Tag: Help Net Security

Malware peddlers are using TikTok videos and the ClickFix tactic to trick users into installing infostealer malware on their computers, Trend Micro researchers have warned. The videos are getting published by a number of TikTok user accounts, seem AI-made, and…

Read more →

Operation Endgame, mounted by law enforcement and judicial authorities from the US, Canada and the EU, continues to deliver positive results by disrupting the DanaBot botnet and indicting the leaders of both the DanaBot and Qakbot Malware-as-a-Service operations. Operation Endgame…

Read more →

Token Security launched Model Context Protocol (MCP) Server for non-human identity (NHI). This capability brings the power of agentic AI to modern security operations and enables teams to interact with complex NHI data using simple, natural language. The Token MCP…

Read more →

In this Help Net Security interview, Dr. Joy Wu, Assistant Professor, UBC Sauder School of Business, discusses the psychological and societal impacts of data monetization, why current privacy disclosures often fall short, and what it will take to create a…

Read more →

Outsourcing cybersecurity can be a practical and affordable option. It allows small businesses to get the protection they need without straining their budgets, freeing up time and resources to focus on core operations. 76% of SMBs lack the in-house skills…

Read more →

While 47% of organizations claim to have implemented shift left security strategies, many still struggle with execution gaps and security inefficiencies, according to Pynt. Of those who haven’t implemented shift left, half of them have no plans to do so…

Read more →

69% of global respondents to a Jumio survey say AI-powered fraud now poses a greater threat to personal security than traditional forms of identity theft. This number rises to 74% in Singapore, with 71% also indicating that AI-generated scams are…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Anchore, Cyble, Outpost24, and ThreatMark. Outpost24 simplifies threat analysis with AI-enhanced summaries Outpost24 announced the addition of AI-enhanced summaries to the Digital Risk Protection (DRP)…

Read more →

A privilege escalation vulnerability in Windows Server 2025 can be used by attackers to compromise any user in Active Directory (AD), including Domain Admins. “The [“BadSuccessor”] attack exploits the delegated Managed Service Account (dMSA) feature that was introduced in Windows…

Read more →

StackHawk, the shift-left API security platform, announced it has taken on $12 million in additional funding from Sapphire and Castanoa Ventures to help security teams keep up with the pace of AI-driven development. With this funding, StackHawk will expedite shipping…

Read more →

Druva announced comprehensive protection for Azure SQL and Azure Blob Storage. Building on Druva’s strategic relationship with Microsoft, these enhancements help enterprises reduce risk, control costs, and improve operational agility with cloud-native data protection. As enterprises look to consolidate and…

Read more →

Signal has released a new version of its end-to-end encrypted communication app for Windows that prevents Microsoft Recall and users from screenshotting text-based conversations happening in the app. The new “Screen security” setting is enabled by default and can be…

Read more →

In this Help Net Security interview, Tim Grieveson, CSO at ThingsRecon, breaks down the first steps security teams should take to regain visibility, the most common blind spots in asset discovery, and why context should drive risk prioritization. What are…

Read more →

A recent wave of ransomware attacks has disrupted major retailers across the UK. According to a new report from CTM360, the attackers didn’t need to break down the door, they were invited in through misplaced trust and weak identity safeguards.…

Read more →

70% percent of organizations view the pace of AI development, particularly in GenAI, as the leading security concern related to its adoption, followed by lack of data integrity (64%) and trustworthiness (57%), according to Thales. GenAI becomes a top spending…

Read more →

If you’re planning to tackle the CompTIA Network+ certification (N10-009), chances are you’ve already come across the name Todd Lammle. A long-established authority in the networking and certification world, Lammle, along with co-author Jon Buhagiar, returns with the sixth edition…

Read more →

We use GenAI at work to make tasks easier, but are we aware of the risks? According to Netskope, the average organization now shares more than 7.7GB of data with AI tools per month, and 75% of enterprise users are…

Read more →

A coordinated action by US, European and Japanese authorities and tech companies like Microsoft and Cloudflare has disrupted the infrastructure behind Lumma Stealer, the most significant infostealer threat at the moment. What is Lumma Stealer? Lumma Stealer is Malware-as-a-Service offering…

Read more →

Developers who specialize in writing smart (primarily Ethereum) contracts using the Solidity programming language have been targeted via malicious VS Code extensions that install malware that steals cryptocurrency wallet credentials. “Based on shared infrastructure and obfuscation characteristics, we attribute all…

Read more →

Anchore announced the next phase of its SBOM strategy with the release of Anchore SBOM. With the addition of Anchore SBOM, Anchore Enterprise now provides a centralized platform for viewing, managing and analyzing Software Bill of Materials (SBOMs), including the…

Read more →