The U.S. Cyber Trust Mark set to launch 2025-01-08 at 16:03 By Zeljka Zorz The White House has announced the launch of the U.S. Cyber Trust Mark, a voluntary cybersecurity labeling program for consumer-grade internet-connected devices. “The White House launched this bipartisan effort to educate American consumers and give them an easy way to assess […]
React to this headline:
The U.S. Cyber Trust Mark set to launch Read More »
Mitel MiCollab, Oracle WebLogic Server vulnerabilities exploited by attackers 2025-01-08 at 14:20 By Zeljka Zorz CISA has added Mitel MiCollab (CVE-2024-41713, CVE-2024-55550) and Oracle WebLogic Server (CVE-2020-2883) vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The Mitel MiCollab vulnerabilities exploited Mitel MiCollab is a popular enterprise collaboration suite. CVE-2024-41713 and CVE-2024-55550 are both path traversal
React to this headline:
Mitel MiCollab, Oracle WebLogic Server vulnerabilities exploited by attackers Read More »
Why an “all gas, no brakes” approach for AI use won’t work 2025-01-08 at 07:33 By Help Net Security Machine learning and generative AI are changing the way knowledge workers do their jobs. Every company is eager to be “an AI company,” but AI can often seem like a black box, and the fear of
React to this headline:
Why an “all gas, no brakes” approach for AI use won’t work Read More »
Scaling penetration testing through smart automation 2025-01-08 at 07:06 By Mirko Zorz In this Help Net Security interview, Marko Simeonov, CEO of Plainsea, discusses how organizations can move beyond compliance-driven penetration testing toward a more strategic, risk-based approach. He explains how automation, human expertise, and continuous monitoring can transform penetration testing into a dynamic, business-critical
React to this headline:
Scaling penetration testing through smart automation Read More »
UN aviation agency investigating possible data breach 2025-01-07 at 16:49 By Zeljka Zorz The United Nation’s International Civil Aviation Organization (ICAO) confirmed on Monday that it’s “actively investigating reports of a potential information security incident allegedly linked to a threat actor known for targeting international organizations.” The statement came a few days after 42,000 documents
React to this headline:
UN aviation agency investigating possible data breach Read More »
CISA says Treasury was the only US agency breached via BeyondTrust 2025-01-07 at 14:18 By Zeljka Zorz The US Cybersecurity and Infrastructure Security Agency (CISA) has shared on Monday that the Treasury Department was the only US federal agency affected by the recent cybersecurity incident involving compromised BeyondTrust Remote Support SaaS instances. On the same
React to this headline:
CISA says Treasury was the only US agency breached via BeyondTrust Read More »
Making the most of cryptography, now and in the future 2025-01-07 at 08:03 By Help Net Security Enterprise cryptography faces risks beyond just the advent of quantum computers. For starters, there is no guarantee that the traditional algorithms have not been broken. Though we believe that it is “unlikely” they can be, the reality is
React to this headline:
Making the most of cryptography, now and in the future Read More »
eBay CISO on managing long-term cybersecurity planning and ROI 2025-01-07 at 07:33 By Mirko Zorz In this Help Net Security interview, Sean Embry, CISO at eBay, discusses key aspects of cybersecurity leadership. He shares insights on balancing long-term strategic planning with immediate threat response, evaluating the ROI of new technologies, and addressing employee cybersecurity fatigue.
