Category: Help Net Security

The new year has started with a whirlwind of activity, and one of the hottest topics in the news is the increasing emphasis on AI. DeepSeek ad Stargate DeepSeek took the world by storm as millions of copies were downloaded…

Read more →

Security validation has officially turned a corner. Once considered a “nice-to-have” it’s now a top priority for security leaders worldwide. This shift has been accelerated by frameworks like Gartner’s Continuous Threat Exposure Management (CTEM), introduced in 2022, which emphasizes the…

Read more →

In this Help Net Security interview, Mateusz Łabuz, researcher at the IFSH, discusses the balance between using AI for personalized political campaigns and protecting voter privacy. Łabuz also discusses the potential of AI in fact-checking, the regulatory landscape, and the…

Read more →

Tokenization replaces sensitive data, such as credit card numbers or personal identifiers, with unique, non-sensitive tokens with no exploitable value. This method helps protect sensitive information by ensuring that the actual data is never stored or transmitted, reducing the risk…

Read more →

Beelzebub is an open-source honeypot framework engineered to create a secure environment for detecting and analyzing cyber threats. It features a low-code design for seamless deployment and leverages AI to emulate the behavior of a high-interaction honeypot. “I created Beelzebub…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411) CVE-2025-0411, a Mark-of-the-Web bypass vulnerability in the open-source archiver tool 7-Zip that was fixed in November 2024, has…

Read more →

A ViewState code injection attack spotted by Microsoft threat researchers in December 2024 could be easily replicated by other attackers, the company warned. “In the course of investigating, remediating, and building protections against this activity, we observed an insecure practice…

Read more →

The way we manage digital identity is fundamentally broken. The root of the problem lies in traditional, centralized identity models, where a single organization holds and controls a user’s credentials, creating an attractive target for attackers. The bigger the database,…

Read more →

NSA’s Research Directorate released version 11.3 of Ghidra, an open-source software reverse engineering (SRE) framework. It offers advanced analysis tools, enabling users to dissect and examine compiled code across multiple platforms, including Windows, macOS, and Linux. Ghidra 11.3 is fully…

Read more →

The implementation of new regulatory measures that impact the UK, EU, and beyond are driving organizations to enhance vigilance in addressing evolving cybersecurity and operational risks, according to AuditBoard. The research showed 91% of respondents report feeling concerned about cybersecurity…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Dynatrace, Nymi, Qualys, SafeBreach, and Satori. Qualys TotalAppSec enables organizations to address risks across web applications and APIs Qualys TotalAppSec unifies API security, web application…

Read more →

Cyber fraud (which includes activity such as hacking, deepfakes, voice cloning and highly sophisticated phishing schemes) rose by 14% year over year, according to Trustpair. US faces cyber fraud growth The proprietary research, which is based on a survey of…

Read more →

Expel announced expanded security information and event management (SIEM) coverage, including a new low-cost data lake offering, allowing customers to meet compliance and data storage requirements more effectively while strengthening their overall security posture. Additionally, Expel extended integration coverage and…

Read more →

ActiveState launched its Vulnerability Management as a Service (VMaas) offering that revolutionizes how organizations manage open source and accelerates secure software delivery. ActiveState’s Vulnerability Management as a Service combines Application Security Posture Management (ASPM) and Intelligent Remediation capabilities with expert…

Read more →

Chainalysis’ latest report on how the ransomware landscape changed from 2023 to 2024 shows a promising trend: An increasing number of victims refuses to pay the ransom. The total volume of ransom payments decreased year-over-year by approximately 35%, the blockchain…

Read more →

Corero Network Security announced new advancements in multi-site resiliency and intelligent traffic management, further strengthening its ability to deliver always-on DDoS protection. Designed to mitigate large-scale cyberattacks, operational failures, and data center outages, Corero’s solution eliminates single points of failure…

Read more →

The Spanish National Police has arrested a hacker suspected of having breached national and international agencies (including the United Nation’s International Civil Aviation Organization and NATO), Spanish universities and companies, and released stolen data on the dark web. The attacks…

Read more →

Onapsis announced Onapsis Control Central for SAP application security testing and custom code security supporting RISE with SAP transformations. As the latest addition to its Onapsis Control product line, Control Central is a reinvention of Onapsis’ award-winning Control product. Control…

Read more →

Cyabra introduces Insights, a new AI-feature designed to transform complex social media disinformation data into clear, actionable answers in seconds. False narratives, fake accounts, and AI-generated content are spreading faster than ever, costing businesses and governments billions annually and eroding…

Read more →

In this Help Net Security interview, Oliver Friedrichs, CEO at Pangea, discusses why strong data hygiene is more important than ever as companies integrate AI into their operations. With AI-driven applications handling sensitive enterprise data, poor access controls and outdated…

Read more →