cybersecurity

Creative cybersecurity strategies for resource-constrained institutions

collaboration, Compliance, cyber resilience, cybersecurity, Don't miss, Features, Hot stuff, Innovation, News, RTI International, security controls, strategy /

Creative cybersecurity strategies for resource-constrained institutions 2025-12-02 at 09:33 By Mirko Zorz In this Help Net Security interview, Dennis Pickett, CISO at RTI International, talks about how research institutions can approach cybersecurity with limited resources and still build resilience. He discusses the tension between open research and the need to protect sensitive information, noting that […]

Creative cybersecurity strategies for resource-constrained institutions Read More »

Attackers keep finding new ways to fool AI

Artificial Intelligence, cybersecurity, framework, Government, News, report, security standard /

Attackers keep finding new ways to fool AI 2025-12-02 at 08:14 By Anamarija Pogorelec AI development keeps accelerating while the safeguards around it move on uneven ground, according to The International AI Safety Report. Security leaders are being asked to judge exposure without dependable benchmarks. Developers build layered defenses Across the AI ecosystem, developers are

Attackers keep finding new ways to fool AI Read More »

The collapse of trust at the identity layer

automation, cybersecurity, deepfakes, fraud, identity verification, News, Regula, report, security metrics, social engineering /

The collapse of trust at the identity layer 2025-12-02 at 07:49 By Anamarija Pogorelec Identity verification has become the latest front in the fight against industrialized fraud, according to a new report from Regula. The shift is visible across sectors that once relied on predictable verification routines. Criminals have learned to target the identity step

The collapse of trust at the identity layer Read More »

Treating MCP like an API creates security blind spots

API security, Artificial Intelligence, Compliance, cybersecurity, Don't miss, Features, Hot stuff, identity management, MCP Manager, News, security controls, servers /

Treating MCP like an API creates security blind spots 2025-12-01 at 09:06 By Mirko Zorz In this Help Net Security interview, Michael Yaroshefsky, CEO at MCP Manager, discusses how Model Context Protocol’s (MCP) trust model creates security gaps that many teams overlook and why MCP must not be treated like a standard API. He explains how

Treating MCP like an API creates security blind spots Read More »

Offensive cyber power is spreading fast and changing global security

China, CISO, cyber risk, cybersecurity, Don't miss, Hot stuff, NATO, News, report, research, Risk Management, Russian Federation, strategy, threats /

Offensive cyber power is spreading fast and changing global security 2025-12-01 at 08:36 By Sinisa Markovic Offensive cyber activity has moved far beyond a handful of major powers. More governments now rely on digital operations to project influence during geopolitical tension, which raises new risks for organizations caught in the middle. A new policy brief

Offensive cyber power is spreading fast and changing global security Read More »

What zero trust looks like when you build it step by step

access control, authentication, cybersecurity, Don't miss, identity management, KeyData Cyber, News, security metrics, Video, zero trust /

What zero trust looks like when you build it step by step 2025-12-01 at 08:36 By Help Net Security In this Help Net Security video, Jonathan Edwards, Managing Director at KeyData Cyber, walks us through what practical zero trust adoption looks like in stages. He explains why he dislikes the term itself, then shifts to

What zero trust looks like when you build it step by step Read More »

The weekend is prime time for ransomware

cybersecurity, identity, News, Ransomware, report, Semperis, SOC /

The weekend is prime time for ransomware 2025-12-01 at 07:01 By Anamarija Pogorelec Over half of organizations that experienced a ransomware event in the past year were hit during a weekend or holiday, according to a Semperis report. Those periods often come with thin staffing, slower investigation, and fewer eyes on identity systems. Intruders know

The weekend is prime time for ransomware Read More »

New observational auditing framework takes aim at machine learning privacy leaks

cybersecurity, Don't miss, Features, Hot stuff, machine learning, Meta, News, Privacy, research, security auditing /

New observational auditing framework takes aim at machine learning privacy leaks 2025-11-28 at 08:34 By Sinisa Markovic Machine learning (ML) privacy concerns continue to surface, as audits show that models can reveal parts of the labels (the user’s choice, expressed preference, or the result of an action) used during training. A new research paper explores

New observational auditing framework takes aim at machine learning privacy leaks Read More »

Fragmented tooling slows vulnerability management

cybersecurity, Hackuity, News, remediation, report, Threat Intelligence, vulnerability management /

Fragmented tooling slows vulnerability management 2025-11-28 at 07:32 By Anamarija Pogorelec Security leaders know vulnerability backlogs are rising, but new data shows how quickly the gap between exposures and available resources is widening, according to a new report by Hackuity. Fragmented detection and slow remediation Organizations use a formalized approach to manage vulnerabilities, but their

Fragmented tooling slows vulnerability management Read More »

Hottest cybersecurity open-source tools of the month: November 2025

cybersecurity, Don't miss, GitHub, News, open source, software /

Hottest cybersecurity open-source tools of the month: November 2025 2025-11-27 at 09:00 By Anamarija Pogorelec This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Heisenberg: Open-source software supply chain health check tool Heisenberg is an open-source tool that checks the health of a software supply chain.

