Virtual kidnapping scams prey on our worst fears 2025-06-16 at 08:02 By Sinisa Markovic Getting a call saying a family member has been kidnapped is terrifying. Fear and panic take over, making it hard to think clearly. That’s exactly what criminals count on when they use a scam called virtual kidnapping. What is virtual kidnapping? […]
Virtual kidnapping scams prey on our worst fears Read More »
Unpacking the security complexity of no-code development platforms 2025-06-13 at 09:02 By Mirko Zorz In this Help Net Security interview, Amichai Shulman, CTO at Nokod Security, discusses how the abstraction layer in no-code environments complicates security by obscuring data flow, identity propagation, and control logic. Shulman also addresses why vulnerabilities in no-code applications go far
Unpacking the security complexity of no-code development platforms Read More »
What CISOs need to know about agentic AI 2025-06-13 at 08:34 By Anamarija Pogorelec GenAI has been the star of the show lately. Tools like ChatGPT impressed everyone with how well they can summarize, write, and respond. But something new is gaining ground: agentic AI. These systems don’t just answer questions. They make decisions, take
What CISOs need to know about agentic AI Read More »
Security flaws in government apps go unpatched for years 2025-06-13 at 08:02 By Help Net Security 78% of public sector organizations are operating with significant security debt, flaws left unaddressed for more than a year, according to Veracode. 55% are burdened with ‘critical’ security debt, representing long-standing vulnerabilities with severe risk potential. Public sector flaw
Security flaws in government apps go unpatched for years Read More »
19 ways to build zero trust: NIST offers practical implementation guide 2025-06-13 at 07:32 By Sinisa Markovic The National Institute of Standards and Technology (NIST) has released a new guide that offers practical help for building zero trust architectures (ZTA). The guidance, titled Implementing a Zero Trust Architecture (SP 1800‑35), includes 19 example setups using
19 ways to build zero trust: NIST offers practical implementation guide Read More »
Identifying high-risk APIs across thousands of code repositories 2025-06-12 at 16:02 By Mirko Zorz In this Help Net Security interview, Joni Klippert, CEO of StackHawk, discusses why API visibility is a major blind spot for security teams, how legacy tools fall short, and how StackHawk identifies risky APIs and sensitive data directly from code before
Identifying high-risk APIs across thousands of code repositories Read More »
Cybercriminals are turning stolen data into a thriving black market 2025-06-12 at 09:18 By Help Net Security Cybercriminals are stealing data and running full-scale businesses around it. Europol’s latest Internet Organised Crime Threat Assessment (IOCTA) report reveals how personal data is now a core currency in the underground economy. Data is the product Cybercriminals go
Cybercriminals are turning stolen data into a thriving black market Read More »
Want fewer security fires to fight? Start with threat modeling 2025-06-12 at 09:01 By Mirko Zorz CISOs understand that threat modeling helps teams identify risks early and build safer systems. But outside the security org, the value isn’t always clear. When competing for budget or board attention, threat modeling often loses out to more visible
Want fewer security fires to fight? Start with threat modeling Read More »
Build a mobile hacking rig with a Pixel and Kali NetHunter 2025-06-12 at 08:32 By Mirko Zorz A cybersecurity hobbyist has built a compact, foldable mobile hacking rig that runs Kali NetHunter on a Google Pixel 3 XL. It’s called the NetHunter C-deck, and it packs serious functionality into a small, 3D-printed shell. NetHunter C-deck
Build a mobile hacking rig with a Pixel and Kali NetHunter Read More »
CISOs call for operational threat intelligence integration 2025-06-12 at 08:05 By Help Net Security 98% of CISOs face challenges when using threat intelligence, according to Trellix. The biggest problems are keeping up with changing threats, integration difficulties, and regulatory rules. As a result, threat intelligence defaults to a reactive function within a workstream, rather than
CISOs call for operational threat intelligence integration Read More »
Email security risks healthcare IT can’t afford to ignore 2025-06-12 at 07:32 By Help Net Security 92% of healthcare IT leaders say they’re confident in their ability to prevent email-based data breaches, but according to Paubox, they’re not. Healthcare compliance confidence gap Email remains one of the biggest security risks in healthcare. Outdated systems and
Email security risks healthcare IT can’t afford to ignore Read More »
44% of mobile users encounter scams every day 2025-06-12 at 07:02 By Help Net Security Nearly half of of mobile users encounter mobile scams daily, with people in the US and UK more likely to be targeted than those in other regions, according to Malwarebytes. Most users say it’s hard to tell a scam from
44% of mobile users encounter scams every day Read More »
OWASP Nettacker: Open-source scanner for recon and vulnerability assessment 2025-06-11 at 09:01 By Mirko Zorz OWASP Nettacker is a free, open-source tool designed for network scanning, information gathering, and basic vulnerability assessment. Built and maintained by the OWASP community, Nettacker helps security pros automate common tasks like port scanning, service detection, and brute-force attacks. It
OWASP Nettacker: Open-source scanner for recon and vulnerability assessment Read More »
The path to better cybersecurity isn’t more data, it’s less noise 2025-06-11 at 08:31 By Sinisa Markovic In cybersecurity, there’s an urge to collect as much data as possible. Logs, alerts, metrics, everything. But more data doesn’t necessarily translate to better security. SOCs deal with tens of thousands of alerts every day. It’s more than
The path to better cybersecurity isn’t more data, it’s less noise Read More »
How to build AI into your business without breaking compliance 2025-06-11 at 08:02 By Mirko Zorz AI is supposed to make businesses faster, smarter, and more competitive, but most projects fall short. The Cloud Security Alliance (CSA) says the real issue is companies cramming AI into old, rigid processes that just can’t keep up. “AI
How to build AI into your business without breaking compliance Read More »
86% of all LLM usage is driven by ChatGPT 2025-06-11 at 07:01 By Help Net Security ChatGPT remains the most widely used LLM among New Relic customers, making up over 86% of all tokens processed. Developers and enterprises are shifting to OpenAI’s latest models, such as GPT-4o and GPT-4o mini, even when more affordable alternatives
86% of all LLM usage is driven by ChatGPT Read More »
The legal questions to ask when your systems go dark 2025-06-10 at 09:16 By Mirko Zorz At Span Cyber Security Arena, I sat down with Iva Mišković, Partner at the ISO-certified Mišković & Mišković law firm, to discuss the role of legal teams during cyber incidents. She shared why lawyers should assume the worst, coordinate
The legal questions to ask when your systems go dark Read More »
AI threats leave SecOps teams burned out and exposed 2025-06-10 at 08:39 By Mirko Zorz Security teams are leaning hard into AI, and fast. A recent survey of 500 senior cybersecurity pros at big U.S. companies found that 86% have ramped up their AI use in the past year. The main reason? They’re trying to
AI threats leave SecOps teams burned out and exposed Read More »
Securing agentic AI systems before they go rogue 2025-06-10 at 08:24 By Help Net Security In this Help Net Security video, Eoin Wickens, Director of Threat Intelligence at HiddenLayer, explores the security risks posed by agentic AI. He breaks down how agentic AI functions, its potential to revolutionize business operations, and the vulnerabilities it introduces,
Securing agentic AI systems before they go rogue Read More »
Balancing cybersecurity and client experience for high-net-worth clients 2025-06-09 at 09:03 By Mirko Zorz In this Help Net Security interview, Renana Friedlich-Barsky, EVP and CISO at LPL Financial, discusses how threat actors are targeting high-net-worth clients and exploiting digital touchpoints in wealth management. She explains why firms must embed security from the start to protect
Balancing cybersecurity and client experience for high-net-worth clients Read More »