cybersecurity

Before scaling GenAI, map your LLM usage and risk zones

Application Security, ArmorCode, Artificial Intelligence, cybersecurity, Don't miss, Features, generative AI, Hot stuff, Lakera, LLMs, News, OWASP, policy, Straiker, The Motley Fool /

Before scaling GenAI, map your LLM usage and risk zones 2025-06-17 at 08:46 By Mirko Zorz In this Help Net Security interview, Paolo del Mundo, Director of Application and Cloud Security at The Motley Fool, discusses how organizations can scale their AI usage by implementing guardrails to mitigate GenAI-specific risks like prompt injection, insecure outputs, […]

React to this headline:

Loading spinner

Before scaling GenAI, map your LLM usage and risk zones Read More »

CURBy: A quantum random number generator you can verify

cybersecurity, Encryption, News, NIST, quantum computing, research /

CURBy: A quantum random number generator you can verify 2025-06-17 at 08:01 By Sinisa Markovic NIST and the University of Colorado Boulder have created a public service that delivers random numbers using quantum mechanics. Called the Colorado University Randomness Beacon (CURBy), the system offers a daily stream of certifiable random numbers generated through a process

React to this headline:

Loading spinner

CURBy: A quantum random number generator you can verify Read More »

CISOs brace for a surge in domain-based cyber threats

CISO, CSC, cybersecurity, News, report, strategy, tips /

CISOs brace for a surge in domain-based cyber threats 2025-06-17 at 07:32 By Mirko Zorz Cybersecurity threats are growing more complex, and domain-based attacks are at the center of this shift. CSC’s CISO Outlook 2025 report, based on a survey of 300 security leaders, reveals a rising sense of urgency as organizations confront both established

React to this headline:

Loading spinner

CISOs brace for a surge in domain-based cyber threats Read More »

Why banks’ tech-first approach leaves governance gaps

Banks, CIO, CISO, Compliance, CXO, cybersecurity, Don't miss, Features, financial industry, Hot stuff, Live Oak Bank, News, opinion, regulation, Risk Management, security metrics, strategy /

Why banks’ tech-first approach leaves governance gaps 2025-06-16 at 09:06 By Mirko Zorz In this Help Net Security interview, Rich Friedberg, CISO at Live Oak Bank, discusses how banks can better align cybersecurity efforts with broader cyber governance and risk priorities. Banking institutions often falter when cybersecurity is siloed as purely a technical or compliance

React to this headline:

Loading spinner

Why banks’ tech-first approach leaves governance gaps Read More »

MDEAutomator: Open-source endpoint management, incident response in MDE

cybersecurity, Don't miss, GitHub, Hot stuff, Microsoft, News, open source, software /

MDEAutomator: Open-source endpoint management, incident response in MDE 2025-06-16 at 08:36 By Help Net Security Managing endpoints and responding to security incidents in Microsoft Defender for Endpoint (MDE) can be time-consuming and complex. MDEAutomator is an open-source tool designed to make that easier. MDEAutomator is a modular, serverless solution for IT and security teams looking

React to this headline:

Loading spinner

MDEAutomator: Open-source endpoint management, incident response in MDE Read More »

Virtual kidnapping scams prey on our worst fears

Artificial Intelligence, BeyondID, cybercrime, cybersecurity, Don't miss, McAfee, News, scams, tips /

Virtual kidnapping scams prey on our worst fears 2025-06-16 at 08:02 By Sinisa Markovic Getting a call saying a family member has been kidnapped is terrifying. Fear and panic take over, making it hard to think clearly. That’s exactly what criminals count on when they use a scam called virtual kidnapping. What is virtual kidnapping?

