Don’t miss

Microsoft unveils “centralized” software update tool for Windows

backup, Don't miss, enterprise, Hot stuff, Microsoft, News, orchestration, SMBs, Windows /

Microsoft unveils “centralized” software update tool for Windows 2025-05-29 at 14:49 By Zeljka Zorz Microsoft is looking to streamline the software updating process for IT admins and users by providing a Windows-native update orchestration platform, and to help organizations upgrade their computer fleet to Windows 11 with the help of Windows Backup for Organizations. The […]

React to this headline:

Loading spinner

Microsoft unveils “centralized” software update tool for Windows Read More »

What CISOs can learn from the frontlines of fintech cybersecurity

CISO, conferences, cybersecurity, Don't miss, Features, Hot stuff, Mastercard, News, opinion, Span, strategy, tips /

What CISOs can learn from the frontlines of fintech cybersecurity 2025-05-29 at 09:03 By Mirko Zorz At Span Cyber Security Arena, I sat down with Ria Shetty, Director, Cyber Security & Resilience for Europe at Mastercard. Our conversation cut through the hype and focused on what CISOs deal with every day: how to embed security

React to this headline:

Loading spinner

What CISOs can learn from the frontlines of fintech cybersecurity Read More »

How to threat hunt Living Off The Land binaries

cybersecurity, Don't miss, News, strategy, threat hunting, tips, Video /

How to threat hunt Living Off The Land binaries 2025-05-29 at 07:32 By Help Net Security In this Help Net Security video, Lee Archinal, Senior Threat Hunter at Intel 471, walks through practical strategies for detecting malicious activity involving Living Off The Land binaries (LOLBins). These are legitimate tools built into operating systems, such as

React to this headline:

Loading spinner

How to threat hunt Living Off The Land binaries Read More »

Review: Cybersecurity For Dummies, 3rd Edition

books, cybersecurity, Don't miss, Hot stuff, News, Review, Reviews, skill development /

Review: Cybersecurity For Dummies, 3rd Edition 2025-05-29 at 07:01 By Mirko Zorz If you’re new to cybersecurity and looking for a book that doesn’t overwhelm you with jargon or dive too deep into technical territory, Cybersecurity For Dummies might be a solid starting point. It’s written with beginners in mind and assumes you know how

React to this headline:

Loading spinner

Review: Cybersecurity For Dummies, 3rd Edition Read More »

Attackers hit MSP, use its RMM software to deliver ransomware to clients

Don't miss, Hot stuff, MSP, News, Ransomware, remote management, SimpleHelp, SMBs, Sophos, vulnerability /

Attackers hit MSP, use its RMM software to deliver ransomware to clients 2025-05-28 at 14:36 By Zeljka Zorz A threat actor wielding the DragonForce ransomware has compromised an unnamed managed service provider (MSP) and pushed the malware onto its client organizations via SimpleHelp, a legitimate remote monitoring and management (RMM) tool. “Sophos MDR has medium

React to this headline:

Loading spinner

Attackers hit MSP, use its RMM software to deliver ransomware to clients Read More »

Why data provenance must anchor every CISO’s AI governance strategy

Artificial Intelligence, CISO, cybersecurity, data, Don't miss, Expert analysis, Expert corner, Exterro, Hot stuff, News, opinion, strategy /

Why data provenance must anchor every CISO’s AI governance strategy 2025-05-28 at 08:30 By Help Net Security Across the enterprise, artificial intelligence has crept into core functions – not through massive digital transformation programs, but through quiet, incremental adoption. Legal departments are summarizing contracts. HR is rewording sensitive employee communications. Compliance teams are experimenting with

React to this headline:

Loading spinner

Why data provenance must anchor every CISO’s AI governance strategy Read More »

