5 years of shifting cybersecurity behavior 2026-03-03 at 08:20 By Anamarija Pogorelec Online security is built through routine decisions made across devices and accounts. People choose how to create passwords, how often to reuse them, and how much effort to invest in protecting personal data. The National Cybersecurity Alliance and CybSafe’s Oh, Behave! The Cybersecurity […]
5 years of shifting cybersecurity behavior Read More »
Healthcare organizations are accepting cyber risk to cut costs 2026-03-03 at 08:00 By Anamarija Pogorelec Healthcare organizations are cutting cybersecurity budgets under financial pressure even as the threats targeting their systems intensify. A PwC survey of 381 global healthcare executives, conducted between May and July 2025, puts numbers to the gap between the risks the
Healthcare organizations are accepting cyber risk to cut costs Read More »
IPFire ships its 200th core update with a new domain blocklist and kernel upgrade 2026-03-02 at 18:31 By Anamarija Pogorelec Network firewall distribution IPFire released Core Update 200, marking the 200th incremental update to the 2.29 branch. The release bundles a kernel upgrade, a beta domain blocklist service, security patches for OpenSSL and glibc, and
IPFire ships its 200th core update with a new domain blocklist and kernel upgrade Read More »
UK reduces cyberattack fix times from two months to eight days 2026-03-02 at 13:19 By Anamarija Pogorelec The UK government has launched a new vulnerability monitoring service (VMS) that promises to reduce the time needed to fix critical cyber weaknesses across the public sector. Scanning government systems for critical cyber flaws The service, launched as
UK reduces cyberattack fix times from two months to eight days Read More »
AI risk moves into the security budget spotlight 2026-03-02 at 09:08 By Anamarija Pogorelec Enterprises are pushing AI deeper into workflows that touch sensitive data across cloud platforms and SaaS apps. The 2026 Thales Data Threat Report, based on a survey of 3,120 respondents in 20 countries, places that shift alongside growing pressure on data
AI risk moves into the security budget spotlight Read More »
Your dependencies are 278 days out of date and your pipelines aren’t protected 2026-03-02 at 09:00 By Mirko Zorz Applications continue to ship with known weaknesses even as development workflows speed up. A new Datadog State of DevSecOps 2026 report examines how dependency management and pipeline practices are influencing exposure across cloud native environments. Across
Your dependencies are 278 days out of date and your pipelines aren’t protected Read More »
Security debt is becoming a governance issue for CISOs 2026-03-02 at 08:30 By Mirko Zorz Application security backlogs keep expanding across large development portfolios. Veracode’s 2026 State of Software Security Report puts numbers behind a familiar operational pattern, fixes lag discovery, and older weaknesses stay open across release cycles. 2026 findings against the 2025 baseline
Security debt is becoming a governance issue for CISOs Read More »
Ransomware activity peaks outside business hours 2026-02-27 at 12:18 By Anamarija Pogorelec Intrusions continue to center on credential access and timed execution outside standard business hours. The Sophos Active Adversary Report 2026 analyzes 661 incident response and managed detection and response cases handled between November 1, 2024 and October 31, 2025, spanning organizations in 70
Ransomware activity peaks outside business hours Read More »
New infosec products of the month: February 2026 2026-02-27 at 08:18 By Anamarija Pogorelec Here’s a look at the most interesting products from the past month, featuring releases from Aikido Security, Avast, Armis, Black Duck, Compliance Scorecard, Fingerprint, Gremlin, Impart Security, Portnox, Redpanda, Socure, SpecterOps, Veza, and Virtana. Gremlin launches Disaster Recovery Testing for zone,
New infosec products of the month: February 2026 Read More »
The CISO role keeps getting heavier 2026-02-27 at 08:00 By Anamarija Pogorelec Personal liability is becoming a routine part of the CISO job. In Splunk’s 2026 CISO Report, titled From Risk to Resilience in the AI Era, 78% of CISOs said they are concerned about their own liability for security incidents, up from 56% last
The CISO role keeps getting heavier Read More »
