Tag: Help Net Security

CVE-2021-20035, an old vulnerability affecting Sonicwall Secure Mobile Access (SMA) 100 series appliances, is being exploited by attackers. Sonicwall confirmed it by updating the original security advisory to reflect the new state of play, and by changing the description of…

Read more →

PKWARE announced its quantum readiness assessment and encryption capabilities to help organizations protect sensitive data from quantum computing threats. Quantum computing is no longer theoretical—it is becoming a powerful reality with the potential to disrupt current encryption standards. As quantum machines…

Read more →

Phone theft is now commonplace in London. The Met Police recently revealed that it seizes 1,000 stolen phones weekly as it cracks down on organized criminal networks driving the £50 million trade. Nationally, cases have doubled to 83,900 annually. The…

Read more →

Should we negotiate? Should we pay? These are the questions every organization faces when cybercriminals lock their data. By the time attackers have encrypted your systems, the focus shifts from prevention to response. It’s no longer about how it happened,…

Read more →

In this Help Net Security interview, Dr. Dag Flachet, co-founder at Codific, explains what the Cyber Resilience Act (CRA) means for companies and how it compares to GDPR in terms of regulatory complexity and impact on organizations. He discusses the…

Read more →

Rise in accessible AI tools significantly lowered the barrier to entry for cyber attackers, enabling them to create and deploy malicious bots at scale, according to Thales. Automated bot traffic surpassed human-generated traffic for the first time in a decade,…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Cato Networks, Cyware, Entrust, PlexTrac, and Seemplicity. PlexTrac for CTEM helps security teams centralize security data PlexTrac for CTEM enables both enterprises and Managed Security…

Read more →

Modern websites are under constant pressure from automated traffic: scraping, credential stuffing, inventory hoarding, and other malicious bot behaviors. While Cloudflare Bot Management is a powerful cloud-native solution that leverages massive data and machine learning, not every organization wants to…

Read more →

CVE-2025-24054, a Windows NTLM hash disclosure vulnerability that Microsoft has issued patches for last month, has been leveraged by threat actors in campaigns targeting government and private institutions in Poland and Romania. “Active exploitation in the wild has been observed…

Read more →

Cyberattacks targeting the energy sector are increasing, driven by a host of geopolitical and technological factors. A report published by Sophos in July 2024, and which surveyed 275 cybersecurity and IT leaders from the energy, oil/gas, and utilities sector across…

Read more →

Apple has released emergency security updates for iOS/iPadOS, macOS, tvOS and visionOS that fix two zero-day vulnerabilities (CVE-2025-31200, CVE-2025-31201) that have been exploited “in an extremely sophisticated attack against specific targeted individuals on iOS.” CVE-2025-31200 and CVE-2025-31201 CVE-2025-31200 affects CoreAudio,…

Read more →

Apple has released emergency security updates for iOS/iPadOS, macOS, tvOS and visionOS that fix two zero-day vulnerabilities (CVE-2025-31200, CVE-2025-31201) that have been exploited “in an extremely sophisticated attack against specific targeted individuals on iOS.” CVE-2025-31200 and CVE-2025-31201 CVE-2025-31200 affects CoreAudio,…

Read more →

Gurucul announced a quantum leap forward with a self-driving SIEM powered by extensive AI enhancements and infused within a revamped AI-centric user interface for improved and effective execution of collect, detect, investigate, threat hunt and response workflows to its Unified…

Read more →

Symbiotic Security launched Symbiotic Security version 1 that ensures code security keeps pace with development speed, by using AI to secure code in real-time through remediation and training integrated within their workflows. Symbiotic Security v1 empowers developers to write secure…

Read more →

Ebryx launched LLMSec — a suite of specialized security services designed to protect Large Language Models (LLMs) and autonomous AI agents in production environments. The new risk landscape for AI builders From OpenAI-based copilots to autonomous agents built with LangChain…

Read more →

In this Help Net Security interview, Jason Lord, CTO at AutoRABIT, discusses the cybersecurity risks posed by AI agents integrated into real-world systems. Issues like hallucinations, prompt injections, and embedded biases can turn these systems into vulnerable targets. Lord calls…

Read more →

In this Help Net Security video, Alexis Ober, Threat Intel Analyst at Fortra, discusses the threat actor group PlugValley, which is now offering AI-powered vishing-as-a-service. Rather than requiring technical skills or large budgets, PlugValley’s service lets any cybercriminal launch vishing…

Read more →

Microsoft reported a record 1,360 vulnerabilities in 2024, according to the latest BeyondTrust Microsoft Vulnerabilities Report. The volume marks an 11% increase from the previous record in 2022 and fits within a broader post-pandemic trend: more vulnerabilities, more products, and…

Read more →

Hands-On Industrial Internet of Things is a practical guide designed specifically for professionals building and securing industrial IoT (IIoT) systems. About the authors Giacomo Veneri brings deep expertise in telecommunications and AI, shaped by over 25 years in IoT and…

Read more →

Entrust announced the Entrust Cryptographic Security Platform, a unified, end-to-end cryptographic security management solution for keys, secrets, and certificates. Cyberattacks on data security and identity systems are exploding in scale and sophistication. Traditional approaches to securing data and identities aren’t…

Read more →