Category: Help Net Security

Sara is an open-source tool designed to analyze RouterOS configurations and identify security vulnerabilities on MikroTik hardware. Sara’s main feature is using regular expressions as the primary analysis mechanism. This allows you to quickly and accurately process RouterOS configuration text…

Read more →

In this Help Net Security interview, Josh Lemos, CISO at GitLab, talks about the shift from DevOps to DevSecOps, focusing on the complexity of building systems and integrating security tools. He shares tips for maintaining development speed, fostering collaboration, and…

Read more →

As we look ahead to cybersecurity developments in 2025, there’s bad news and good—expect to see new challenging attacks and the cybersecurity community increasingly working together to counter threats that are beyond the scope of individual organizations. The post Cybersecurity…

Read more →

Ivanti has fixed two vulnerabilities affecting Ivanti Connect Secure, Policy Secure and ZTA gateways, one of which (CVE-2025-0282) has been exploited as a zero-day by attackers to compromise Connect Secure VPN appliances. About CVE-2025-0282 and CVE-2025-0283 Both are stack-based buffer…

Read more →

Swimlane unveiled Hero, a private agentic AI security operations (SecOps) companion. Built on the foundation of Swimlane’s Hero AI innovations, Hero empowers security teams to work smarter and faster by suggesting next steps and answering complex questions privately to speed…

Read more →

The White House has announced the launch of the U.S. Cyber Trust Mark, a voluntary cybersecurity labeling program for consumer-grade internet-connected devices. “The White House launched this bipartisan effort to educate American consumers and give them an easy way to…

Read more →

BioConnect introduced its Arc Series biometric devices. Designed to address the evolving security, compliance, and scalability needs of enterprises and data centers, the Arc Series sets a new standard in modern access control. The launch includes three innovative devices: Arc…

Read more →

CISA has added Mitel MiCollab (CVE-2024-41713, CVE-2024-55550) and Oracle WebLogic Server (CVE-2020-2883) vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The Mitel MiCollab vulnerabilities exploited Mitel MiCollab is a popular enterprise collaboration suite. CVE-2024-41713 and CVE-2024-55550 are both path traversal…

Read more →

Transcend announced its white-glove Migration Accelerator for businesses leaving behind legacy privacy platforms. Transcend’s dedicated switching solution removes the traditional headaches of migration and empowers organizations to unlock the full potential of Transcend’s automated platform. In a landscape where legacy…

Read more →

Machine learning and generative AI are changing the way knowledge workers do their jobs. Every company is eager to be “an AI company,” but AI can often seem like a black box, and the fear of security, regulatory and privacy…

Read more →

In this Help Net Security interview, Marko Simeonov, CEO of Plainsea, discusses how organizations can move beyond compliance-driven penetration testing toward a more strategic, risk-based approach. He explains how automation, human expertise, and continuous monitoring can transform penetration testing into…

Read more →

Despite organizations’ repeated attempts at security awareness training, with a particular emphasis on how employees can avoid being phished, in 2024 enterprise users clicked on phishing lures at a rate nearly three times higher than in 2023, according to Netskope.…

Read more →

AI Penetration Tester Microsoft | Canada | Remote – View job details As an AI Penetration Tester, you will discover and exploit vulnerabilities end-to-end in order to assess the security of AI systems. Execute offensive operations on production AI systems…

Read more →

The United Nation’s International Civil Aviation Organization (ICAO) confirmed on Monday that it’s “actively investigating reports of a potential information security incident allegedly linked to a threat actor known for targeting international organizations.” The statement came a few days after…

Read more →

NETGEAR announced the next generation of NETGEAR Armor, powered by Bitdefender. As a subscription, Armor is a comprehensive cybersecurity service available on Orbi mesh systems and Nighthawk routers that protects IoT and mobile devices connected to the home network and…

Read more →

The US Cybersecurity and Infrastructure Security Agency (CISA) has shared on Monday that the Treasury Department was the only US federal agency affected by the recent cybersecurity incident involving compromised BeyondTrust Remote Support SaaS instances. On the same day, BeyondTrust…

Read more →

McAfee launched the AI-powered McAfee Scam Detector — a tool designed to protect against text, email, and video scams. Today’s scams are smarter, sneakier, and more convincing than ever — and they’re everywhere. 59% of Americans say they or someone…

Read more →

In this Help Net Security interview, Sean Embry, CISO at eBay, discusses key aspects of cybersecurity leadership. He shares insights on balancing long-term strategic planning with immediate threat response, evaluating the ROI of new technologies, and addressing employee cybersecurity fatigue.…

Read more →

Enterprise cryptography faces risks beyond just the advent of quantum computers. For starters, there is no guarantee that the traditional algorithms have not been broken. Though we believe that it is “unlikely” they can be, the reality is that in…

Read more →

Lineaje recently released a report identifying the US and Russia as the leading generators of open-source projects, with both countries also having the highest numbers of anonymous open-source contributions. In this Help Net Security video, Nick Mistry, SVP and CISO…

Read more →