cybersecurity

How attackers weaponize communications networks

BlackBerry, cybersecurity, data security, Don't miss, Features, Hot stuff, network, network monitoring, News, regulation, secure communications, telecommunications /

How attackers weaponize communications networks 2025-09-11 at 08:30 By Mirko Zorz In this Help Net Security interview, Gregory Richardson, Vice President, Advisory CISO Worldwide, at BlackBerry, talks about the growing risks to communications networks. He explains why attackers focus on these networks and how their motivations range from corporate espionage to geopolitical influence. The discussion […]

How attackers weaponize communications networks Read More »

The state of DMARC adoption: What 10M domains reveal

cybersecurity, DMARC, Don't miss, email security, Fortra, News, Video /

The state of DMARC adoption: What 10M domains reveal 2025-09-11 at 07:43 By Help Net Security In this Help Net Security video, John Wilson, Senior Fellow, Threat Research at Fortra, explores the state of DMARC adoption across the top 10 million internet domains. He explains how SPF, DKIM, and DMARC work together to prevent email

The state of DMARC adoption: What 10M domains reveal Read More »

Automated network pentesting uncovers what traditional tests missed

automation, cybersecurity, Don't miss, Hot stuff, network, News, patching, penetration testing, Vonahi Security /

Automated network pentesting uncovers what traditional tests missed 2025-09-10 at 11:45 By Zeljka Zorz Most organizations run an annual network penetration test, remediate the issues it uncovers, and move on. But attackers are probing networks every day, using publicly available tools to exploit common misconfigurations and overlooked vulnerabilities. A new report, based on over 50,000

Automated network pentesting uncovers what traditional tests missed Read More »

Deepfakes are rewriting the rules of geopolitics

cyber risk, cybersecurity, deepfakes, Don't miss, Entrust, Features, Government, News /

Deepfakes are rewriting the rules of geopolitics 2025-09-10 at 09:21 By Sinisa Markovic Deception and media manipulation have always been part of warfare, but AI has taken them to a new level. Entrust reports that deepfakes were created every five minutes in 2024, while the European Parliament estimates that 8 million will circulate across the

Deepfakes are rewriting the rules of geopolitics Read More »

CISOs, stop chasing vulnerabilities and start managing human risk

CISO, cybersecurity, Dune Security, human error, News, report, survey /

CISOs, stop chasing vulnerabilities and start managing human risk 2025-09-10 at 07:25 By Anamarija Pogorelec Breaches continue to grow in scale and speed, yet the weakest point remains unchanged: people. According to Dune Security’s 2025 CISO Risk Intelligence Survey, over 90 percent of incidents still originate from user behavior rather than technical flaws. The survey

CISOs, stop chasing vulnerabilities and start managing human risk Read More »

Attackers test the limits of railway cybersecurity

Artificial Intelligence, critical infrastructure, cyber risk, cybersecurity, digital transformation, Google Cloud, News, strategy, Tenable /

Attackers test the limits of railway cybersecurity 2025-09-09 at 08:31 By Sinisa Markovic Railway systems are the lifeblood of many economies, supporting everything from daily passenger transport to military and industrial operations, so the question arises: how secure are they from a cybersecurity perspective? Like all industries, the railway industry is undergoing its digital transformation.

Attackers test the limits of railway cybersecurity Read More »

Employees keep feeding AI tools secrets they can’t take back

Artificial Intelligence, CISO, Compliance, cybersecurity, Kiteworks, News, policy, regulation, security controls /

Employees keep feeding AI tools secrets they can’t take back 2025-09-09 at 08:03 By Anamarija Pogorelec Employees are putting sensitive data into public AI tools, and many organizations don’t have the controls to stop it. A new report from Kiteworks finds that most companies are missing basic safeguards to manage this data. Security control maturity

Employees keep feeding AI tools secrets they can’t take back Read More »

Cybersecurity research is getting new ethics rules, here’s what you need to know

conferences, cybersecurity, Don't miss, Features, guide, Hot stuff, how-to, News, research, tips /

Cybersecurity research is getting new ethics rules, here’s what you need to know 2025-09-08 at 09:01 By Mirko Zorz Top cybersecurity conferences are introducing new rules that require researchers to formally address ethics in their work. Starting with the 2026 USENIX Security Symposium, all submissions must include a stakeholder-based ethics analysis. Other major venues such

Cybersecurity research is getting new ethics rules, here’s what you need to know Read More »

InterceptSuite: Open-source network traffic interception tool

cybersecurity, Don't miss, GitHub, network, News, open source, software /

InterceptSuite: Open-source network traffic interception tool 2025-09-08 at 08:34 By Mirko Zorz InterceptSuite is an open-source, cross-platform network traffic interception tool designed for TLS/SSL inspection, analysis, and manipulation at the network level. “InterceptSuite is designed primarily for non-HTTP protocols, although it does support HTTP/1 and HTTP/2. It offers support for databases, SMTP, and custom protocols,

InterceptSuite: Open-source network traffic interception tool Read More »

Cyber defense cannot be democratized

Artificial Intelligence, attacks, cyber resilience, cybersecurity, DevOps, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, SkyHawk Security /

