Tag: Help Net Security

After years of working as part of a team, many military veterans look for work that still carries meaning, challenge, and purpose. Cybersecurity offers a new way to serve and protect on a different battlefield. Earlier this year, the Department…

Read more →

Most research on LLM privacy has focused on the wrong problem, according to a new paper by researchers from Carnegie Mellon University and Northeastern University. The authors argue that while most technical studies target data memorization, the biggest risks come…

Read more →

When you think of network tunneling, “lightweight” and “enterprise-grade” rarely appear in the same sentence. NodePass, an open-source project, wants to change that. It’s a compact but powerful TCP/UDP tunneling solution built for DevOps teams and system administrators who need…

Read more →

In this Help Net Security video, Carol Lee Hobson, CISO at PayNearMe, explores the realities behind the so-called cybersecurity “talent gap.” She explains why the issue is as much about hiring practices as it is about skills shortages, and offers…

Read more →

Most MSPs agree that Microsoft 365 is now the backbone of business operations, but a Syncro survey shows that complexity, incomplete backups, and reactive security continue to slow their progress in managing it. About 60% of MSPs said Microsoft 365…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Building a healthcare cybersecurity strategy that works In this Help Net Security interview, Wayman Cummings, CISO at Ochsner Health, talks about building a healthcare cybersecurity…

Read more →

Threat actors have leveraged a recently patched IOS/IOS XE vulnerability (CVE-2025-20352) to deploy Linux rootkits on vulnerable Cisco network devices. “The operation targeted victims running older Linux systems that do not have endpoint detection response solutions,” Trend Micro researchers shared.…

Read more →

Threat actors have leveraged a recently patched IOS/IOS XE vulnerability (CVE-2025-20352) to deploy Linux rootkits on vulnerable Cisco network devices. “The operation targeted victims running older Linux systems that do not have endpoint detection response solutions,” Trend Micro researchers shared.…

Read more →

By revoking 200 software-signing certificates, Microsoft has hampered the activities of Vanilla Tempest, a ransomware-wielding threat actor that has been targeting organizations with malware posing as Microsoft Teams. “In this campaign, Vanilla Tempest used fake MSTeamsSetup.exe files hosted on malicious…

Read more →

Levo.ai has released its Unified AI Security Platform, designed to secure AI applications from development to runtime. The platform unifies five modules under a single control plane, enabling enterprises to deploy AI while meeting compliance and security mandates. AI has…

Read more →

AISLE emerged from stealth, delivering the AI-native cyber reasoning system (CRS) that autonomously identifies, triages and remediates with verification both known and zero-day application vulnerabilities, which still account for the majority of security breaches. Malicious actors continue to exploit a…

Read more →

Censys announced the release of a new ICS/OT Internet intelligence offering designed to close the visibility gap defenders face when securing exposed industrial assets. From energy and manufacturing to defense and utilities, organizations across industries face growing risks as IT…

Read more →

AISLE emerged from stealth, delivering the AI-native cyber reasoning system (CRS) that autonomously identifies, triages and remediates with verification both known and zero-day application vulnerabilities, which still account for the majority of security breaches. Malicious actors continue to exploit a…

Read more →

Hospitals, clinics, and care networks continue to treat cybersecurity as a back-office issue, according to the 2025 Healthcare IT Landscape Report from Omega Systems. Security takes a back seat Healthcare IT leaders are juggling competing demands. Rising costs, new privacy…

Read more →

Spam has long been a nuisance in blockchain networks, clogging transaction queues and driving up fees. A new research paper from Delft University of Technology introduces a decentralized solution called STARVESPAM that could help nodes in permissionless blockchains block spam…

Read more →

In this Help Net Security video, Paul Laudanski, Director of Research at Onapsis, discusses key lessons from the SAP zero-day vulnerability. He explains why business-critical systems like ERP and CRM remain top targets for attackers, since they hold valuable data…

Read more →

AI is spreading across enterprise risk functions, but confidence in those systems remains uneven, according to AuditBoard. More than half of organizations report implementing AI-specific tools, and many are training teams in machine learning skills. Yet, few feel prepared for…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Aura, Bitsight, Blumira, Cayosoft, Corelight, Netcraft, and Picus Security. Picus Security uses AI to turn threat intelligence into attack simulations Picus Security launched new AI-powered…

Read more →

CISA has added CVE-2025-54253, a misconfiguration vulnerability in Adobe Experience Manager (AEM) Forms on Java Enterprise Edition (JEE), to its Known Exploited Vulnerabilities catalog, thus warning of detected in-the-wild exploitation. Adobe fixed the vulnerability in August 2025, along with CVE-2025-54254,…

Read more →

Veeam Software announced the availability of Veeam Data Cloud (VDC) for Managed Service Providers (MSPs) through the Veeam Cloud & Service Provider (VCSP) program. Designed to empower third-party service providers, Veeam Data Cloud delivers secure, scalable, and resilient data protection…

Read more →