Tag: Help Net Security

SIEMs excel at correlating events and firing alerts, but their ingest pipelines can get overwhelmed when scaled. And because most SIEMs rely on general-purpose log storage platforms, even with lower-cost archive tiers, long-term retention at full fidelity remains expensive, forcing…

Read more →

Apple’s release of macOS 26 Tahoe introduced a new disk image format and updated an older one, both of which are drawing attention from system testers and forensic examiners. Apple Sparse Image Format (ASIF) The Apple Sparse Image Format (ASIF)…

Read more →

Companies are pouring money into AI for IT operations, but most projects are still far from maturity. A global survey of 1,200 business leaders, IT leaders, and technical specialists found that while spending and confidence are rising, only 12% of…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Acronis, Legit Security, NowSecure, Siemens, and Telus. NowSecure Privacy helps organizations protect mobile apps from data leaks NowSecure announced the release of NowSecure Privacy, a…

Read more →

The Crimson Collective, an emerging extortion / hacker group, has made a bombshell claim on their Telegram channel: they have gained access to Red Hat’s GitHub and have exfiltrated data from over 28,000 internal repositories connected to the company’s consulting…

Read more →

The OpenSSL Project has announced the release of OpenSSL 3.6.0, a feature update that brings significant functionality improvements, standards compliance, and a few key deprecations that developers and security teams will need to keep in mind. Key cryptographic enhancements OpenSSL…

Read more →

Unknown attackers claiming affiliation with the Cl0p extortion gang are hitting business and IT executives at various companies with emails claiming that they have exfiltrated sensitive data from the firms’ Oracle E-Business Suite (EBS). The email campaign According to Google,…

Read more →

ESET researchers have found two Android spyware campaigns aimed at people looking for secure messaging apps such as Signal and ToTok. The attackers spread the spyware through fake websites and social engineering. Researchers identified two previously unknown spyware families. Android/Spy.ProSpy…

Read more →

Checkov is an open-source tool designed to help teams secure their cloud infrastructure and code. At its core, it’s a static code analysis tool for infrastructure as code (IaC), but it also goes a step further by providing software composition…

Read more →

In this Help Net Security interview, Robert Sullivan, CIO & CISO at Agero, shares his perspective on automotive cybersecurity. He discusses strategies for developing mature security programs, meeting regulatory requirements, and addressing supply chain risks. Sullivan also looks ahead to…

Read more →

A new study from the Karlsruhe Institute of Technology shows how geopolitical tensions shape cyberattacks on power grids, fuel systems, and other critical infrastructure. How the research was done Researchers reviewed major cyber threat databases including MITRE ATT&CK Groups, CSIS,…

Read more →

LLMs and agentic systems already shine at everyday productivity, including transcribing and summarizing meetings, extracting action items, prioritizing critical emails, and even planning travel. But in the SOC (where mistakes have real cost), today’s models stumble on work that demands…

Read more →

A new security posture report on the biotech sector shows how quickly attackers could reach sensitive health data with only basic reconnaissance. Researchers needed less than two hours per company to uncover exposed genomic records, unprotected APIs, and misconfigured systems,…

Read more →

Underwriting is undergoing a major transformation as financial institutions push for faster decisions, better fraud detection, and greater personalization, according to a new global Experian report. By 2030, credit decisions are expected to become embedded in everyday transactions, with artificial…

Read more →

North Korea’s clandestine IT Worker (ITW) program, which is long known for targeting U.S. technology firms and crypto firms, has broadened its scope to attempt to infiltrate a variety of industries worldwide, including finance, healthcare, public administration, and professional services.…

Read more →

NETGEAR announced a tailored security solution for small and medium-sized enterprises (SMEs). Building on an acquisition made earlier this year, NETGEAR is delivering Exium, an all-in-one Secure Access Service Edge (SASE) and hybrid firewall solution designed for SMEs and the…

Read more →

Google has rolled out AI-powered ransomware detection and file restoration features in Drive for desktop, Google’s official file syncing and access app for Windows and macOS. Currently in open beta, this new layer of defense is not meant to stop…

Read more →

TELUS Digital has released its continuous automated red-teaming application, Fuel iX Fortify. The solution helps enterprises test GenAI systems at scale and identify vulnerabilities by simulating real-world attack scenarios using advanced adversarial techniques. Fuel iX Fortify runs thousands of adversarial…

Read more →

Despite Cisco and various cybersecurity agencies warning about attackers actively exploting zero-day vulnerabilities (CVE-2025-20333 and CVE-2025-20362) in Cisco Adaptive Security Appliances (ASA) for months, there are still around 48,000 vulnerable appliances out there. The number is provided by the Shadowser…

Read more →

Siemens launched SINEC Secure Connect, the zero trust security platform designed for operational technology (OT) networks. The software solution virtualizes network structures using overlay networks. It enables Machine-to-Machine, Machine-to-Cloud, and Machine-to-Datacenter connections, plus secure remote access to industrial systems, all…

Read more →