Woodpecker: Open-source red teaming for AI, Kubernetes, APIs

Don't miss, GitHub, News, open source, Operant AI, red team, software /

Woodpecker: Open-source red teaming for AI, Kubernetes, APIs 2025-05-28 at 08:17 By Mirko Zorz Woodpecker is an open-source tool that automates red teaming, making advanced security testing easier and more accessible. It helps teams find and fix security weaknesses in AI systems, Kubernetes environments, and APIs before attackers can exploit them. Key features of Woodpecker

React to this headline:

Loading spinner

Woodpecker: Open-source red teaming for AI, Kubernetes, APIs Read More »

Hottest cybersecurity open-source tools of the month: May 2025

cybersecurity, Don't miss, GitHub, News, open source, software /

Hottest cybersecurity open-source tools of the month: May 2025 2025-05-28 at 07:03 By Help Net Security This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Vuls: Open-source agentless vulnerability scanner Vuls is an open-source tool that helps users find and manage security vulnerabilities. It was created

React to this headline:

Loading spinner

Hottest cybersecurity open-source tools of the month: May 2025 Read More »

Vulnerabilities found in NASA’s open source software

code analysis, Don't miss, Hot stuff, NASA, News, open source, ThreatLeap, vulnerability, vulnerability disclosure /

Vulnerabilities found in NASA’s open source software 2025-05-27 at 15:48 By Zeljka Zorz Vulnerabilities in open source software developed and used in-house by NASA could be exploited to breach their systems, claims Leon Juranić, security researcher and founder of cybersecurity startup ThreatLeap. The vulnerabilities Juranić, whose AppSec credentials include founding and leading DefenseCode, is no

React to this headline:

Loading spinner

Vulnerabilities found in NASA’s open source software Read More »

Why app modernization can leave you less secure

Application Security, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, identity management, News, opinion, Strata Identity, strategy /

Why app modernization can leave you less secure 2025-05-27 at 09:09 By Help Net Security Enterprises typically “modernize” access patterns for an application by enabling industry standard protocols like OIDC or SAML to provide single sign-on (SSO) for legacy apps via a cloud identity provider (IDP). That’s a major step towards better user experience, improved

React to this headline:

Loading spinner

Why app modernization can leave you less secure Read More »

How AI agents reshape industrial automation and risk management

Artificial Intelligence, critical infrastructure, cybersecurity, Don't miss, Features, framework, Hot stuff, News, Siemens, standards, strategy /

How AI agents reshape industrial automation and risk management 2025-05-27 at 08:33 By Mirko Zorz In this Help Net Security interview, Michael Metzler, Vice President Horizontal Management Cybersecurity for Digital Industries at Siemens, discusses the cybersecurity implications of deploying AI agents in industrial environments. He talks about the risks that come with AI agents making

React to this headline:

Loading spinner

How AI agents reshape industrial automation and risk management Read More »

How well do you know your remote IT worker?

cybersecurity, Don't miss, Hot stuff, Insider Threat, News, North Korea, remote working, threat, tips /

How well do you know your remote IT worker? 2025-05-27 at 08:06 By Sinisa Markovic Is the remote IT worker you recently hired really who he says he is? Fake IT workers are slipping into companies around the world, gaining access to sensitive data. Recently, more of these schemes have been linked to North Korea.

React to this headline:

Loading spinner

How well do you know your remote IT worker? Read More »

LlamaFirewall: Open-source framework to detect and mitigate AI centric security risks

Artificial Intelligence, Don't miss, framework, GitHub, Hot stuff, Meta, News, open source, software /

LlamaFirewall: Open-source framework to detect and mitigate AI centric security risks 2025-05-26 at 08:52 By Mirko Zorz LlamaFirewall is a system-level security framework for LLM-powered applications, built with a modular design to support layered, adaptive defense. It is designed to mitigate a wide spectrum of AI agent security risks including jailbreaking and indirect prompt injection,

React to this headline:

Loading spinner

LlamaFirewall: Open-source framework to detect and mitigate AI centric security risks Read More »

