What boards need to hear about cyber risk, and what they don’t 2026-02-02 at 09:10 By Help Net Security In this Help Net Security video, Rishi Kaushal, CIO at Entrust, explains how security leaders should talk to the board about cyber risk. He focuses on what matters to board members and what does not. He […]
What boards need to hear about cyber risk, and what they don’t Read More »
AI is flooding IAM systems with new identities 2026-02-02 at 07:20 By Anamarija Pogorelec Most organizations view AI identities through the same lens used for other non-human identities, such as service accounts, API keys, and chatbots, according to The State of Non-Human Identity and AI Security report by the Cloud Security Alliance. AI identities inherit
AI is flooding IAM systems with new identities Read More »
Security work keeps expanding, even with AI in the mix 2026-01-30 at 08:07 By Sinisa Markovic Board attention continues to rise, and security groups now operate closer to executive decision making than in prior years, a pattern reflected the Voice of Security 2026 report by Tines. Within that environment, large numbers of teams already rely
Security work keeps expanding, even with AI in the mix Read More »
Security teams are carrying more tools with less confidence 2026-01-30 at 07:31 By Anamarija Pogorelec Enterprise environments now span multiple clouds, on-premises systems, and a steady flow of new applications. Hybrid and multi-cloud setups are common across large organizations, and they bring a constant stream of logs, alerts, and operational data. That environment already exists
Security teams are carrying more tools with less confidence Read More »
New infosec products of the month: January 2026 2026-01-30 at 06:33 By Anamarija Pogorelec Here’s a look at the most interesting products from the past month, featuring releases from Acronis, Booz Allen Hamilton, cside, Descope, JumpCloud, MIND, Noction, Obsidian Security, Rubrik, SEON, SpyCloud, Tenable, Tosi and Vectra AI. Acronis Archival Storage brings compliance-ready, S3-compatible cold
New infosec products of the month: January 2026 Read More »
Open-source malware zeroes in on developer environments 2026-01-29 at 08:36 By Anamarija Pogorelec Open source malware activity during 2025 concentrated on a single objective: executing code inside developer environments, according to Sonatype. The focus reflected a broader shift in supply chain attacks away from end users and toward the tools, machines, and pipelines used to
Open-source malware zeroes in on developer environments Read More »
Hottest cybersecurity open-source tools of the month: January 2026 2026-01-29 at 08:06 By Anamarija Pogorelec This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. OpenAEV: Open-source adversarial exposure validation platform OpenAEV is an open source platform designed to plan, run, and review cyber adversary simulation campaigns
Hottest cybersecurity open-source tools of the month: January 2026 Read More »
A practical take on cyber resilience for CISOs 2026-01-29 at 08:06 By Help Net Security In this Help Net Security video, Shebani Baweja, CISO for Consumer, Private, Wealth & Business Banking at Standard Chartered, explains how security leaders should think about cyber resilience. She outlines why preparation for extreme events matters as much as day
A practical take on cyber resilience for CISOs Read More »
What motivates hackers and what makes them walk away 2026-01-29 at 07:02 By Anamarija Pogorelec Most hackers spend more time learning, testing, and comparing notes than breaking into systems. The work often happens alone or in small groups, shaped by curiosity, persistence, and a habit of examining how systems behave. Bugcrowd examined who these security
What motivates hackers and what makes them walk away Read More »
OPNsense 26.1 brings updates to open-source firewall management 2026-01-29 at 01:17 By Anamarija Pogorelec OPNsense, the open-source firewall and network security platform, reached version 26.1, adding a range of updates affecting management, traffic visibility, automation interfaces, and core services. Changes in firewall management and APIs Version 26.1, code-named Witty Woodpecker, introduces revisions to the firewall
OPNsense 26.1 brings updates to open-source firewall management Read More »
CERT UEFI Parser: Open-source tool exposes UEFI architecture to uncover vulnerabilities 2026-01-28 at 09:10 By Sinisa Markovic CERT UEFI Parser, a new open-source security analysis tool from the CERT Coordination Center has been released to help researchers and defenders examine the structure of Unified Extensible Firmware Interface (UEFI) software and identify classes of vulnerabilities that
CERT UEFI Parser: Open-source tool exposes UEFI architecture to uncover vulnerabilities Read More »
Grammarly and QuillBot are among widely used Chrome extensions facing serious privacy questions 2026-01-28 at 08:15 By Anamarija Pogorelec A new study shows that some of the most widely used AI-powered browser extensions are a privacy risk. They collect lots of data and require a high level of browser access. The research was conducted by
Why prevention-first secrets security will define enterprise scale: Learnings from a leading telecom 2026-01-28 at 08:15 By Help Net Security Once a secret enters Git, it’s expensive to remediate. But the real problem runs deeper than cost. Grégory Maitrallain, Solution Architect at Orange Business, discovered this reality during their implementation: “Once a secret is pushed
Waiting for AI superintelligence? Don’t hold your breath 2026-01-27 at 09:44 By Sinisa Markovic AI’s impact on systems, security, and decision-making is already permanent. Superintelligence, often referred to as artificial superintelligence (ASI), describes a theoretical stage in which AI capability exceeds human cognitive performance across domains. Whether current systems are progressing toward cybersecurity superintelligence remains
Waiting for AI superintelligence? Don’t hold your breath Read More »
When open science meets real-world cybersecurity 2026-01-27 at 09:44 By Mirko Zorz Scientific research environments are built for openness and collaboration, often prioritizing long-term discovery over traditional enterprise security. In this Help Net Security interview, Matthew Kwiatkowski, CISO at Fermilab, America’s particle physics and accelerator laboratory, discusses where cybersecurity blind spots emerge, why availability can
When open science meets real-world cybersecurity Read More »
AI’s appetite for data is testing enterprise guardrails 2026-01-27 at 08:18 By Anamarija Pogorelec Privacy programs are taking on more operational responsibility across the enterprise. A new Cisco global benchmark study shows expanding mandates, rising investment, and sustained pressure around data quality, accountability, and cross-border data management tied to AI systems. Privacy programs grow with
AI’s appetite for data is testing enterprise guardrails Read More »
Inside Microsoft’s veteran-to-tech workforce pipeline 2026-01-26 at 12:12 By Zeljka Zorz The technology workforce is changing, and military veterans are increasingly being recognized as one of the industry’s most valuable and dependable talent pools. In this Help Net Security interview, Chris Cortez, Vice President of Military Affairs at Microsoft and longtime leader of the Microsoft
Inside Microsoft’s veteran-to-tech workforce pipeline Read More »
Incident response lessons learned the hard way 2026-01-26 at 07:36 By Help Net Security In this Help Net Security video, Ryan Seymour, VP, Consulting and Education at ConnectSecure, shares lessons from more than two decades in cybersecurity incident response. He explains why many response failures are set in motion long before an attack begins. The
Incident response lessons learned the hard way Read More »
Exposed training apps are showing up in active cloud attacks 2026-01-22 at 09:06 By Sinisa Markovic Security teams often spin up vulnerable applications for demos, training, or internal testing. A recent Pentera research report documents how those environments are being left exposed on the public internet and actively exploited. The research focuses on intentionally vulnerable
Exposed training apps are showing up in active cloud attacks Read More »
Unbounded AI use can break your systems 2026-01-22 at 08:01 By Help Net Security In this Help Net Security video, James Wickett, CEO of DryRun Security, explains cyber risks many teams underestimate as they add AI to products. He focuses on how fast LLM features are pushed into live applications without limits or guardrails. The
Unbounded AI use can break your systems Read More »