Why DNS threats should be on every CISO’s radar in 2025 2025-08-12 at 07:32 By Sinisa Markovic DNS is once again in the crosshairs of threat actors. According to the 2025 DNS Threat Landscape Report by Infoblox, attackers are changing tactics, and enterprises are feeling the pressure. The report shows that DNS is being used […]
React to this headline:
Why DNS threats should be on every CISO’s radar in 2025 Read More »
What the Matter 1.4.2 update means for smart home security 2025-08-11 at 18:28 By Anamarija Pogorelec Matter is built on the idea that smart home devices should be secure, reliable, and easy to use. It is based on Internet Protocol (IP), which allows devices, mobile apps, and cloud services to communicate. Matter also defines a
React to this headline:
What the Matter 1.4.2 update means for smart home security Read More »
WinRAR zero day exploited by RomCom hackers in targeted attacks 2025-08-11 at 12:55 By Sinisa Markovic ESET researchers have discovered a previously unknown vulnerability in WinRAR, exploited in the wild by Russia-aligned group RomCom. If you use WinRAR or related components such as the Windows versions of its command line tools, UnRAR.dll, or the portable
React to this headline:
WinRAR zero day exploited by RomCom hackers in targeted attacks Read More »
How Brandolini’s law informs our everyday infosec reality 2025-08-11 at 09:00 By Help Net Security Brandolini’s law, also known as the “bullshit asymmetry principle”, is simple but devastating: “The amount of energy needed to refute bullshit is an order of magnitude bigger than to produce it.” While it’s often thrown around in political debates and
React to this headline:
How Brandolini’s law informs our everyday infosec reality Read More »
From legacy to SaaS: Why complexity is the enemy of enterprise security 2025-08-11 at 08:32 By Mirko Zorz In this Help Net Security interview, Robert Buljevic, Technology Consultant at Bridge IT, discusses how the coexistence of legacy systems and SaaS applications is changing the way organizations approach security. He explains why finding the right balance
React to this headline:
From legacy to SaaS: Why complexity is the enemy of enterprise security Read More »
Pentesting is now central to CISO strategy 2025-08-11 at 07:36 By Anamarija Pogorelec Security leaders are rethinking their approach to cybersecurity as digital supply chains expand and generative AI becomes embedded in critical systems. A recent survey of 225 security leaders conducted by Emerald Research found that 68% are concerned about the risks posed by
React to this headline:
Pentesting is now central to CISO strategy Read More »
Breaches are up, budgets are too, so why isn’t healthcare safer? 2025-08-11 at 07:11 By Sinisa Markovic A new report from Resilience outlines a growing cyber crisis in the U.S. healthcare sector, where ransomware attacks, vendor compromise, and human error continue to cause widespread disruption. In 2023, breaches exposed 168 million records, and the first
React to this headline:
Breaches are up, budgets are too, so why isn’t healthcare safer? Read More »
Third-party partners or ticking time bombs? 2025-08-08 at 08:46 By Help Net Security In this Help Net Security video, Ngaire Elizabeth Guzzetti, Technical Director Supply Chain at CyXcel, discusses why a third of U.S. organizations don’t trust third-party vendors to manage critical risks and what that means for supply chain security. She breaks down the
React to this headline:
Third-party partners or ticking time bombs? Read More »
From fake CAPTCHAs to RATs: Inside 2025’s cyber deception threat trends 2025-08-08 at 08:07 By Sinisa Markovic Cybercriminals are getting better at lying. That’s the takeaway from a new LevelBlue report, which outlines how attackers are using social engineering and legitimate tools to quietly move through environments before they’re caught. Data showing at what stage
React to this headline:
From fake CAPTCHAs to RATs: Inside 2025’s cyber deception threat trends Read More »
Beyond PQC: Building adaptive security programs for the unknown 2025-08-07 at 09:15 By Mirko Zorz In this Help Net Security interview, Jordan Avnaim, CISO at Entrust, discusses how to communicate the quantum computing threat to executive teams using a risk-based approach. He explains why post-quantum cryptography (PQC) is an urgent and long-term priority. Avnaim also
React to this headline:
Beyond PQC: Building adaptive security programs for the unknown Read More »
