conduct threat modeling based on a deep understanding of product features and workflows. You will coordinate manual and automated penetration testing…

Read more →

Identity verification has become the latest front in the fight against industrialized fraud, according to a new report from Regula. The shift is visible across sectors that once relied on predictable verification routines. Criminals have learned to target the identity…

Read more →

German and Swiss law enforcement agencies have taken down Cryptomixer, an illegal cryptocurrency mixer service, and have confiscated over 25 million euros (approximately $29 million) in Bitcoin. The Cryptomixer seizure banner As part of Operation Olympia, and with support from…

Read more →

Terra Security announced new capabilities for security and engineering leaders seeking to operationalize Continuous Threat Exposure Management (CTEM), enabling them to determine whether newly disclosed vulnerabilities are exploitable in their own environments. Recent vulnerabilities discovered in major application frameworks, including…

Read more →

In this Help Net Security interview, Michael Yaroshefsky, CEO at MCP Manager, discusses how Model Context Protocol’s (MCP) trust model creates security gaps that many teams overlook and why MCP must not be treated like a standard API. He explains how…

Read more →

Security teams carry a heavy load, and password risk is one of the most overlooked parts of that workload. Every year new systems, cloud tools, and shared services add more credentials into the mix. Some sit in proper vaults, others…

Read more →

Offensive cyber activity has moved far beyond a handful of major powers. More governments now rely on digital operations to project influence during geopolitical tension, which raises new risks for organizations caught in the middle. A new policy brief from…

Read more →

In this Help Net Security video, Jonathan Edwards, Managing Director at KeyData Cyber, walks us through what practical zero trust adoption looks like in stages. He explains why he dislikes the term itself, then shifts to steps teams can follow…

Read more →

Over half of organizations that experienced a ransomware event in the past year were hit during a weekend or holiday, according to a Semperis report. Those periods often come with thin staffing, slower investigation, and fewer eyes on identity systems.…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Quantum encryption is pushing satellite hardware to its limits In this Help Net Security interview, Colonel Ludovic Monnerat, Commander Space Command, Swiss Armed Forces, discusses…

Read more →

Machine learning (ML) privacy concerns continue to surface, as audits show that models can reveal parts of the labels (the user’s choice, expressed preference, or the result of an action) used during training. A new research paper explores a different…

Read more →

Many CISOs already assume that social media creates new openings for password guessing, but new research helps show what that risk looks like in practice. The findings reveal how much information can be reconstructed from public profiles and how that…

Read more →

Most CISOs spend their days dealing with noisy dashboards and vendor pitches that all promise a shortcut to compliance. It can be overwhelming to sort out what matters. When you dig into real incidents involving payment data, a surprising number come…

Read more →

Security leaders know vulnerability backlogs are rising, but new data shows how quickly the gap between exposures and available resources is widening, according to a new report by Hackuity. Fragmented detection and slow remediation Organizations use a formalized approach to…

Read more →

Here’s a look at the most interesting products from the past month, featuring releases from: 1touch.io, Action1, Barracuda Networks, Bedrock Data, Bitdefender, Cyware, Firewalla, Forescout, Immersive, Kentik, Komodor, Minimus, Nokod Security, and Synack. Action1 addresses Intune gaps with patching and…

Read more →

Detego Global has announced the launch of Detego Case Manager for DFIR, a purpose-built platform designed to meet the evolving demands of digital forensics and incident response (DFIR) teams. Developed in close collaboration with investigative professionals, Detego Case Manager for…

Read more →

Clover announced $36 million in funding to secure the AI-native product wave. The company’s funding round was led by Notable Capital and Team8 with participation from SVCI. Clover Security is also backed by industry heavy weights, including Wiz co-founders Assaf…

Read more →

This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Heisenberg: Open-source software supply chain health check tool Heisenberg is an open-source tool that checks the health of a software supply chain.…

Read more →