React to this headline:

Loading spinner

Virtual kidnapping scams prey on our worst fears Read More »

Unpacking the security complexity of no-code development platforms

Application Security, code, cybersecurity, Don't miss, Features, Hot stuff, News, Nokod Security, software development /

Unpacking the security complexity of no-code development platforms 2025-06-13 at 09:02 By Mirko Zorz In this Help Net Security interview, Amichai Shulman, CTO at Nokod Security, discusses how the abstraction layer in no-code environments complicates security by obscuring data flow, identity propagation, and control logic. Shulman also addresses why vulnerabilities in no-code applications go far

React to this headline:

Loading spinner

Unpacking the security complexity of no-code development platforms Read More »

What CISOs need to know about agentic AI

AI, cybersecurity, ISG, LLM, News, report /

What CISOs need to know about agentic AI 2025-06-13 at 08:34 By Anamarija Pogorelec GenAI has been the star of the show lately. Tools like ChatGPT impressed everyone with how well they can summarize, write, and respond. But something new is gaining ground: agentic AI. These systems don’t just answer questions. They make decisions, take

React to this headline:

Loading spinner

What CISOs need to know about agentic AI Read More »

Security flaws in government apps go unpatched for years

Application Security, cybersecurity, News, report, software, survey, Veracode /

Security flaws in government apps go unpatched for years 2025-06-13 at 08:02 By Help Net Security 78% of public sector organizations are operating with significant security debt, flaws left unaddressed for more than a year, according to Veracode. 55% are burdened with ‘critical’ security debt, representing long-standing vulnerabilities with severe risk potential. Public sector flaw

React to this headline:

Loading spinner

Security flaws in government apps go unpatched for years Read More »

19 ways to build zero trust: NIST offers practical implementation guide

AppOmni, cybersecurity, News, NIST, strategy, tips, zero trust /

19 ways to build zero trust: NIST offers practical implementation guide 2025-06-13 at 07:32 By Sinisa Markovic The National Institute of Standards and Technology (NIST) has released a new guide that offers practical help for building zero trust architectures (ZTA). The guidance, titled Implementing a Zero Trust Architecture (SP 1800‑35), includes 19 example setups using

React to this headline:

Loading spinner

19 ways to build zero trust: NIST offers practical implementation guide Read More »

Identifying high-risk APIs across thousands of code repositories

API security, cybersecurity, data, Don't miss, Features, Hot stuff, News, opinion, StackHawk /

Identifying high-risk APIs across thousands of code repositories 2025-06-12 at 16:02 By Mirko Zorz In this Help Net Security interview, Joni Klippert, CEO of StackHawk, discusses why API visibility is a major blind spot for security teams, how legacy tools fall short, and how StackHawk identifies risky APIs and sensitive data directly from code before

React to this headline:

Loading spinner

Identifying high-risk APIs across thousands of code repositories Read More »

Cybercriminals are turning stolen data into a thriving black market

cybercrime, cybersecurity, Europol, law enforcement, News, report /

Cybercriminals are turning stolen data into a thriving black market 2025-06-12 at 09:18 By Help Net Security Cybercriminals are stealing data and running full-scale businesses around it. Europol’s latest Internet Organised Crime Threat Assessment (IOCTA) report reveals how personal data is now a core currency in the underground economy. Data is the product Cybercriminals go

React to this headline:

Loading spinner

Cybercriminals are turning stolen data into a thriving black market Read More »

Want fewer security fires to fight? Start with threat modeling

CISO, cyber resilience, cybersecurity, Cymulate, Don't miss, Features, Hot stuff, News, Risk Management, security ROI, Silent Push, SpecterOps, strategy, threat modeling, tips /

Want fewer security fires to fight? Start with threat modeling 2025-06-12 at 09:01 By Mirko Zorz CISOs understand that threat modeling helps teams identify risks early and build safer systems. But outside the security org, the value isn’t always clear. When competing for budget or board attention, threat modeling often loses out to more visible

React to this headline:

Loading spinner

Want fewer security fires to fight? Start with threat modeling Read More »

Build a mobile hacking rig with a Pixel and Kali NetHunter

cybersecurity, Don't miss, hardware, Hot stuff, Kali Linux, mobile devices, News, OffSec, penetration testing /

