Tag: Help Net Security

HPE has unveiled new security innovations designed to help organizations scale distributed operations, reduce cyber risk, and maintain consistent governance as AI adoption accelerates across the enterprise. To help enterprises securely adopt AI and turn resilience into a core business…

Read more →

Large language models carry a persistent scaling problem. As context windows grow, the memory required to store key-value (KV) caches expands proportionally, consuming GPU memory and slowing inference. A team at Google Research has developed three compression algorithms: TurboQuant, PolarQuant,…

Read more →

Most enterprise software development teams now ship AI-powered applications faster than traditional penetration testing can keep up with. A security team with 500 applications may test each one once a year, or less. In the time between tests, the underlying…

Read more →

Security culture isn’t built by phishing simulations. In this Help Net Security video, Dan Potter, VP of Cyber Resilience at Immersive, argues that annual training videos and quarterly phishing tests happen in calm, controlled settings that tell us nothing about…

Read more →

There’s a debate making the rounds in security circles that sounds reasonable on the surface but falls apart under operational scrutiny: Which is better, breach and attack simulation (BAS) or automated penetration testing (APT)? Security vendors have stoked this debate…

Read more →

Penetration testers running Kali Linux have a new release to work with. Version 2026.1 delivers the annual theme refresh, a new BackTrack-inspired mode in kali-undercover, eight tools added to the network repositories, a kernel bump to 6.18, and several Kali…

Read more →

One in five enterprise endpoints is operating outside a protected and enforceable state on any given day, according to device telemetry collected across tens of millions of corporate PCs. That figure, drawn from Absolute Security’s 2026 Resilience Risk Index, has…

Read more →

The US Federal Communications Commission (FCC) has imposed a ban on all new routers manufactured overseas being imported into and sold within the United States. The post Uncle Sam closes the door on all new foreign-made routers appeared first on…

Read more →

Organizations have spent years accumulating fragmented identity systems: too many roles, too many credentials, too many disconnected tools. For a workforce of humans, that fragmentation was manageable. Humans log in, log out, and make decisions slowly enough that gaps in…

Read more →

Citrix has fixed two vulnerabilities in NetScaler ADC and NetScaler Gateway, with the more serious flaw (CVE-2026-3055) potentially allowing attackers to extract active session tokens from the memory of affected devices. Anil Shetty, senior VP of Engineering with Cloud Software…

Read more →

A Russian citizen, Aleksei Volkov, was sentenced to 81 months in prison for helping ransomware groups carry out attacks causing over $9 million in actual losses and over $24 million in intended losses, after being arrested in Italy and extradited…

Read more →

Mimecast has announced a major expansion of its Incydr offering with new data security capabilities and a preview of the Agent Risk Center. These enhancements deliver runtime data security through a unified approach to detect, govern, and remediate data exposure…

Read more →

Novee today introduced AI Red Teaming for LLM Applications for its AI penetration testing platform, designed to uncover security vulnerabilities in LLM-powered applications before attackers can exploit them. Enterprises are deploying AI-enabled software, from customer-facing chatbots to internal copilots and…

Read more →

Darktrace has launched its managed security service for MSSPs, enabling partners to deliver AI-native email security with real-time detection, investigation, and response across the email ecosystem. The launch is supported by updates to the Darktrace Defenders Partner Program designed to…

Read more →

Detectify has launched IP Range Scanning, enabling continuous discovery and monitoring of entire IP address blocks to help security teams identify forgotten assets and hidden risks before attackers exploit them. Many organizations are sitting on forgotten IP addresses that have…

Read more →

Exploitation timelines continued to compress in enterprise environments, with newly disclosed flaws reaching active use almost immediately and older weaknesses remaining active years after disclosure. (Source: Cisco Talos) Findings from Cisco Talos’ 2025 Year in Review show how attackers combined…

Read more →

GPU-accelerated AI workloads now run on Kubernetes in the large majority of enterprise environments. Managing those workloads at scale has required specialized tooling that, until now, remained under vendor control. NVIDIA moved to change that at KubeCon Europe in Amsterdam…

Read more →

Prompt abuse occurs when crafted inputs manipulate an AI system into producing unintended behavior, such as attempting to access sensitive information or overriding built-in safety instructions. Prompt injection is also recognized as one of the top risks in the 2025…

Read more →

Exploitation timelines continued to compress in enterprise environments, with newly disclosed flaws reaching active use almost immediately and older weaknesses remaining active years after disclosure. (Source: Cisco Talos) Findings from Cisco Talos’ 2025 Year in Review show how attackers combined…

Read more →

AiStrike has launched Continuous Detection Engineering, a capability that transforms how security operations teams manage detections, shifting from reactive alert triage to proactive, intelligence-driven optimization. The detection quality gap Security teams today are overwhelmed by alerts, but the root cause…

Read more →