Don’t miss

RansomHub affiliate leverages multi-function Betruger backdoor

backdoor, Don't miss, Hot stuff, Malware, News, Ransomware, Symantec /

RansomHub affiliate leverages multi-function Betruger backdoor 2025-03-20 at 12:03 By Zeljka Zorz A RansomHub affiliate is leveraging a new multi-function backdoor dubbed Betruger to perform various actions during their attacks, Symantec researchers have discovered. The Betruger backdoor The malware can take screenshots, log keystroke, scan networks, dump credentials, upload files to a command and control […]

React to this headline:

Loading spinner

RansomHub affiliate leverages multi-function Betruger backdoor Read More »

Kali Linux 2025.1a drops with theme refresh, Kali NetHunter updates

Don't miss, Kali Linux, News, OffSec, open source, penetration testing, software /

Kali Linux 2025.1a drops with theme refresh, Kali NetHunter updates 2025-03-20 at 09:32 By Help Net Security Kali Linux 2025.1a is now available. This release enhances existing features with improvements designed to streamline your experience. 2025 theme refresh Kali Linux 2025.1a introduces an annual theme refresh, maintaining a modern interface. This year’s update debuts a

React to this headline:

Loading spinner

Kali Linux 2025.1a drops with theme refresh, Kali NetHunter updates Read More »

5 pitfalls that can delay cyber incident response and recovery

automation, CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Incident Response, News, opinion, ShadowHQ, threats /

5 pitfalls that can delay cyber incident response and recovery 2025-03-20 at 08:35 By Help Net Security The responsibility of cyber incident response falls squarely on the shoulders of the CISO. And many CISOs invest heavily in technical response procedures, tabletop exercises and theoretical plans only to find out that when an actual breach strikes

React to this headline:

Loading spinner

5 pitfalls that can delay cyber incident response and recovery Read More »

How healthcare CISOs can balance security and accessibility without compromising care

CISO, cyber risk, cybersecurity, Don't miss, Features, healthcare, HealthEquity, Hot stuff, News, opinion, Risk Management, security controls, strategy /

How healthcare CISOs can balance security and accessibility without compromising care 2025-03-20 at 08:35 By Mirko Zorz In this Help Net Security interview, Sunil Seshadri, EVP and CSO at HealthEquity, talks about the growing risks to healthcare data and what organizations can do to stay ahead. He shares insights on vendor management, zero trust, and

React to this headline:

Loading spinner

How healthcare CISOs can balance security and accessibility without compromising care Read More »

Report: The State of Secrets Sprawl 2025

Don't miss, GitGuardian, News, report, Whitepapers and webinars /

Report: The State of Secrets Sprawl 2025 2025-03-19 at 16:31 By Help Net Security GitGuardian’s State of Secrets Sprawl 2025 report shows no progress in combating secrets sprawl, with 23.8 million secrets leaked on public GitHub repositories in 2024—a 25% year-over-year increase. Despite GitHub Push Protection’s efforts, secrets sprawl is accelerating, especially with generic secrets,

React to this headline:

Loading spinner

Report: The State of Secrets Sprawl 2025 Read More »

APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373)

APT, cyber espionage, cybercrime, Don't miss, exploit, Hot stuff, News, Windows /

APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373) 2025-03-19 at 16:00 By Zeljka Zorz State-sponsored threat actors and cybercrime groups from North Korea, Iran, Russia, and China have been exploiting a zero-day Windows vulnerability with no fix in sight for the last eight years, researchers with Trend Micro’s Zero Day Initiative

React to this headline:

Loading spinner

APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373) Read More »

Moving beyond checkbox security for true resilience

CISO, Compliance, cybersecurity, Don't miss, Features, Hot stuff, MITRE, News, opinion, strategy, threats /

Moving beyond checkbox security for true resilience 2025-03-19 at 08:13 By Mirko Zorz In this Help Net Security interview, William Booth, director, ATT&CK Evaluations at MITRE, discusses how CISOs can integrate regulatory compliance with proactive risk management, prioritize spending based on threat-informed assessments, and address overlooked vulnerabilities like shadow IT and software supply chain risks.

