Qantas data breach could affect 6 million customers 2025-07-02 at 14:04 By Zeljka Zorz Qantas has suffered a cyber incident that has lead to a data breach. “The incident occurred when a cyber criminal targeted a call centre and gained access to a third-party customer servicing platform,” the Australian airline announced today, but said that […]
React to this headline:
Qantas data breach could affect 6 million customers Read More »
Cybersecurity essentials for the future: From hype to what works 2025-07-02 at 09:03 By Mirko Zorz Cybersecurity never stands still. One week it’s AI-powered attacks, the next it’s a new data breach, regulation, or budget cut. With all that noise, it’s easy to get distracted. But at the end of the day, the goal stays
React to this headline:
Cybersecurity essentials for the future: From hype to what works Read More »
How FinTechs are turning GRC into a strategic enabler 2025-07-02 at 08:36 By Mirko Zorz In this Help Net Security interview, Alexander Clemm, Corp GRC Lead, Group CISO, and BCO at Riverty, shares how the GRC landscape for FinTechs has matured in response to tighter regulations and global growth. He discusses the impact of frameworks
React to this headline:
How FinTechs are turning GRC into a strategic enabler Read More »
Secretless Broker: Open-source tool connects apps securely without passwords or keys 2025-07-02 at 08:01 By Mirko Zorz Secretless Broker is an open-source connection broker that eliminates the need for client applications to manage secrets when accessing target services like databases, web services, SSH endpoints, or other TCP-based systems. Secretless Broker features “We created Secretless Broker
React to this headline:
Secretless Broker: Open-source tool connects apps securely without passwords or keys Read More »
Product showcase: Protect your data with Apricorn Aegis Secure Key 3NXC 2025-07-02 at 07:31 By Anamarija Pogorelec The Apricorn Aegis Secure Key 3NXC is a 256-bit AES XTS hardware-encrypted flash drive with a USB-C connector. It is available in storage capacities ranging from 4GB to 512GB and holds FIPS 140-2 Level 3 validation. The device
React to this headline:
Product showcase: Protect your data with Apricorn Aegis Secure Key 3NXC Read More »
Microsoft introduces protection against email bombing 2025-07-01 at 18:54 By Zeljka Zorz By the end of July 2025, all Microsoft Defender for Office 365 customers should be protected from email bombing attacks by default, Microsoft has announced on Monday. What is email bombing? Email bombing (aka spam bombing) is an attack technique that results in
React to this headline:
Microsoft introduces protection against email bombing Read More »
Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) 2025-07-01 at 16:11 By Zeljka Zorz If you haven’t recently updated the Sudo utility on your Linux box(es), you should do so now, to patch two local privilege escalation vulnerabilities (CVE-2025-32462, CVE-2025-32463) that have been disclosed on Monday. What is Sudo? Sudo is command-line utility in Unix-like
React to this headline:
Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) Read More »
Google patches actively exploited Chrome (CVE‑2025‑6554) 2025-07-01 at 13:15 By Zeljka Zorz Google has released a security update for Chrome to address a zero‑day vulnerability (CVE-2025-6554) that its Threat Analysis Group (TAG) discovered and reported last week. “Google is aware that an exploit for CVE-2025-6554 exists in the wild,” the company said. About CVE-2025-6554 CVE-2025-6554
React to this headline:
Google patches actively exploited Chrome (CVE‑2025‑6554) Read More »
Federal Reserve System CISO on aligning cyber risk management with transparency, trust 2025-07-01 at 09:08 By Mirko Zorz In this Help Net Security interview, Tammy Hornsby-Fink, CISO at Federal Reserve System, shares how the Fed approaches cyber risk with a scenario-based, intelligence-driven strategy. She explains how the Fed assesses potential disruptions to financial stability and
React to this headline:
Federal Reserve System CISO on aligning cyber risk management with transparency, trust Read More »
How cybercriminals are weaponizing AI and what CISOs should do about it 2025-07-01 at 08:31 By Mirko Zorz In a recent case tracked by Flashpoint, a finance worker at a global firm joined a video call that seemed normal. By the end of it, $25 million was gone. Everyone on the call except the employee
React to this headline:
How cybercriminals are weaponizing AI and what CISOs should do about it Read More »
