Cybersecurity professionals in the U.S. are working an average of 10.8 extra hours per week beyond their contracted schedules, according to survey data collected from 300 cybersecurity and IT leaders by Sapio Research. That figure effectively adds a sixth working…
Tag: Help Net Security
mquire: Open-source Linux memory forensics tool
Linux memory forensics has long depended on debug symbols tied to specific kernel versions. These symbols are not installed on production systems by default, and sourcing them from external repositories creates a recurring problem: repositories go stale, kernel builds diverge,…
Cybersecurity is now the price of admission for industrial AI
Industrial organizations are accelerating AI deployment across manufacturing, utilities, and transportation and running straight into a security problem. Cisco’s 2026 State of Industrial AI Report, based on responses from more than 1,000 decision-makers across 19 countries, finds that cybersecurity has…
Why workforce identity is still a vulnerability, and what to do about it
Most organizations believe they have workforce identity under control. New hires are verified. Accounts are provisioned. Multi-factor authentication is enforced. Audits are passed. Then a breach happens, often through an account that was “properly secured.” But the problem can be…
Coruna: Spy-grade iOS exploit kit powering financial crime
A powerful iOS exploit kit has circulated among multiple threat actors over the past year, moving from a commercial surveillance operation to state-linked espionage campaigns and, ultimately, ended into the hands of financially motivated hackers, according to new research from…
Cloudflare tracked 230 billion daily threats and here is what it found
Cloudflare’s network blocks over 230 billion threats per day. The volume indicates how routine and automated the attack cycle has become, and the patterns behind that volume point to a shift in how breaches begin and progress. Cloudflare’s threat research…
Threat actors weaponize OAuth redirection logic to deliver malware
An ongoing phishing campaign is abusing the OAuth authentication redirection mechanism to avoid triggering conventional email and browser defenses, Microsoft researchers have revealed. The attackers are targeting government and public-sector organizations, and redirecting unsuspecting users from trusted login pages to…
Fig Security emerges from stealth with $38 million to resilience-proof enterprise security
Fig Security, a new platform that finds and fixes broken security flows across your entire SecOps infrastructure, has launched from stealth with $38 million across Seed and Series A rounds. It addresses one of the least visible challenges yet most…
ProcessUnity Risk Index delivers controls-driven vendor risk scoring for TPRM
ProcessUnity has introduced ProcessUnity Risk Index, a risk rating built specifically for third-party risk management programs, combining proprietary control intelligence with external threat and vulnerability data. ProcessUnity Risk Index rates vendors on a 100-point scale to drive faster, more confident…
RecordPoint MCP Server standardizes and secures AI access to compliant data
RecordPoint has unveiled its model context protocol (MCP) server, giving enterprises a secure, standardized way to expose governed data to external AI agents and platforms. The RecordPoint MCP Server allows any AI system, copilot, agent, or custom LLM app to…
$100 radio equipment can track cars through their tire sensors
When people consider what might track their movements, they think of smartphone apps, GPS services, or roadside cameras. The tires of a new car rarely enter that equation. Researchers at IMDEA Networks Institute, together with European partners, found that Tire…
Josys centralizes identity data to replace manual IT oversight with automated governance
Josys has transitioned into an autonomous identity governance platform, expanding beyond traditional SaaS management. The enhanced platform empowers IT leaders and managed service providers (MSPs) to scale governance and compliance efforts by centralizing identity data within a single, AI-driven system.…
Secure by Design: Building security in at the beginning
Secure by Design is not a single tool, product, or one‑time activity. It is a holistic approach that requires security to be deliberately embedded from the very beginning, at the point where systems, software, and services are conceived and designed.…
Enigma AI enables internal trust governance to asset-to-asset communications
Enigma Networks has announced the general availability of its Internal Trust Governance platform, Enigma AI, which continuously determines and validates which communications are necessary and safe across enterprise networks. Just as identity and access management (IAM) governs trust for users,…
Cato integrates native, behavior-based auto-adaptive threat prevention into its SASE platform
Cato Networks has announced an auto-adaptive threat prevention engine within its SASE platform, enabling enterprises to proactively block advanced threats that use legitimate tools and targets. Cato Dynamic Prevention continuously evaluates activity in full context, correlating signals from across Cato’s…
New Defender deployment tool streamlines Windows device onboarding with single executable
Microsoft’s Defender deployment tool for Windows helps administrators manage device onboarding at scale with updated progress visibility and additional controls. Simplified deployment with added administrative controls The tool adapts to the operating system and supports endpoint security across a broad…
Anthropic poaches users from rival chatbots with easier migration
The controversy over Anthropic’s negotiations with the Pentagon has driven increased interest in Claude. Negotiations between the Department of Defense and Anthropic collapsed after a deadline for an agreement expired without a deal. The Pentagon had pressed the company to…
Android’s March 2026 security patch fixes over 100 flaws, one under targeted exploitation
The Android March 2026 security patch addresses vulnerabilities across dozens of components and includes one CVE confirmed under active exploitation. Devices running a patch level of 2026-03-05 or later receive fixes for all disclosed issues. Android March 2026 security patch…
Samsung brings Digital Home Key to Samsung Wallet, extending secure access to the home
Samsung Electronics has announced the launch of Digital Home Key, a new feature within Samsung Wallet built on Aliro, a standardized smart lock access protocol that enables Samsung Galaxy users to unlock compatible smart door locks using their smartphone. This…
AI went from assistant to autonomous actor and security never caught up
Enterprise AI deployments have shifted from pilot programs to production systems handling customer data, executing business transactions, and integrating with core infrastructure. That has exposed a significant gap between what AI agents can do and what security teams can observe…