Tag: Help Net Security

Digital certificates are the unsung heroes of the internet, silently verifying that the websites, apps, and services you use are legit and your data is safe. For years, we’ve leaned on certificates with maximum validity term stretching for months and,…

Read more →

In this Help Net Security interview, Sandy Kronenberg, CEO of Netarx, discusses how cybercriminal groups are adopting corporate structures and employee incentives to scale operations, retain talent, and evade detection. He covers the strategic collaborations behind major attacks, business-like parallels,…

Read more →

Organizations are fixing less than half of all exploitable vulnerabilities, with just 21% of GenAI app flaws being resolved, according to Cobalt. Big firms take longer to fix pentest issues 94% of firms view pentesting as essential to their program.…

Read more →

CISO Department of Justice | Australia | On-site – View job details As a CISO, you will be responsible for developing and implementing a cyber security strategy as well as establishing and maintaining the organisation’s strategic enterprise-wide information and cyber…

Read more →

In this Help Net Security video, Jennifer Chen, Executive Director of the Association of Corporate Counsel (ACC) Foundation, discusses how globally, Chief Legal Officers (CLOs) are becoming integral leaders in cybersecurity strategy, holding leadership positions, and frequently reporting cybersecurity strategies…

Read more →

LLMs’ tendency to “hallucinate” code packages that don’t exist could become the basis for a new type of supply chain attack dubbed “slopsquatting” (courtesy of Seth Larson, Security Developer-in-Residence at the Python Software Foundation). A known occurrence Many software developers…

Read more →

Tirreno is an open-source fraud prevention platform designed as a universal analytics tool to monitor online platforms, web applications, SaaS products, digital communities, mobile apps, intranets, and e-commerce websites. “Our aim is to liberate online fraud protection technologies, making them…

Read more →

As AI becomes embedded in daily business workflows, the risk of data exposure increases. Prompt leaks are not rare exceptions. They are a natural outcome of how employees use large language models. CISOs cannot treat this as a secondary concern.…

Read more →

Data breaches are rising across industries, hitting healthcare, finance, and retail especially hard. The damage goes beyond lost data, as it’s financial, operational, and reputational. The post Sector by sector: How data breaches are wrecking bottom lines appeared first on…

Read more →

Non-compliance can cost organizations 2.71 times more than maintaining compliance programs, according to Secureframe. That’s because non-compliance can result in business disruption, productivity losses, fines, penalties, and settlement costs, among other factors that come with a hefty price tag. Even…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) April 2025 Patch Tuesday is here, and Microsoft has delivered fixes for 120+ vulnerabilities, including a zero-day…

Read more →

A threat actor that has been using known old FortiOS vulnerabilities to breach FortiGate devices for years has also been leveraging a clever trick to maintain undetected read-only access to them after the original access vector was locked down, Fortinet…

Read more →

KELA unveiled Digital Cyber Analysts, next-generation AI-powered digital employees designed to transform how security teams consume, prioritize, and act on threat intelligence. These always-on, interactive agents enhance the speed and efficiency of both enterprise security teams, government and law enforcement…

Read more →

Today, in the age of quantum threats, AI and sophisticated digital manipulations, the question is: where does the human factor end, and where does technology begin? This reality, primarily in the context of cybersecurity, will be discussed at the Span…

Read more →

In this Help Net Security interview, Norah Beers, CISO at Grayscale, discusses key security challenges in managing crypto assets, adversary tactics, private key management, and securing both hot and cold wallets. From a threat modeling perspective, what unique adversary tactics…

Read more →

Remote work is seen as more than a temporary solution, it’s a long-term strategy for many organizations. Remote work cybersecurity challenges Unsecured networks: Workers often operate from home or public Wi-Fi networks that don’t have the security features of corporate…

Read more →

Ransomware attacks increased by nearly 20% in 2024, and the severity rose by 13%, according to At-Bay. The blast radius of ransomware continues to grow as businesses impacted by attacks on vendors and partners increased 43%, while the average cost…

Read more →

2024 brought about countless new cybersecurity challenges including significant growth of the mobile threat landscape, according to Lookout. Threat actors, ranging from nation-states to individuals, are increasingly targeting mobile devices for the onset of their attacks to steal credentials and…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Forescout, Index Engines, Jit, RunSafe Security, and Seal Security. Jit launches AI agents to ease AppSec workload Jit has launched its new AI agents to…

Read more →

CyberArk announced the CyberArk Secure AI Agents Solution, which will allow organizations to implement identity-first security for agentic AI using the CyberArk Identity Security Platform. The solution will help organizations mitigate new and unique identity-centric risks as AI agents autonomously…

Read more →