How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics 2025-07-01 at 07:34 By Help Net Security This article shares initial findings from internal Bitdefender Labs research into Living off the Land (LOTL) techniques. Our team at Bitdefender Labs, comprised of hundreds of security researchers with close ties to academia, conducted
React to this headline:
CitrixBleed 2 might be actively exploited (CVE-2025-5777) 2025-06-30 at 15:47 By Zeljka Zorz While Citrix has observed some instances where CVE-2025-6543 has been exploited on vulnerable NetScaler networking appliances, the company still says that they don’t have evidence of exploitation for CVE-2025-5349 or CVE-2025-5777, both of which have been patched earlier this month. CVE-2025-5777, in
React to this headline:
CitrixBleed 2 might be actively exploited (CVE-2025-5777) Read More »
RIFT: New open-source tool from Microsoft helps analyze Rust malware 2025-06-30 at 13:01 By Mirko Zorz Microsoft’s Threat Intelligence Center has released a new tool called RIFT to help malware analysts identify malicious code hidden in Rust binaries. While Rust is becoming more popular for its speed and memory safety, those same qualities make malware
React to this headline:
RIFT: New open-source tool from Microsoft helps analyze Rust malware Read More »
Are we securing AI like the rest of the cloud? 2025-06-30 at 09:01 By Mirko Zorz In this Help Net Security interview, Chris McGranahan, Director of Security Architecture & Engineering at Backblaze, discusses how AI is shaping both offensive and defensive cybersecurity tactics. He talks about how AI is changing the threat landscape, the complications
React to this headline:
Are we securing AI like the rest of the cloud? Read More »
How exposure-enriched SOC data can cut cyberattacks in half by 2028 2025-06-30 at 08:33 By Help Net Security Gartner projects that by 2028, organizations enriching their Security Operations Center (SOC) data with exposure insights will reduce the frequency and impact of cyberattacks by 50%. This bold forecast underscores a crucial shift: proactive exposure management is
React to this headline:
How exposure-enriched SOC data can cut cyberattacks in half by 2028 Read More »
Europe’s AI strategy: Smart caution or missed opportunity? 2025-06-30 at 08:03 By Mirko Zorz Europe is banking on AI to help solve its economic problems. Productivity is stalling, and tech adoption is slow. Global competitors, especially the U.S., are pulling ahead. A new report from Accenture says AI could help reverse that trend, but only
React to this headline:
Europe’s AI strategy: Smart caution or missed opportunity? Read More »
Why AI agents could be the next insider threat 2025-06-30 at 07:37 By Help Net Security In this Help Net Security video, Arun Shrestha, CEO of BeyondID, explains how AI agents, now embedded in daily operations, are often over-permissioned, under-monitored, and invisible to identity governance systems. With a special focus on the healthcare sector, Shrestha
React to this headline:
Why AI agents could be the next insider threat Read More »
Money mule networks evolve into hierarchical, business-like criminal enterprises 2025-06-27 at 09:12 By Mirko Zorz In this Help Net Security interview, Michal Tresner, CEO of ThreatMark, discusses how cybercriminals are weaponizing AI, automation, and social engineering to industrialize money mule operations. He looks at how these networks have changed and how behavioral intelligence is helping
React to this headline:
Money mule networks evolve into hierarchical, business-like criminal enterprises Read More »
Managing through chaos to secure networks 2025-06-27 at 08:39 By Anamarija Pogorelec Every time there’s a natural or manmade disaster that takes medical equipment offline, cuts connectivity to emergency services and loved ones, or shuts down access to ATMs, network engineers are at the center of the heroic efforts required to restore availability and uptime.
React to this headline:
Managing through chaos to secure networks Read More »
ClickFix attacks skyrocketing more than 500% 2025-06-26 at 12:02 By Sinisa Markovic ClickFix, a deceptive attack method, saw a surge of more than 500% in the first half of 2025, making it the second most common attack vector after phishing, according to ESET’s latest Threat Report. The report, which looks at trends from December 2024
React to this headline:
ClickFix attacks skyrocketing more than 500% Read More »