Hottest cybersecurity open-source tools of the month: November 2025 Read More »

Your critical infrastructure is running out of time

Cisco, critical infrastructure, cyber resilience, cybersecurity, News, patching, policy, report /

Your critical infrastructure is running out of time 2025-11-27 at 08:05 By Anamarija Pogorelec Cyber attackers often succeed not because they are inventive, but because the systems they target are old. A new report by Cisco shows how unsupported technology inside national infrastructure creates openings that attackers can exploit repeatedly. The findings show how widespread

Your critical infrastructure is running out of time Read More »

Criminal networks industrialize payment fraud operations

Artificial Intelligence, cybersecurity, financial industry, fraud, mobile payment, News, online payment, report, Visa /

Criminal networks industrialize payment fraud operations 2025-11-27 at 07:55 By Anamarija Pogorelec Fraud operations are expanding faster than payment defenses can adjust. Criminal groups function like coordinated businesses that develop tools, automate tasks, and scale attacks. New data from a Visa report shows how these shifts are reshaping risk across the financial sector. Fraud now

Criminal networks industrialize payment fraud operations Read More »

The identity mess your customers feel before you do

authentication, cybersecurity, Descope, identity management, MFA, News, passkeys, passwords, report /

The identity mess your customers feel before you do 2025-11-27 at 07:55 By Anamarija Pogorelec Customer identity has become one of the most brittle parts of the enterprise security stack. Teams know authentication matters, but organizations keep using methods that frustrate users and increase risk. New research from Descope shows how companies manage customer identity

The identity mess your customers feel before you do Read More »

Heineken CISO champions a new risk mindset to unlock innovation

boardroom, CISO, Compliance, cyber risk, cybersecurity, Don't miss, Features, Heineken, Hot stuff, News, Risk Management, strategy, tips /

Heineken CISO champions a new risk mindset to unlock innovation 2025-11-26 at 09:16 By Mirko Zorz In this Help Net Security interview, Marina Marceta, CISO at Heineken, discusses what it takes for CISOs to be seen as business-aligned leaders rather than technical overseers. She shares how connecting security to business impact can shift perceptions and

Heineken CISO champions a new risk mindset to unlock innovation Read More »

Small language models step into the fight against phishing sites

Artificial Intelligence, cybersecurity, Don't miss, Features, Hot stuff, LLMs, News, phishing, research /

Small language models step into the fight against phishing sites 2025-11-26 at 08:31 By Sinisa Markovic Phishing sites keep rising, and security teams are searching for ways to sort suspicious pages at speed. A recent study explores whether small language models (SLMs) can scan raw HTML to catch these threats. The work reviews a range

Small language models step into the fight against phishing sites Read More »

How board members think about cyber risk and what CISOs should tell them

boardroom, CISO, cyber risk, cybersecurity, Don't miss, News, Qualys, security metrics, strategy, Video /

How board members think about cyber risk and what CISOs should tell them 2025-11-26 at 07:11 By Help Net Security In this Help Net Security video, Jonathan Trull, EVP & CISO at Qualys, discusses which cybersecurity metrics matter most to a board of directors. Drawing on more than two decades in the field, he explains

How board members think about cyber risk and what CISOs should tell them Read More »

How an AI meltdown could reset enterprise expectations

access control, Artificial Intelligence, CIO, CISO, cybersecurity, Don't miss, Features, Hot stuff, Incident Response, News, Redgate Software, regulation, strategy, tips /

How an AI meltdown could reset enterprise expectations 2025-11-25 at 09:02 By Mirko Zorz In this Help Net Security interview, Graham McMillan, CTO at Redgate Software, discusses AI, security, and the future of enterprise oversight. He explains why past incidents haven’t pushed the industry to mature. McMillan also outlines the structural shifts he expects once

How an AI meltdown could reset enterprise expectations Read More »

Supply chain sprawl is rewriting security priorities

access control, cybersecurity, data breach, ISC2, News, report, Risk Management, supply chain, third party compromise /

Supply chain sprawl is rewriting security priorities 2025-11-25 at 07:32 By Anamarija Pogorelec Organizations depend on long chains of vendors, but many cybersecurity professionals say these relationships create gaps they cannot see or control. A new ISC2 survey of more than 1,000 cybersecurity professionals shows that supply chain risk sits near the top of their

Supply chain sprawl is rewriting security priorities Read More »

Quantum encryption is pushing satellite hardware to its limits

critical infrastructure, cybersecurity, Don't miss, Encryption, Features, News, quantum computing, security standard, Swiss Armed Forces /

Quantum encryption is pushing satellite hardware to its limits 2025-11-24 at 09:11 By Mirko Zorz In this Help Net Security interview, Colonel Ludovic Monnerat, Commander Space Command, Swiss Armed Forces, discusses how securing space assets is advancing in response to emerging quantum threats. He explains why satellite systems must move beyond traditional cryptography to remain

Quantum encryption is pushing satellite hardware to its limits Read More »

What happens when vulnerability scores fall apart?

CVE, cybersecurity, News, open source, report, risk, software development, Sonatype, vulnerability disclosure /

What happens when vulnerability scores fall apart? 2025-11-24 at 07:54 By Anamarija Pogorelec Security leaders depend on vulnerability data to guide decisions, but the system supplying that data is struggling. An analysis from Sonatype shows that core vulnerability indexes no longer deliver the consistency or speed needed for the current software environment. A system that

What happens when vulnerability scores fall apart? Read More »

Scroll to Top