Tag: Help Net Security

Regardless of their size, all law firms hold valuable data, including client communications, financial records, and confidential legal strategies. That data has never been more at risk. Cybercriminals are targeting law firms by exploiting vulnerabilities, weak passwords, outdated systems, and…

Read more →

Practical Purple Teaming is a guide to building stronger collaboration between offensive and defensive security teams. The book focuses on how to design and run effective purple team exercises that improve detection and response and strengthen trust between teams. About…

Read more →

By 2030, preemptive cybersecurity solutions will account for 50% of IT security spending, up from less than 5% in 2024, replacing standalone detection and response (DR) solutions as the preferred approach to defend against cyberthreats, according to Gartner. Preemptive security…

Read more →

The financial stakes of downtime are climbing, and IT leaders are being pushed to rethink how they monitor complex systems. According to the 2025 Observability Forecast from New Relic, the median cost of a high-impact outage has reached $2 million…

Read more →

Application Security Engineer PayPal | USA | On-site – View job details As an Application Security Engineer, you will apply security best practices to enhance and optimize systems, ensuring protection and efficiency, while beginning to understand and align security solutions…

Read more →

MacOS users looking to download popular software such as LastPass, 1Password, After Effects, Gemini, and many others are in danger of getting saddled with the Atomic infostealer instead, LastPass has warned. The malware delivery campaign is ongoing and widespread To…

Read more →

Stellar Cyber announced Stellar Cyber 6.1, designed to help customers and partners advance toward a human-augmented autonomous SOC. With Stellar Cyber 6.1, organizations gain new levels of visibility, speed, and control. Powered by multi-layer AI, the platform is open and…

Read more →

If you’re running Fortra’s GoAnywhere managed file transfer solution and you haven’t updated to the latest available version for a while, do so now or risk getting your instance compromised via CVE-2025-10035. About CVE-2025-10035 CVE-2025-10035 is a critical deserialization vulnerability…

Read more →

In this Help Net Security interview, Mirko Rinaldini, Head of ICT at Juventus Football Club, discusses the club’s approach to cyber risk strategy. Juventus has developed a threat-led, outcomes-driven program that balances innovation with protections across matchdays, e-commerce, and digital…

Read more →

Cybersecurity AI (CAI) is an open-source framework that helps security teams build and run AI-driven tools for offensive and defensive tasks. It’s designed for anyone working in security, including researchers, ethical hackers, IT staff, and organizations that want to use…

Read more →

Kubernetes has moved well past its early adoption phase. The new Komodor 2025 Enterprise Kubernetes Report shows that technical teams are shifting their focus from running containers to managing a growing mix of AI workloads and advanced automation practices like…

Read more →

In this Help Net Security video, Brittany Allen, Senior Trust and Safety Architect at Sift, explores how the rise of AI agents is creating new fraud risks. She explains how these agents, while designed to assist users, can unintentionally help…

Read more →

The OpenID Foundation (OIDF) has approved three Final Specifications, establishing the first global standards for real-time security event sharing across digital identity systems. The approved Final Specifications are: OpenID Shared Signals Framework 1.0 – Enables secure, real-time delivery of security…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Most enterprise AI use is invisible to security teams Most enterprise AI activity is happening without the knowledge of IT and security teams. According to…

Read more →

ImmuniWeb has released a free online tool that checks whether websites are protected by post-quantum cryptography (PQC). The tool analyzes SSL/TLS configurations and verifies their compliance with the latest quantum-resilient encryption standards from NIST. It also checks for adherence to…

Read more →

Astra Security has launched its API Security Platform, designed to identify undocumented, zombie, and shadow APIs that threaten infrastructure and expose sensitive PII. Instead of relying on reactive, siloed detection tools, Astra’s platform delivers proactive, automated protection against attackers exploiting…

Read more →

Tigera announced a new solution to secure AI workloads running in Kubernetes clusters. Due to the resource-intensive and bursty nature of AI workloads, Kubernetes has become the de facto orchestrator for deploying them. However AI workloads introduce security challenges, throughout…

Read more →

LLMs are moving fast from experimentation to daily use in cybersecurity. Teams are starting to use them to sort through threat intelligence, guide incident response, and help analysts handle repetitive work. But adding AI into the decision-making process brings new…

Read more →

ESET Research has discovered evidence of collaboration between the Gamaredon and Turla threat groups. Both groups are linked to Russia’s primary intelligence agency, the FSB, and were found working in tandem to target high-profile organizations in Ukraine. In these attacks,…

Read more →

Cyber-physical systems are getting harder to protect as the business landscape keeps shifting. Economic pressures, supply chain changes, and new regulations are creating more openings for attackers while complicating how organizations manage security. A new report from Claroty, based on…

Read more →