Tag: Help Net Security

As new malware delivery campaigns using the ClickFix social engineering tactic are spotted nearly every month, it’s interesting to see how the various attackers are trying to refine the two main elements: the lure and the “instruction” page. In the…

Read more →

Outpost24 integration of two new Digital Risk Protection (DRP) modules to its External Attack Surface Management (EASM) platform. The Social Media and Data Leakage modules are now offered alongside the Leaked Credentials and Dark Web modules to enhance customer insights…

Read more →

SonicWall has fixed multiple vulnerabilities affecting its SMA100 Series devices, one of which (CVE-2025-32819) appears to be a patch bypass for an arbitrary file delete vulnerability that was exploited in zero-day attacks in early 2021, and may have also been…

Read more →

Cisco is making significant strides in quantum computing by focusing on quantum networking, aiming to bring practical applications closer to reality. The company recently introduced a prototype of its Quantum Network Entanglement Chip and inaugurated the Cisco Quantum Lab in…

Read more →

ServiceNow launched a new, agentic chapter in enterprise security and risk, introducing AI agents to power the rise of self-defending enterprises. The new agents, available within ServiceNow’s Security and Risk solutions, are designed to improve consistency, identify insights, and reduce…

Read more →

ProcessUnity introduced Evidence Evaluator, an generative AI that reduces the manual lift of assessing and validating third-party security controls. A key component of ProcessUnity’s Third-Party Risk Management (TPRM) Platform, Evidence Evaluator automatically reviews third-party evidence and populates assessment responses complete…

Read more →

Within the average enterprise, non-human identities (NHIs) now outnumber employees, contractors, and customers by anything between 10-to-1 and 92-to-1. Add to this the fragmentation of human identity management resulting from authorizing a single person’s access to multiple on-premises, cloud computing…

Read more →

In this Help Net Security interview, Michael Pound, Associate Professor at the University of Nottingham shares his insights on the cybersecurity risks associated with LLMs. He discusses common organizational mistakes and the necessary precautions for securing sensitive data when integrating…

Read more →

The tech industry is experiencing significant layoffs, leaving thousands of IT and cybersecurity professionals in search of new employment opportunities. Unfortunately, as these individuals search for new opportunities, scammers are actively preying on them. Losing a job, especially when you…

Read more →

Only 4% of organizations worldwide have achieved the ‘mature’ level of readiness required to withstand cybersecurity threats, according to Cisco’s 2025 Cybersecurity Readiness Index. This is a slight increase from last year’s index, in which 3% of organizations worldwide were…

Read more →

Healthcare organizations are facing a growing data security challenge from within, according to a new report from Netskope Threat Labs. The analysis reveals that employees in the sector are frequently attempting to upload sensitive information, including potentially protected health data,…

Read more →

Searchlight Cyber has launched new AI capabilities within its dark web investigations platform, Cerberus. The new Cerberus AI Insights feature summarizes dark web posts and threads to help analysts to quickly triage information and focus on the dark web content…

Read more →

Barracuda Networks unveiled next-generation threat detection capabilities fueled by multimodal AI. Barracuda now delivers adaptive, context-aware protection against emerging attacks with accuracy and speed by simultaneously correlating and analyzing diverse text and visual data types – including URLs, documents, images,…

Read more →

Verosint launched Vera, an agentic AI security analyst to transform how organizations detect, investigate, and respond to identity-based threats. Built on top of Verosint’s intelligent ITDR platform, Vera is an always-on, expert identity security analyst that works alongside security teams…

Read more →

WatchTowr researchers have released a proof-of-concept (PoC) exploit that chains two vulnerabilities in SysAid On-Prem – the self-hosted version of the platform behind SysAid’s popular IT service management and IT helpdesk solutions – to achieve unauthenticated remote code execution on…

Read more →

BlueVoyant launched its Continuous Optimization for Microsoft Security (COMS) offering. COMS improves security outcomes, helps customers stay ahead of cyber threats, and minimizes technology costs by drawing on BlueVoyant’s expertise with the Microsoft Security stack. The Microsoft Security suite provides…

Read more →

Google has released fixes for a bucketload of Android security vulnerabilities, including a FreeType flaw (CVE-2025-27363) that “may be under limited, targeted exploitation.” About CVE-2025-27363 CVE-2025-27363 is an out of bounds write vulnerability in FreeType, an open-source software library that…

Read more →

A new report from bot defense firm Kasada has exposed the growing threat of ALTSRUS, a fraud syndicate targeting some of the most vulnerable corners of the digital economy. Researchers revealed how the group has scaled its operations to steal…

Read more →

Application security is changing fast. In this Help Net Security interview, Loris Gutic, Global CISO at Bright, talks about what it takes to keep up. Gutic explains how DevOps, containers, and serverless tools are shaping security, and shares views on…

Read more →

Autorize is an open-source Burp Suite extension that checks if users can access things they shouldn’t. It runs automatic tests to help security testers find authorization problems. Autorize installation To use Autorize, you’ll need Burp Suite and Jython. Here’s how…

Read more →