NIST proposes new metric to gauge exploited vulnerabilities

CISA, CISO, Don't miss, News, NIST, patching, security metrics, vulnerability assessment, vulnerability management /

NIST proposes new metric to gauge exploited vulnerabilities 2025-05-26 at 08:06 By Help Net Security NIST has introduced a new way to estimate which software vulnerabilities have likely been exploited, and it’s calling on the cybersecurity community to help improve and validate the method. The new metric, “Likely Exploited Vulnerabilities” (LEV), aims to close a

React to this headline:

Loading spinner

NIST proposes new metric to gauge exploited vulnerabilities Read More »

Cyber threats are changing and here’s what you should watch for

CISO, CSIS Security Group, cybersecurity, Don't miss, News, threats, Video /

Cyber threats are changing and here’s what you should watch for 2025-05-26 at 07:33 By Help Net Security In this Help Net Security video, Stefan Tanase, Cyber Intelligence Expert at CSIS, gives an overview of how cybercriminals are changing their tactics, including using legitimate tools to avoid detection and developing more advanced info-stealing malware. Tanase

React to this headline:

Loading spinner

Cyber threats are changing and here’s what you should watch for Read More »

Chinese cyber spies are using Ivanti EPMM flaws to breach EU, US organizations

aerospace, cyber espionage, Don't miss, EclecticIQ, EU, financial industry, Government, government-backed attacks, healthcare, Hot stuff, Ivanti, manufacturing sector, News, telecommunications, USA, Wiz /

Chinese cyber spies are using Ivanti EPMM flaws to breach EU, US organizations 2025-05-23 at 17:21 By Zeljka Zorz CVE-2025-4427 and CVE-2025-4428 – the two Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities that have been exploited in the wild as zero-days and patched by Ivanti last week – are being leveraged by a Chinese cyber espionage

React to this headline:

Loading spinner

Chinese cyber spies are using Ivanti EPMM flaws to breach EU, US organizations Read More »

TikTok videos + ClickFix tactic = Malware infection

Don't miss, Hot stuff, Malware, News, security awareness, social engineering, TikTok, Trend Micro /

TikTok videos + ClickFix tactic = Malware infection 2025-05-23 at 15:53 By Zeljka Zorz Malware peddlers are using TikTok videos and the ClickFix tactic to trick users into installing infostealer malware on their computers, Trend Micro researchers have warned. The videos are getting published by a number of TikTok user accounts, seem AI-made, and are

React to this headline:

Loading spinner

TikTok videos + ClickFix tactic = Malware infection Read More »

DanaBot botnet disrupted, QakBot leader indicted

court, CrowdStrike, Don't miss, ESET, Eurojust, Europol, Fox-IT, Hot stuff, law enforcement, News, Proofpoint, Shadowserver, US DoJ, Zscaler /

DanaBot botnet disrupted, QakBot leader indicted 2025-05-23 at 14:17 By Zeljka Zorz Operation Endgame, mounted by law enforcement and judicial authorities from the US, Canada and the EU, continues to deliver positive results by disrupting the DanaBot botnet and indicting the leaders of both the DanaBot and Qakbot Malware-as-a-Service operations. Operation Endgame 2.0 Coordinated by

React to this headline:

Loading spinner

DanaBot botnet disrupted, QakBot leader indicted Read More »

Is privacy becoming a luxury? A candid look at consumer data use

cybersecurity, Data Protection, Don't miss, Features, Hot stuff, News, opinion, Privacy, regulation /

Is privacy becoming a luxury? A candid look at consumer data use 2025-05-23 at 09:02 By Mirko Zorz In this Help Net Security interview, Dr. Joy Wu, Assistant Professor, UBC Sauder School of Business, discusses the psychological and societal impacts of data monetization, why current privacy disclosures often fall short, and what it will take

React to this headline:

Loading spinner

Is privacy becoming a luxury? A candid look at consumer data use Read More »

Scroll to Top