Cyber defense cannot be democratized 2025-09-08 at 08:14 By Help Net Security The democratization of AI has fundamentally lowered the barrier for threat actors, creating a bigger pool of people who can carry out sophisticated attacks. The so-called democratization of security, on the other hand, has resulted in chaos. The problem In an earnest attempt

Cyber defense cannot be democratized Read More »

How to reclaim control over your online shopping data

CCPA, cyber risk, cybersecurity, Data Protection, data security, DataGrail, EU, Europe, GDPR, LOKKER, News, online shopping, Privacy, regulation /

How to reclaim control over your online shopping data 2025-09-05 at 09:33 By Sinisa Markovic Online shopping is convenient, saves time, and everything is just a click away. But how often do we stop to think about what happens to the data we leave behind, or the risks that might come with it? Where shopping

How to reclaim control over your online shopping data Read More »

File security risks rise as insiders, malware, and AI challenges converge

cyber risk, cybersecurity, Data leak, data security, News, OPSWAT, Ponemon Institute, report, survey /

File security risks rise as insiders, malware, and AI challenges converge 2025-09-05 at 08:42 By Anamarija Pogorelec Breaches tied to file access are happening often, and the costs add up quickly. Many organizations have faced multiple file-related incidents over the last two years, with financial losses stretching into the millions. The fallout often includes stolen

File security risks rise as insiders, malware, and AI challenges converge Read More »

Connected cars are smart, convenient, and open to cyberattacks

connected cars, cybersecurity, hardware, Internet of Things, News, report, RunSafe Security, survey /

Connected cars are smart, convenient, and open to cyberattacks 2025-09-05 at 07:32 By Sinisa Markovic Consumers are concerned about vulnerabilities in their vehicles, which directly impacts purchasing behavior and brand loyalty, according to RunSafe Security. Vehicles now run on over 100 million lines of code, which is more than most fighter jets, but they often

Connected cars are smart, convenient, and open to cyberattacks Read More »

macOS vulnerability allowed Keychain and iOS app decryption without a password

apple, conferences, CVE, cybersecurity, Don't miss, Hot stuff, macOS, News, security update, vulnerability /

macOS vulnerability allowed Keychain and iOS app decryption without a password 2025-09-04 at 15:41 By Mirko Zorz Today at Nullcon Berlin, a researcher disclosed a macOS vulnerability that allowed attackers to read the memory of any process, even with System Integrity Protection (SIP) enabled. The issue, tracked as CVE-2025-24204, stems from Apple mistakenly granting the

macOS vulnerability allowed Keychain and iOS app decryption without a password Read More »

Cutting through CVE noise with real-world threat signals

automation, CVE, cybersecurity, Don't miss, enterprise, News, Nucleus Security, Threat Intelligence, vulnerability management /

Cutting through CVE noise with real-world threat signals 2025-09-04 at 09:02 By Sinisa Markovic CISOs are dealing with an overload of vulnerability data. Each year brings tens of thousands of new CVEs, yet only a small fraction ever become weaponized. Teams often fall back on CVSS scores, which label thousands of flaws as “high” or

Cutting through CVE noise with real-world threat signals Read More »

Attackers are turning Salesforce trust into their biggest weapon

cybersecurity, Don't miss, News, OAuth, report, Salesforce, survey, threats, WithSecure /

Attackers are turning Salesforce trust into their biggest weapon 2025-09-04 at 09:02 By Sinisa Markovic Salesforce has become a major target for attackers in 2025, according to new WithSecure research into threats affecting customer relationship management (CRM) platforms. The report shows that malicious activity inside Salesforce environments rose sharply in the first quarter of this

Attackers are turning Salesforce trust into their biggest weapon Read More »

DDoS attacks serve as instruments of political influence and disruption

cybercrime, cybersecurity, DDoS, Netscout, News, report, survey /

DDoS attacks serve as instruments of political influence and disruption 2025-09-04 at 07:02 By Sinisa Markovic In the first half of 2025, there were 8,062,971 DDoS attacks worldwide, with EMEA taking the brunt at 3.2 million attacks, according to Netscout. Peak attacks reached speeds of 3.12 Tbps and 1.5 Gpps. These attacks have moved beyond

DDoS attacks serve as instruments of political influence and disruption Read More »

BruteForceAI: Free AI-powered login brute force tool

Artificial Intelligence, cybersecurity, Don't miss, GitHub, LLMs, News, software /

BruteForceAI: Free AI-powered login brute force tool 2025-09-03 at 09:31 By Help Net Security BruteForceAI is a penetration testing tool that uses LLMs to improve the way brute-force attacks are carried out. Instead of relying on manual setup, the tool can analyze HTML content, detect login form selectors, and prepare the attack process automatically. It

BruteForceAI: Free AI-powered login brute force tool Read More »

How gaming experience can help with a cybersecurity career

CAPSLOCK, CompTIA, cybersecurity, cybersecurity jobs, Don't miss, game, Hot stuff, News, online gaming, skill development, strategy, tips, Varonis /

How gaming experience can help with a cybersecurity career 2025-09-03 at 08:41 By Sinisa Markovic Many people might not think that playing video games could help build a career in cybersecurity. Yet the skills gained through gaming, even if they don’t seem relevant at first, can be useful in the field. An overlooked pool of

How gaming experience can help with a cybersecurity career Read More »

Scroll to Top