React to this headline:
eBay CISO on managing long-term cybersecurity planning and ROI Read More »
Open source worldwide: Critical maintenance gaps exposed 2025-01-07 at 06:31 By Help Net Security Lineaje recently released a report identifying the US and Russia as the leading generators of open-source projects, with both countries also having the highest numbers of anonymous open-source contributions. In this Help Net Security video, Nick Mistry, SVP and CISO of
React to this headline:
Open source worldwide: Critical maintenance gaps exposed Read More »
Balancing proprietary and open-source tools in cyber threat research 2025-01-06 at 07:38 By Mirko Zorz In this Help Net Security interview, Thomas Roccia, Senior Security Researcher at Microsoft, discusses how threat research drives faster, better decision-making in cybersecurity operations. Roccia provides insights into balancing internal and external research strategies, the influence of AI and geopolitical
React to this headline:
Balancing proprietary and open-source tools in cyber threat research Read More »
The modern CISO is a cornerstone of organizational success 2025-01-03 at 07:36 By Help Net Security The chief information security officer (CISO) role has undergone a remarkable transformation, evolving from a purely technical position to a role that bridges business strategy, operational efficiency, and cybersecurity. The post The modern CISO is a cornerstone of organizational
React to this headline:
The modern CISO is a cornerstone of organizational success Read More »
Best practices for ensuring a secure browsing environment 2025-01-03 at 07:36 By Mirko Zorz In this Help Net Security interview, Devin Ertel, CISO at Menlo Security, discusses how innovations like AI and closer collaboration between browser vendors and security providers will shape the future of browser security. The post Best practices for ensuring a secure
React to this headline:
Best practices for ensuring a secure browsing environment Read More »
Kata Containers: Open-source container runtime, building lightweight VMs 2025-01-02 at 07:04 By Mirko Zorz Kata Containers is an open-source project dedicated to creating a secure container runtime that combines the performance and simplicity of containers with the enhanced isolation of lightweight virtual machines. By leveraging hardware virtualization technology, it adds an extra layer of defense
React to this headline:
Kata Containers: Open-source container runtime, building lightweight VMs Read More »
Why software is the key to FI risk management 2024-12-31 at 07:33 By Help Net Security Risk management is important, but it’s not always exciting. Many risk professionals still rely on spreadsheets and manual methods despite the availability of better options. Excel is familiar and cost-effective. Some spreadsheets are handy for certain risk management activities.
React to this headline:
Why software is the key to FI risk management Read More »
Hottest cybersecurity open-source tools of the month: December 2024 2024-12-31 at 06:03 By Help Net Security This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. SafeLine: Open-source web application firewall (WAF) SafeLine is an open-source and self-hosted Web Application Firewall (WAF) that protects websites from cyber
React to this headline:
Hottest cybersecurity open-source tools of the month: December 2024 Read More »
The sixth sense of cybersecurity: How AI spots threats before they strike 2024-12-30 at 07:47 By Mirko Zorz In this Help Net Security interview, Vineet Chaku, President of Reaktr.ai, discusses how AI is transforming cybersecurity, particularly in anomaly detection and threat identification. Chaku talks about the skills cybersecurity professionals need to collaborate with AI systems
React to this headline:
The sixth sense of cybersecurity: How AI spots threats before they strike Read More »
reconFTW: Open-source reconnaissance automation 2024-12-30 at 07:05 By Help Net Security reconFTW is an open-source tool that simplifies and automates the reconnaissance process, delivering subdomain enumeration, vulnerability assessment, and gathering intelligence about a target. Using various techniques — such as passive and brute-force methods, permutations, certificate transparency analysis, source code scraping, analytics tracking, and DNS
React to this headline:
reconFTW: Open-source reconnaissance automation Read More »
The future of data and AI: Seven trends shaping 2025 and beyond 2024-12-27 at 07:31 By Help Net Security In 2025, seven trends will shape the future of data and AI, offering advantages for those who see these changes not as challenges but as opportunities to innovate and excel. The post The future of data
React to this headline:
The future of data and AI: Seven trends shaping 2025 and beyond Read More »
Overwhelmed by fraud? Here’s how financial pros fight back 2024-12-27 at 07:04 By Mirko Zorz In this Help Net Security interview, Patrick Harding, Chief Architect at Ping Identity, discusses the growing threat of deepfake-related fraud and its impact on financial security. He also discusses overlooked vulnerabilities in digital banking and offers advice for organizations to
React to this headline:
Overwhelmed by fraud? Here’s how financial pros fight back Read More »
2025 is going to be a bumpy year for IoT 2024-12-24 at 08:18 By Help Net Security In the Internet of Things (IoT) sector, 2025 is shaping up to be a politically charged year. Major global jurisdictions are set to implement device security regulations, coinciding with potential tariffs, shifting production dynamics, and rising geopolitical tensions.
React to this headline:
2025 is going to be a bumpy year for IoT Read More »