Tag: Help Net Security

When a cyber attack hits a major bank or trading platform, attention usually turns to the institution. But new research suggests the real danger may lie elsewhere. BitSight researchers found that many of the technology providers serving the financial sector…

Read more →

Cybersecurity leaders are hitting their limit. A new report from Nagomi Security shows that most CISOs are stretched thin, dealing with nonstop incidents, too many tools, and growing pressure from their boards. The pressures are so intense that many say…

Read more →

Academy Cyber Threat Intelligence Analyst Bridewell | United Kingdom | Hybrid – View job details As an Academy Cyber Threat Intelligence Analyst, you will manage OpenCTI data, triage and escalate attack surface monitoring alerts, and raise internal alerts for critical…

Read more →

Identity threats are escalating. Attackers increasingly exploit compromised credentials, often undetected by organizations, and use social engineering to gain access. Most companies lack visibility into service account activity and don’t have the tools to detect identity-led threats. New identity security…

Read more →

In this Help Net Security interview, Andrea Succi, Group CISO at Ferrari Group, discusses how cybersecurity is integrated into every aspect of the logistics industry. He explains why protecting data can be as critical as securing physical assets and how…

Read more →

Imagine walking into a secure building where the door unlocks the moment your hand hovers near it. No keycards, no PINs, no fingerprints. Instead, the system identifies you by the way your palm distorts the surrounding Wi-Fi signal. That is…

Read more →

Finding and exploiting SQL injection vulnerabilities is one of the oldest and most common steps in web application testing. sqlmap streamlines this process. It is an open-source penetration testing tool that automates the detection and exploitation of SQL injection flaws…

Read more →

In this Help Net Security video, Josh Harguess, CTO of Fire Mountain Labs, explains how to evaluate, deploy, and govern AI-driven security tools. He talks about the growing role of AI in security operations and the new kinds of risks…

Read more →

AI has become part of everyday software development, shaping how code is written and how fast products reach users. A new report from Cycode, The 2026 State of Product Security for the AI Era, explores how deeply AI now runs…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Securing real-time payments without slowing them down In this Help Net Security interview, Arun Singh, CISO at Tyro, discusses what it takes to secure real-time…

Read more →

Attackers have taken the ClickFix technique further, with pages borrowing tricks from online sellers to pressure victims into performing the steps that will lead to a malware infection. Push Security has spotted one of these pages, showing an embedded tutorial…

Read more →

Postman announced several updates bringing key enterprise features to its platform, so customers can build AI-ready APIs that meet the most critical enterprise specifications. As software increasingly shifts from applications to AI agents, the enterprise challenge has become clear: these…

Read more →

October 2025 Patch Tuesday was one for the record books in so many ways. There was a big push by Microsoft to fix as many open vulnerabilities as possible in products that were reaching end-of-life (EOL). This included 116 CVEs…

Read more →

Tufin announced Tufin Orchestration Suite (TOS) R25-2. The R25-2 release delivers expanded visibility, automation, and stronger security controls, enabling organizations to strengthen their security posture while simplifying operations across their hybrid environments. Security and network teams are forced to manage…

Read more →

In this Help Net Security interview, Rik Mistry, Managing Partner at Interval Group, discusses how to align IT strategy with business goals. He explains how security, governance, and orchestration shape IT operations and why early collaboration between IT and security…

Read more →

Businesses are increasingly being pulled into lawsuits over how they collect and share user data online. What was once the domain of large tech firms is now a widespread legal risk for companies of all sizes. The latest analysis from…

Read more →

When employees stop falling for phishing emails, it is rarely luck. A new study shows that steady, mandatory phishing training can cut risky behavior over time. After one year of continuous simulations and follow-up lessons, employees were half as likely…

Read more →

Healthcare leaders continue to treat cybersecurity as a technical safeguard instead of a strategic business function, according to the 2025 US Healthcare Cyber Resilience Survey by EY. The study, based on responses from 100 healthcare executives, outlines six areas where…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from 1touch.io, Barracuda Networks, Bitdefender, Forescout, and Komodor. Bitdefender GravityZone Security Data Lake unifies telemetry from multiple tools Security Data Lake empowers both in-house security teams…

Read more →

Cisco has fixed two critical vulnerabilities (CVE-2025-20358, CVE-2025-20354) affecting Unified Contact Center Express (UCCX), which may allow attackers to bypass authentication, compromise vulnerable installations, and elevate privileges to root. The good news is that there is currently no evidence of…

Read more →