Build a mobile hacking rig with a Pixel and Kali NetHunter 2025-06-12 at 08:32 By Mirko Zorz A cybersecurity hobbyist has built a compact, foldable mobile hacking rig that runs Kali NetHunter on a Google Pixel 3 XL. It’s called the NetHunter C-deck, and it packs serious functionality into a small, 3D-printed shell. NetHunter C-deck

React to this headline:

Loading spinner

Build a mobile hacking rig with a Pixel and Kali NetHunter Read More »

CISOs call for operational threat intelligence integration

CISO, cybersecurity, News, report, strategy, Threat Intelligence, Trellix /

CISOs call for operational threat intelligence integration 2025-06-12 at 08:05 By Help Net Security 98% of CISOs face challenges when using threat intelligence, according to Trellix. The biggest problems are keeping up with changing threats, integration difficulties, and regulatory rules. As a result, threat intelligence defaults to a reactive function within a workstream, rather than

React to this headline:

Loading spinner

CISOs call for operational threat intelligence integration Read More »

Email security risks healthcare IT can’t afford to ignore

cybersecurity, email security, healthcare, News, Paubox, report /

Email security risks healthcare IT can’t afford to ignore 2025-06-12 at 07:32 By Help Net Security 92% of healthcare IT leaders say they’re confident in their ability to prevent email-based data breaches, but according to Paubox, they’re not. Healthcare compliance confidence gap Email remains one of the biggest security risks in healthcare. Outdated systems and

React to this headline:

Loading spinner

Email security risks healthcare IT can’t afford to ignore Read More »

44% of mobile users encounter scams every day

cybersecurity, Malwarebytes, mobile security, News, report, scams /

44% of mobile users encounter scams every day 2025-06-12 at 07:02 By Help Net Security Nearly half of of mobile users encounter mobile scams daily, with people in the US and UK more likely to be targeted than those in other regions, according to Malwarebytes. Most users say it’s hard to tell a scam from

React to this headline:

Loading spinner

44% of mobile users encounter scams every day Read More »

OWASP Nettacker: Open-source scanner for recon and vulnerability assessment

cybersecurity, Don't miss, GitHub, News, open source, OWASP, scanning, software, vulnerability assessment /

OWASP Nettacker: Open-source scanner for recon and vulnerability assessment 2025-06-11 at 09:01 By Mirko Zorz OWASP Nettacker is a free, open-source tool designed for network scanning, information gathering, and basic vulnerability assessment. Built and maintained by the OWASP community, Nettacker helps security pros automate common tasks like port scanning, service detection, and brute-force attacks. It

React to this headline:

Loading spinner

OWASP Nettacker: Open-source scanner for recon and vulnerability assessment Read More »

The path to better cybersecurity isn’t more data, it’s less noise

Artificial Intelligence, cybersecurity, data, Don't miss, News, SOC, strategy, tips /

The path to better cybersecurity isn’t more data, it’s less noise 2025-06-11 at 08:31 By Sinisa Markovic In cybersecurity, there’s an urge to collect as much data as possible. Logs, alerts, metrics, everything. But more data doesn’t necessarily translate to better security. SOCs deal with tens of thousands of alerts every day. It’s more than

React to this headline:

Loading spinner

The path to better cybersecurity isn’t more data, it’s less noise Read More »

How to build AI into your business without breaking compliance

Artificial Intelligence, automation, CISO, Cloud Security Alliance, cybersecurity, Don't miss, News, strategy, tips /

How to build AI into your business without breaking compliance 2025-06-11 at 08:02 By Mirko Zorz AI is supposed to make businesses faster, smarter, and more competitive, but most projects fall short. The Cloud Security Alliance (CSA) says the real issue is companies cramming AI into old, rigid processes that just can’t keep up. “AI

React to this headline:

Loading spinner

How to build AI into your business without breaking compliance Read More »

Scroll to Top