Category: Help Net Security

In this Help Net Security video, Michael Engle, Chief Strategy Officer at 1Kosmos, explains how deepfakes are changing online identity verification. He describes how fake IDs and synthetic identities are being used for account signups and takeovers. Engle outlines why…

Read more →

Cybersecurity Architect Alstom | France | On-site – View job details As a Cybersecurity Architect, you will analyze solutions, identify associated risks, and propose security architecture models by involving various cybersecurity experts (network, IAM, SIEM, SOC, etc.) and applying the…

Read more →

In financial services, application security risk is becoming a long game. Fewer flaws appear in new code, but old ones linger longer, creating a kind of software “interest” that keeps growing, according to Veracode’s 2025 State of Software Security report.…

Read more →

The volume of threat intelligence data has grown exponentially, but the ability to interpret and act on it has not. Every day brings new CVE disclosures, exploit releases, and vendor advisories, Teams are buried under overlapping feeds, inconsistent formats, and…

Read more →

Zenity announced runtime protection for OpenAI’s AgentKit, providing enterprise-grade enforcement that detects and blocks data leakage, secret exposure and unsafe agent behavior in real time. This launch follows Zenity Labs’ recent research exposing critical gaps in OpenAI’s AgentKit guardrails that…

Read more →

A spear-phishing campaign aimed to compromise Russian and Belarusian military personnel by using military-themed documents as a lure has been flagged by Cyble and Seqrite security researchers. The goal of the campaign is to get targets to download and open…

Read more →

Static credentials have been a weak point in cloud security for years. A new paper by researchers from SentinelOne takes direct aim at that issue with a practical model for authenticating workloads without long-lived secrets. Instead of relying on static…

Read more →

Heisenberg is an open-source tool that checks the health of a software supply chain. It analyzes dependencies using data from deps.dev, Software Bills of Materials (SBOMs), and external advisories to measure package health, detect risks, and generate reports for individual…

Read more →

AI, SaaS, and personal devices are changing how people get work done, but the tools that protect company systems have not kept up, according to 1Password. Tools like SSO, MDM, and IAM no longer align with how employees and AI…

Read more →

In this Help Net Security interview, Arun Singh, CISO at Tyro, discusses what it takes to secure real-time payments without slowing them down. He explains how analytics, authentication, and better industry cooperation can help stay ahead of fraud. Singh also…

Read more →

Caller ID spoofing has become one of Europe’s most persistent enablers of cyber fraud. A new position paper from Europol warns that manipulated phone identities now drive much of the continent’s financial and social engineering crime, making it difficult for…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Can your earbuds recognize you? Researchers are working on it Biometric authentication has moved from fingerprints to voices to facial scans, but a team of…

Read more →

A Windows vulnerability (CVE-2025-9491, aka ZDI-CAN-25373) that state-sponsored threat actors and cybercrime groups have been quietly leveraging since at least 2017 continues to be exploited for attacks. “Arctic Wolf Labs assesses with high confidence that [the campaign they detected] is…

Read more →

In partnership with international cybersecurity agencies, the US Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) outlined security best practices for organizations that use on-premises versions of Microsoft Exchange Server. Microsoft Exchange servers are regularly targeted…

Read more →

ImmuniWeb has unveiled an upgraded version of ImmuniWeb Continuous, designed for continuous penetration testing and 24/7 automated vulnerability scanning of web applications, APIs, and microservices. The new solution is a perfect fit for organizations that have more than ten web…

Read more →

Shadow AI is the second-most prevalent form of shadow IT in corporate environments, 1Password’s latest annual report has revealed. Based on a survey of over 5,000 IT/security professionals and knowledge workers in the US, UK, Europe, Canada and Singapore, the…

Read more →

AI chat tools are taking over offices, but at what cost to privacy? People often feel anonymous in chat interfaces and may share personal data without realizing the risks. Cybercriminals see the same opening, and it may only be a…

Read more →

In this Help Net Security interview, Wade Bicknell, Head, IT Security & Operations, CFA Institute, discusses how CISOs can use AI while maintaining security and governance. He explains why AI presents both defensive opportunities and emerging risks, and how leadership…

Read more →

With the average person juggling more than 300 credentials and credential abuse still the top attack vector, the password’s decline is long overdue. Across every major sector, organizations are changing how users log in, and new data shows the shift…

Read more →

In this Help Net Security video, Doug Kersten, CISO at Appfire, shares practical, experience-driven advice on how CISOs can avoid the most common mistakes when preparing for an audit. He breaks down what often frustrates auditors, why organization and clear…

Read more →