Tag: Help Net Security

Boards and executives are not asking for another feed of indicators. They want to know whether their organization is being targeted, how exposed they are, and what steps need to be taken. A new report from Flashpoint argues that most…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Salesloft Drift data breach: Investigation reveals how attackers got in The attack that resulted in the Salesloft Drift data breach started with the compromise of…

Read more →

ESET researchers have discovered HybridPetya, a bootkit-and-ransomware combo that’s a copycat of the infamous Petya/NotPetya malware, augmented with the capability of compromising UEFI-based systems and weaponizing CVE-2024-7344 to bypass UEFI Secure Boot on outdated systems. The sample was uploaded from…

Read more →

The US Cybersecurity and Infrastructure Security Agency (CISA) has affirmed its continuing support for the Common Vulnerabilities and Exposures (CVE) program. “If we want to outpace and outmaneuver our adversaries, we must first ensure that defenders everywhere are operating from…

Read more →

HCLSoftware launched HCL AppScan 360º version 2.0, a next-generation application security platform designed to help organizations regain control over their software supply chains. As open-source adoption accelerates and global data regulations tighten, HCL AppScan 360º delivers a cloud-native solution that…

Read more →

Sublime Security released the Autonomous Detection Engineer (ADÉ), an end-to-end AI agent that turns attack telemetry into transparent and auditable protection that security teams can trust. Email attacks are advancing as adversaries weaponize generative AI to create highly targeted and…

Read more →

A new study has found that electrocardiogram (ECG) signals, often shared publicly for medical research, can be linked back to individuals. Researchers were able to re-identify people in anonymous datasets with surprising accuracy, raising questions about how health data is…

Read more →

In the pharmaceutical industry, clinical trial data, patient records, and proprietary drug formulas are prime targets for cybercriminals. These high-value assets make the sector a constant focus for attacks. Disruptions to research or medicine distribution can have life-threatening consequences. “During…

Read more →

AI is being added to business processes faster than it is being secured, creating a wide gap that attackers are already exploiting, according to the SANS Institute. The scale of the problem Attackers are using AI to work at speeds…

Read more →

Ransomware, third-party disruptions, and the rise of AI-powered attacks are reshaping the cyber risk landscape in 2025. A new midyear analysis from Resilience shows how these forces are playing out in real-world incidents and how they are changing the financial…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Cynomi, DataLocker, Gigamon, Lookout, and Relyance AI. Cynomi simplifies vendor risk management Cynomi’s TPRM provides MSPs and MSSPs with a scalable way to deliver these…

Read more →

Over a year after SonicWall patched CVE-2024-40766, a critical flaw in its next-gen firewalls, ransomware attackers are still gaining a foothold in organizations by exploiting it. Like last September and earlier this year, the attackers are affiliates of the Akira…

Read more →

F5 announced its intent to acquire CalypsoAI, whose platform brings real-time threat defense, red teaming at scale, and data security to enterprises racing to deploy generative and agentic AI. These capabilities will be integrated into the F5 Application Delivery and…

Read more →

Box announced Box Shield Pro, a new suite of security capabilities powered by AI, that builds on the company’s flagship content protection solution, Box Shield. With Box Shield Pro, customers can automatically apply AI-driven classification, accelerate threat response with agentic…

Read more →

N-able has introduced Cat-MIP, a solution designed to standardize and document terminology for AI automation and MCP Server behaviors across MSP and IT ecosystems. This breakthrough enables IT service providers to harness AI more effectively for enhanced business and cybersecurity…

Read more →

An out-of-the-box setting in Cursor, a popular AI source-code editor, could be leveraged by attackers to covertly run malicious code on users’ computers, researchers have warned. An exploitable vulnerability in the Cursor AI editor Cursor is an AI-augmented fork of…

Read more →

Cynomi has launched its Third-Party Risk Management (TPRM) module. Delivered as an add-on to the Cynomi vCISO Platform, the new capability integrates vendor risk management into existing service providers’ workflows. The global third-party risk management market, valued at $7.42 billion…

Read more →

Hush Security has raised $11 million in seed funding led by Battery Ventures and YL Ventures. As agentic AI expands, Hush replaces legacy vaults and secrets across the enterprise with just-in-time, policy-driven access controls enforced at runtime. This approach eliminates…

Read more →

You type your email address into a website form but never hit submit. Hours later, a marketing email shows up in your inbox. According to new research, that is not a coincidence. A team of researchers from UC Davis, Maastricht…

Read more →

To succeed in the risk environment, risk, audit, and compliance leaders need to focus on what Gartner calls “reflexive risk ownership.” This is a future state where business leaders don’t just identify and manage risks after they occur, but instinctively…

Read more →