Tag: Help Net Security

Cybercriminals are getting better at lying. That’s the takeaway from a new LevelBlue report, which outlines how attackers are using social engineering and legitimate tools to quietly move through environments before they’re caught. Data showing at what stage an incident…

Read more →

Over a third of companies say they are using AI, including generative AI, to fight fraud, according to Experian. As fraud threats become more complex, companies are accelerating their investments with over half adopting new analytics and building AI models…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Black Kite, Descope, Elastic, ExtraHop, LastPass, and Riverbed. Elastic AI SOC Engine helps SOC teams expose hidden threats Elastic AI SOC Engine (EASE) is a…

Read more →

OpenAI has released GPT‑5, the newest version of its large language model. It’s now available to developers and ChatGPT users, and it brings some real changes to how AI can be used in business and IT environments. GPT‑5 (with thinking)…

Read more →

“In an Exchange hybrid deployment, an attacker who first gains administrative access to an on-premises Exchange server could potentially escalate privileges within the organization’s connected cloud environment without leaving easily detectable and auditable trace,” Microsoft has announced on Wednesday. The…

Read more →

Akira ransomware affiliates are not leveraging an unknown, zero-day vulnerability in SonicWall Gen 7 firewalls to breach corporate networks, the security vendor shared today. “Instead, there is a significant correlation with threat activity related to CVE-2024-40766, which was previously disclosed…

Read more →

Here’s a look inside Black Hat USA 2025. The featured vendors are: Stellar Cyber, Vonahi Security, Gurucul, Check Point, HackerOne, EasyDMARC, Elastic, Google, Tines, Veracode, VioletX, Pentera, Keep Aware, Oleria, SpyCloud, Trend Micro and Picus Security. The post Photos: Black…

Read more →

Black Hat USA 2025 was packed with innovation, with companies showing off tools built to get ahead of what’s coming next. From smarter offensive security to new ways of spotting attacks faster, the conference had no shortage of exciting developments.…

Read more →

In this Help Net Security interview, Jordan Avnaim, CISO at Entrust, discusses how to communicate the quantum computing threat to executive teams using a risk-based approach. He explains why post-quantum cryptography (PQC) is an urgent and long-term priority. Avnaim also…

Read more →

While GenAI excels at producing functional code, it introduces security vulnerabilities in 45 percent of cases, according to Veracode’s 2025 GenAI Code Security Report, which analyzed code produced by over 100 LLMs across 80 real-world coding tasks. Vibe coding “The…

Read more →

Elastic AI SOC Engine (EASE) is a new serverless, easy-to-deploy security package that brings AI-driven context-aware detection and triage into existing SIEM and EDR tools, without the need for an immediate migration or replacement. EASE delivers agentless integrations, AI-driven alert…

Read more →

Cybercriminals are deploying unidentifiable phishing kits (58% of phishing sites) to propagate malicious campaigns at scale, indicating a trend towards custom-made or obfuscated deployments, according to VIPRE Security. These phishing kits can’t easily be reverse-engineered, tracked, or caught. AI makes…

Read more →

Many of America’s largest energy providers are exposed to known and exploitable vulnerabilities, and most security teams may not even see them, according to a new report from SixMap. Researchers assessed the external attack surface of 21 major energy companies,…

Read more →

Absolute Security announced new innovations available on the Absolute Resilience Platform. An advanced GenAI assistant enables natural-language queries that instantly answer vital questions about the security and compliance status of endpoint devices. Enhanced application control helps ensure critical endpoint and…

Read more →

7AI is debuting three innovations that make 7AI a platform to handle the security workflow through AI agents, from consuming zero-day alerts to novel threat investigation through contextual analysis to authorized remediation. Dynamic Reasoning enables AI agents to autonomously investigate…

Read more →

Abnormal AI updated Security Posture Management product, bringing AI-driven protection, automated prioritization, and remediation guidance to customers’ Microsoft 365 environments. As Microsoft 365 environments become more complex, accidental misconfigurations are now a leading cause of cloud email vulnerabilities. The growing…

Read more →

Proxmox Virtual Environment (VE) 9.0 introduces advancements in both storage and networking capabilities, addressing critical enterprise demands. A highlight is the long-awaited support for snapshots on thick-provisioned LVM shared storage, improving storage management capabilities especially for enterprise users with Fibre…

Read more →

Adobe has released an emergency security update for Adobe Experience Manager Forms on Java Enterprise Edition (JEE), which fix two critical vulnerabilities (CVE-2025-54253, CVE-2025-54254) with a publicly available proof-of-concept (PoC) exploit. Details about the flaws have been public for days,…

Read more →

SpyCloud has introduced enhancements to its SaaS Investigations solution, integrating advanced AI-powered insights that mirror the tradecraft of SpyCloud’s seasoned investigators. Building on the foundation of its IDLink identity analytics, this new capability further automates and accelerates complex cybercrime investigations,…

Read more →

Black Kite has unveiled the Adversary Susceptibility Index (ASI), a tool designed for TPRM teams to proactively identify which vendors are most vulnerable to specific threat actors before threats escalate into breaches. “With high-profile threats like Volt Typhoon, Black Basta, and…

Read more →