In a landmark investigation, the anonymous cybercrime investigator GangExposed has struck a devastating blow against the notorious Conti ransomware group, exposing the real identities, operational strategies, and global movements of its key figures. Through meticulous analysis of leaked communications, travel…
Tag: EN
Blockchain for Cybersecurity Real-World Applications and Limits
As cybercrime costs the global economy an estimated $445 billion annually, blockchain technology is emerging as a powerful cybersecurity weapon and a new battleground for digital threats. With illicit cryptocurrency addresses receiving approximately $40.9 billion in 2024, the blockchain security…
Conducting Risk Assessments That Drive Business Value
Companies across industries are discovering that well-executed risk assessments do far more than check regulatory boxes—they’re becoming powerful engines for business growth and competitive advantage. As organizations face an increasingly complex threat landscape in 2025, forward-thinking leaders are transforming risk…
Product showcase: Smarter pentest reporting and exposure management with PlexTrac
The threat landscape is evolving faster than ever. Staying ahead means going beyond automated scans and check-the-box assessments. It demands continuous, hands-on testing through a security approach that proactively identifies, prioritizes, and mitigates threats in real time. To manage these…
Fake Recruiter Emails Target CFOs Using Legit NetBird Tool Across 6 Global Regions
Cybersecurity researchers have warned of a new spear-phishing campaign that uses a legitimate remote access tool called Netbird to target Chief Financial Officers (CFOs) and financial executives at banks, energy companies, insurers, and investment firms across Europe, Africa, Canada, the…
Share your user story
If you’re reading this blog post, you probably don’t need us to tell you how essential, widespread, and important the OpenSSL Library is. While our open source model means that everyone is freely able to use these tools, it also…
CISO 3.0: Leading AI governance and security in the boardroom
In this Help Net Security interview, Aaron McCray, Field CISO at CDW, discusses how AI is transforming the CISO role from a tactical cybersecurity guardian into a strategic enterprise risk advisor. With AI now embedded across business functions, CISOs are…
Simple SSH Backdoor, (Mon, Jun 2nd)
For most system and network administrators, the free SSH client Putty has been their best friend for years! This tool was also (ab)used by attackers that deployed a trojanized version[1]. Microsoft had the good idea to include OpenSSH (beta version)…
Evolution of DDoS Attacks Mitigation Strategies for 2025
The cybersecurity landscape witnessed an unprecedented escalation in distributed denial of service (DDoS) attacks during the first quarter of 2025. Organizations faced increasingly sophisticated threats that demanded revolutionary defensive approaches. Recent data reveals a staggering 358% year-over-year increase in DDoS…
Security awareness training isn’t stopping breaches. Can AI help?
In this Help Net Security video, Mick Leach, Field CISO at Abnormal AI, explores why security awareness training (SAT) is failing to reduce human error, the top cause of cybersecurity incidents. He discusses how AI can transform SAT into a…
Review: Metasploit, 2nd Edition
If you’ve spent any time in penetration testing, chances are you’ve crossed paths with Metasploit. The second edition of Metasploit tries to bring the book in line with how pentesters are using the tool. It mostly succeeds, with some caveats…
48% of security pros are falling behind compliance requirements
32% of security professionals think they can deliver zero-vulnerability software despite rising threats and compliance regulations, according to Lineaje. Meanwhile, 68% are more realistic, noting they feel uncertain about achieving this near impossible outcome. Software compliance adoption varies across organizations…
Human Firewall Training Employees as First Line of Defense
As cyber threats grow in complexity and frequency, organizations increasingly recognize that their most significant vulnerability—and their most vigorous defense—lies not in technology but in people. The “human firewall” concept has emerged as a critical strategy, transforming employees from potential…
Critical Linux Vulnerabilities Expose Password Hashes on Millions of Linux Systems Worldwide
Two critical local information-disclosure vulnerabilities affecting millions of Linux systems worldwide, potentially allowing attackers to extract sensitive password data through core dump manipulation. The Qualys Threat Research Unit (TRU) disclosed two race-condition vulnerabilities that target core dump handlers on major…
Breaking Down Silos Aligning IT and Security Teams
A growing crisis is emerging in corporate cybersecurity operations, where organizational silos between IT and security teams are creating dangerous blind spots and slowing critical threat response times. New research reveals that 72% of organizations report that their security and…
Finding Stability in Cloud-Native Security Solutions
How Critical is Stability in Cloud-Native Security? Stability is an essential aspect of a reliable cloud-native security strategy. Do you ever question, how can a company ensure stability? The answer lies with Non-Human Identities (NHIs) and Secrets Security Management. NHIs:…
Penetration Testing in the AI Era Tools and Techniques
The cybersecurity landscape is fundamentally transforming as artificial intelligence reshapes offensive and defensive security strategies. This evolution presents a dual challenge: leveraging AI to enhance traditional penetration testing capabilities while developing new methodologies to secure AI systems against sophisticated attacks.…
Lumma infostealer takedown may have inflicted only a flesh wound as crew keeps pinching and selling data
PLUS: Ransomware gang using tech support scam; Czechia accuses China of infrastructure attack; And more! Infosec In Brief Despite last week’s FBI announcement that it helped to take down the crew behind the Lumma infostealer, the malware continues to operate.……
Identity and Access Management Trends Shaping 2025
The identity and access management landscape is experiencing unprecedented transformation in 2025, driven by sophisticated cyber threats, quantum computing advances, and the explosive growth of machine identities. Industry experts predict the IAM market will reach over $24 billion by the…
Building a Cyber Incident Response Plan That Works
As cyber threats continue to evolve and multiply, organizations are scrambling to develop effective incident response strategies that can withstand sophisticated attacks. Recent industry data reveals a stark reality: over 80% of small and midsized organizations reported suffering at least…