React to this headline:

Loading spinner

Moving beyond checkbox security for true resilience Read More »

Dependency-Check: Open-source Software Composition Analysis (SCA) tool

CVE, cybersecurity, Don't miss, GitHub, News, OWASP, software /

Dependency-Check: Open-source Software Composition Analysis (SCA) tool 2025-03-19 at 07:47 By Help Net Security Dependency-Check is an open-source Software Composition Analysis (SCA) tool to identify publicly disclosed vulnerabilities within a project’s dependencies. The tool analyzes dependencies for Common Platform Enumeration (CPE) identifiers. When a match is found, the tool generates a report with links to

React to this headline:

Loading spinner

Dependency-Check: Open-source Software Composition Analysis (SCA) tool Read More »

Protecting your iCloud data after Apple’s Advanced Data Protection removal in the UK

apple, cybersecurity, data security, Don't miss, Encryption, Government, how-to, News, Privacy, tips, UK /

Protecting your iCloud data after Apple’s Advanced Data Protection removal in the UK 2025-03-19 at 07:16 By Help Net Security Advanced Data Protection (ADP) secures iCloud data with end-to-end encryption. This ensures that no one, not even Apple, can access the encrypted data, which remains secure even in the event of a cloud breach. As

React to this headline:

Loading spinner

Protecting your iCloud data after Apple’s Advanced Data Protection removal in the UK Read More »

The rise of DAST 2.0 in 2025

Application Security, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, security testing, StackHawk /

The rise of DAST 2.0 in 2025 2025-03-18 at 18:02 By Help Net Security Static Application Security Testing (SAST) found favor among security teams as an easy way to deploy security testing without really engaging developers. With the ability to analyze source code early in the software delivery lifecycle, SAST solutions offered a more proactive

React to this headline:

Loading spinner

The rise of DAST 2.0 in 2025 Read More »

FBI: Free file converter sites and tools deliver malware

adware, Don't miss, FBI, Hot stuff, Malware, Malwarebytes, News, trojan /

FBI: Free file converter sites and tools deliver malware 2025-03-18 at 13:35 By Zeljka Zorz Malware peddlers are increasingly targeting users who are searching for free file converter services (websites) and tools, the FBI’s Denver Field Office has warned earlier this month. “To conduct this scheme, cyber criminals across the globe are using any type

React to this headline:

Loading spinner

FBI: Free file converter sites and tools deliver malware Read More »

How financial institutions can minimize their attack surface

CISO, cybersecurity, Discover, Don't miss, Features, financial industry, Hot stuff, News, online banking, opinion, regulation, Risk Management, threats /

How financial institutions can minimize their attack surface 2025-03-18 at 08:01 By Mirko Zorz In this Help Net Security interview, Sunil Mallik, CISO of Discover Financial Services, discusses cybersecurity threats for financial institutions. He also shares insights on balancing compliance with agility, lessons from regulatory audits, and Discover’s approach to risk management and workforce development.

React to this headline:

Loading spinner

How financial institutions can minimize their attack surface Read More »

Pay, fight, or stall? The dilemma of ransomware negotiations

cybercrime, cybersecurity, Don't miss, GroupSense, Ransomware, strategy, Video /

Pay, fight, or stall? The dilemma of ransomware negotiations 2025-03-17 at 08:02 By Help Net Security Ransomware negotiations are a high-stakes game where every decision matters. In this Help Net Security video, Kurtis Minder, CEO at GroupSense, takes us inside the world of ransomware negotiations. We learn how attackers communicate, the tough decisions victims face,

React to this headline:

Loading spinner

Pay, fight, or stall? The dilemma of ransomware negotiations Read More »