AI can write your code, but nearly half of it may be insecure 2025-08-07 at 09:15 By Help Net Security While GenAI excels at producing functional code, it introduces security vulnerabilities in 45 percent of cases, according to Veracode’s 2025 GenAI Code Security Report, which analyzed code produced by over 100 LLMs across 80 real-world
React to this headline:
AI can write your code, but nearly half of it may be insecure Read More »
Energy companies are blind to thousands of exposed services 2025-08-07 at 07:02 By Anamarija Pogorelec Many of America’s largest energy providers are exposed to known and exploitable vulnerabilities, and most security teams may not even see them, according to a new report from SixMap. Researchers assessed the external attack surface of 21 major energy companies,
React to this headline:
Energy companies are blind to thousands of exposed services Read More »
Cybersecurity and the development of software-defined vehicles 2025-08-06 at 13:18 By Help Net Security In many automotive companies, the same systems-engineering teams are responsible for both safety and security. As a result, cybersecurity is treated as a subset of safety, undergirded by an implicit assumption: “If it’s safe, it must be secure.” But that’s not
React to this headline:
Cybersecurity and the development of software-defined vehicles Read More »
Ransomware is up, zero-days are booming, and your IP camera might be next 2025-08-06 at 08:47 By Help Net Security Cyber attackers are finding new ways in through the overlooked and unconventional network corners. Forescout’s 2025H1 Threat Review reveals a surge in advanced tactics, with zero-day exploits up 46 percent and ransomware attacks averaging 20
React to this headline:
Ransomware is up, zero-days are booming, and your IP camera might be next Read More »
AI in the SOC: Game-changer or more noise? 2025-08-06 at 08:02 By Help Net Security In this Help Net Security video, Kev Marriott, Senior Manager of Cyber at Immersive Labs, explores the challenges and opportunities of integrating AI into Security Operations Centers (SOCs). While AI can boost productivity by automating manual tasks and reducing alert
React to this headline:
AI in the SOC: Game-changer or more noise? Read More »
Why 90% of cyber leaders are feeling the heat 2025-08-06 at 08:02 By Anamarija Pogorelec 90% of cyber leaders find managing cyber risks harder today than five years ago, mainly due to the explosion of AI and expanding attack surfaces, according to BitSight. These threats are also fueling high rates of burnout, with 47% of
React to this headline:
Why 90% of cyber leaders are feeling the heat Read More »
CISOs say they’re prepared, their data says otherwise 2025-08-06 at 08:02 By Sinisa Markovic Most security teams believe they can act quickly when a threat emerges. But many don’t trust the very data they rely on to do so, and that’s holding them back. A new Axonius report, based on a survey of 500 U.S.-based
React to this headline:
CISOs say they’re prepared, their data says otherwise Read More »
Security tooling pitfalls for small teams: Cost, complexity, and low ROI 2025-08-05 at 10:11 By Mirko Zorz In this Help Net Security interview, Aayush Choudhury, CEO at Scrut Automation, discusses why many security tools built for large enterprises don’t work well for leaner, cloud-native teams. He explains how simplicity, integration, and automation are key for
React to this headline:
Security tooling pitfalls for small teams: Cost, complexity, and low ROI Read More »
Your employees uploaded over a gig of files to GenAI tools last quarter 2025-08-05 at 08:17 By Help Net Security In Q2 2025, Harmonic reviewed 1 million GenAI prompts and 20,000 uploaded files across more than 300 GenAI and AI-powered SaaS apps, and the findings confirm that sensitive data is being exposed through GenAI tools,
React to this headline:
Your employees uploaded over a gig of files to GenAI tools last quarter Read More »
Ransomware groups shift to quadruple extortion to maximize pressure 2025-08-05 at 07:33 By Help Net Security Threat actors are using a new quadruple extortion tactic in ransomware campaigns, while double extortion remains the most common approach, according to Akamai. Ransomware extortion tactics (Source: Akamai) The emerging trend of quadruple extortion includes using DDoS attacks to
React to this headline:
Ransomware groups shift to quadruple extortion to maximize pressure Read More »