Tag: Help Net Security

Attackers are using the TeamFiltration pentesting framework to brute-force their way into Microsoft Entra ID (formerly Azure AD) accounts, Proofpoint researchers have discovered. “Proofpoint’s research indicates that while simulated intrusions using TeamFiltration date back nearly to the tool’s initial release…

Read more →

The LockBit ransomware-as-a-service (RaaS) operation has netted around $2.3 million USD within 5 months, the data leak stemming from the May 2025 hack of a LockBit affiliate panel has revealed. From that sum, the operators took their 20% cut (approximately…

Read more →

Tamnoon launched Managed CDR (Cloud Detection and Response), a managed service designed to validate, contextualize, and respond to cloud security alerts. Built on AWS and launching with Wiz Defend, Amazon GuardDuty, CrowdStrike Falcon, and Orca Security, with more coming soon,…

Read more →

In this Help Net Security interview, Joni Klippert, CEO of StackHawk, discusses why API visibility is a major blind spot for security teams, how legacy tools fall short, and how StackHawk identifies risky APIs and sensitive data directly from code…

Read more →

Lemony announced its on-premise artificial intelligence solution that is redefining how organizations deploy generative AI. Lemony’s secure, hardware-based node offers enterprise-grade ‘AI in a Box,’ empowering companies to run advanced, end-to-end AI workflows privately, instantly, and without cloud dependence. Lemony’s…

Read more →

Cybercriminals are stealing data and running full-scale businesses around it. Europol’s latest Internet Organised Crime Threat Assessment (IOCTA) report reveals how personal data is now a core currency in the underground economy. Data is the product Cybercriminals go after everything…

Read more →

Nudge Security announced today a new browser extension for its SaaS and AI security governance solution that detects identity risks and guides employees toward safe, compliant SaaS and AI use in real time. Modern work happens at theWorkforce Edge, where…

Read more →

CISOs understand that threat modeling helps teams identify risks early and build safer systems. But outside the security org, the value isn’t always clear. When competing for budget or board attention, threat modeling often loses out to more visible efforts…

Read more →

A cybersecurity hobbyist has built a compact, foldable mobile hacking rig that runs Kali NetHunter on a Google Pixel 3 XL. It’s called the NetHunter C-deck, and it packs serious functionality into a small, 3D-printed shell. NetHunter C-deck v2.1.0 The…

Read more →

98% of CISOs face challenges when using threat intelligence, according to Trellix. The biggest problems are keeping up with changing threats, integration difficulties, and regulatory rules. As a result, threat intelligence defaults to a reactive function within a workstream, rather…

Read more →

Nearly half of of mobile users encounter mobile scams daily, with people in the US and UK more likely to be targeted than those in other regions, according to Malwarebytes. Most users say it’s hard to tell a scam from…

Read more →

92% of healthcare IT leaders say they’re confident in their ability to prevent email-based data breaches, but according to Paubox, they’re not. Healthcare compliance confidence gap Email remains one of the biggest security risks in healthcare. Outdated systems and frustrating…

Read more →

More than 20,000 malicious IP addresses and domains used by information-stealing malware were taken down during an international cybercrime crackdown led by INTERPOL. Called Operation Secure, the effort ran from January to April 2025 and involved law enforcement from 26…

Read more →

Connectwise customers who use the company’s ScreenConnect, Automate, and ConnectWise RMM solutions are urged to update all agents and/or validate that the update has been deployed by Friday, June 13 at 8:00 p.m. ET, or risk disruptions. The reason for…

Read more →

Trustwise introduced Harmony AI, a runtime trust layer and control tower designed for enterprises deploying fleets of generative and agentic AI systems. Harmony AI embeds “trust as code” directly into AI systems, empowering CISOs, developers, and AI leaders to shield…

Read more →

SpecterOps introduced Privilege Zones, a new addition to its flagship BloodHound Enterprise platform. Privilege Zones enable teams to define custom security boundaries around business-critical resources and enforce least privilege access continuously in on-prem, cloud and hybrid environments. IT and security…

Read more →

For June 2025 Patch Tuesday, Microsoft has fixed 66 new CVEs, including a zero-day exploited in the wild (CVE-2025-33053). Also, Adobe Commerce and Magento Open Source users are urged to update quickly. About CVE-2025-33053 CVE-2025-33053 is a remote code execution…

Read more →

Sentra launched its DSAR automation capability, purpose-built to help large, complex organizations respond to Data Subject Access Requests (DSARs) under regulations such as GDPR, CCPA, and other global privacy mandates. This new capability extends Sentra’s platform value by eliminating manual,…

Read more →

Vanta announced the Vanta AI Agent, marking a major leap forward in how security and compliance teams leverage AI to minimize human error and maximize impact. The Vanta AI Agent autonomously handles end-to-end workflows across a company’s entire GRC program…

Read more →

Red Canary unveiled a new suite of expert AI agents. These specialized agents combine the speed and scalability of agentic AI with the quality and consistency of standard operating procedures derived from Red Canary’s elite team of security operators—bringing a…

Read more →