Industrial networks continue to leak onto the internet 2026-02-27 at 07:30 By Mirko Zorz Industrial operators continue to run remote access portals, building automation servers, and other operational technology services on public IP address ranges. Palo Alto Networks, Siemens, and Idaho National Laboratory describe the scope of that exposure in the Intelligence-Driven Active Defense Report
Industrial networks continue to leak onto the internet Read More »
AWS Security Hub Extended brings enterprise security under one roof 2026-02-26 at 23:18 By Anamarija Pogorelec AWS Security Hub Extended is a plan within Security Hub that simplifies how customers procure, deploy, and integrate a full-stack enterprise security solution across endpoint, identity, email, network, data, browser, cloud, AI, and security operations. The plan allows customers
AWS Security Hub Extended brings enterprise security under one roof Read More »
Fraudsters integrate ChatGPT into global scam campaigns 2026-02-26 at 19:37 By Anamarija Pogorelec AI models are being folded into fraud and influence operations that follow long standing tactics. A February 2026 update to OpenAI’s Disrupting Malicious Uses of Our Models report details how ChatGPT and related API access were used in romance scams, fake legal
Fraudsters integrate ChatGPT into global scam campaigns Read More »
ENISA’s Updated Cybersecurity Methodology Aligns with NIS2 and EU Cybersecurity Act 2026-02-26 at 13:17 By Ashish Khaitan The European Union Agency for Cybersecurity (ENISA) released its updated cybersecurity exercise methodology, providing organizations and governments across Europe with a structured framework for planning, executing, and evaluating cybersecurity exercises. Designed to be both practical and theoretically robust, this methodology offers an end-to-end approach to enhancing
ENISA’s Updated Cybersecurity Methodology Aligns with NIS2 and EU Cybersecurity Act Read More »
Samsung’s Galaxy S26 turns privacy into a visible and invisible feature 2026-02-26 at 12:27 By Sinisa Markovic The Samsung Galaxy S26 series is out, offering plenty of security features that protect personal data while providing users with transparency and control over how their information is used. The feature that grabbed the spotlight is the built-in
Samsung’s Galaxy S26 turns privacy into a visible and invisible feature Read More »
The $19.5 million insider risk problem 2026-02-26 at 09:09 By Mirko Zorz Routine employee activity across corporate systems carries an average annual cost of $19.5 million per organization. That figure comes from the 2026 Cost of Insider Risks Global Report, conducted by the Ponemon Institute and based on data from 354 organizations that experienced one
The $19.5 million insider risk problem Read More »
Open-source security debt grows across commercial software 2026-02-26 at 08:36 By Mirko Zorz Open source code sits inside nearly every commercial application, and development teams continue to add new dependencies. Black Duck’s 2026 Open Source Security and Risk Analysis Report data shows that nearly all audited codebases contain open source components, with average component counts
Open-source security debt grows across commercial software Read More »
Review: Digital Forensics, Investigation, and Response, 5th Edition 2026-02-26 at 08:01 By Mirko Zorz Digital Forensics, Investigation, and Response, 5th Edition presents a structured survey of the digital forensics discipline. The book spans foundational principles, platform specific analysis, specialized branches, and incident response integration. About the author Chuck Easttom has many years of practical experience
Review: Digital Forensics, Investigation, and Response, 5th Edition Read More »
AI-driven DAST reduces manual setup and surfaces exploitable vulnerabilities 2026-02-26 at 07:35 By Mirko Zorz In this Help Net Security interview, Joni Klippert, CEO at StackHawk, discusses what defines DAST coverage in 2026 and why scan completion does not equal security. She explains how AI-driven DAST testing automates attack surface discovery, supports business-logic testing in
AI-driven DAST reduces manual setup and surfaces exploitable vulnerabilities Read More »
Hottest cybersecurity open-source tools of the month: February 2026 2026-02-26 at 07:07 By Anamarija Pogorelec This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Pompelmi: Open-source secure file upload scanning for Node.js Software teams building services in JavaScript are adding more layers of defense to handle
Hottest cybersecurity open-source tools of the month: February 2026 Read More »