Review: Cybersecurity Tabletop Exercises

books, cybersecurity, Don't miss, Hot stuff, Incident Response, News, Review, Reviews, skill development, strategy, tips /

Review: Cybersecurity Tabletop Exercises 2025-03-17 at 07:31 By Mirko Zorz Packed with real-world case studies and practical examples, Cybersecurity Tabletop Exercises offers insights into how organizations have successfully leveraged tabletop exercises to identify security gaps and enhance their incident response strategies. The authors explore a range of realistic scenarios, including phishing campaigns, ransomware attacks, and

React to this headline:

Loading spinner

Review: Cybersecurity Tabletop Exercises Read More »

IntelMQ: Open-source tool for collecting and processing security feeds

Don't miss, GitHub, News, open source, software, Threat Intelligence /

IntelMQ: Open-source tool for collecting and processing security feeds 2025-03-17 at 07:02 By Mirko Zorz IntelMQ is an open-source solution designed to help IT security teams (including CERTs, CSIRTs, SOCs, and abuse departments) streamline the collection and processing of security feeds using a message queuing protocol. “Originally designed for CSIRTs and later adopted by SOCs,

React to this headline:

Loading spinner

IntelMQ: Open-source tool for collecting and processing security feeds Read More »

Quantifying cyber risk strategies to resonate with CFOs and boards

CISO, cyber risk, cybersecurity, Data Protection, Don't miss, Features, Hot stuff, News, opinion, PwC, resilience, strategy /

Quantifying cyber risk strategies to resonate with CFOs and boards 2025-03-14 at 17:02 By Mirko Zorz In this Help Net Security interview, Mir Kashifuddin, Data Risk & Privacy Leader at PwC, discusses how CISOs can translate cyber risk into business value and secure a more strategic role within their organizations. He explains that aligning cybersecurity

React to this headline:

Loading spinner

Quantifying cyber risk strategies to resonate with CFOs and boards Read More »

Top 5 threats keeping CISOs up at night in 2025

Artificial Intelligence, CISO, cybersecurity, Don't miss, Hot stuff, News, Ransomware, regulation, strategy, supply chain attacks, threats, tips /

Top 5 threats keeping CISOs up at night in 2025 2025-03-14 at 08:05 By Help Net Security Cyber threats in 2025 require a proactive, adaptive approach. To stay ahead, CISOs must balance technical defenses, regulatory expectations, and human factors. By prioritizing AI-driven security, ransomware resilience, supply chain risk management, insider threat mitigation, and compliance preparedness,

React to this headline:

Loading spinner

Top 5 threats keeping CISOs up at night in 2025 Read More »

CISOs, are your medical devices secure? Attackers are watching closely

CISO, Claroty, cyber risk, cybersecurity, Don't miss, hardware, healthcare, Hot stuff, legacy technology, News, Risk Management, strategy, tips, Vigilant Ops /

CISOs, are your medical devices secure? Attackers are watching closely 2025-03-13 at 08:02 By Mirko Zorz The adoption of connected medical devices, collectively called the Internet of Medical Things (IoMT), has transformed patient care. However, this technological advancement has also introduced cybersecurity challenges to safeguard patient safety and uphold organizational security. Securing IoMT: Prioritizing risks

React to this headline:

Loading spinner

CISOs, are your medical devices secure? Attackers are watching closely Read More »

Cybersecurity classics: 10 books that shaped the industry

books, cybersecurity, Don't miss, News /

Cybersecurity classics: 10 books that shaped the industry 2025-03-13 at 07:32 By Help Net Security Cybersecurity constantly evolves, but some books have stood the test of time, shaping how professionals think about security, risk, and digital threats. Whether you’re a CISO, a seasoned expert, or cybersecurity enthusiast, these must-reads belong on your shelf. Masters of

React to this headline:

Loading spinner

Cybersecurity classics: 10 books that shaped the industry Read More »

Scroll to Top