Don’t miss

How CISOs can make smarter risk decisions

Artificial Intelligence, CISO, cybercriminals, cybersecurity, Don't miss, Features, fraud, Hot stuff, HUMAN Security, News, opinion /

How CISOs can make smarter risk decisions 2024-12-24 at 07:03 By Mirko Zorz In this Help Net Security interview, Gavin Reid, CISO at HUMAN Security, talks about the latest cybersecurity threats and how attackers are becoming more sophisticated. He explains the difficulties organizations encounter in detecting fraud and malicious bots while keeping the user experience […]

React to this headline:

Loading spinner

How CISOs can make smarter risk decisions Read More »

Evilginx: Open-source man-in-the-middle attack framework

Don't miss, GitHub, Hot stuff, News, open source, penetration testing, software /

Evilginx: Open-source man-in-the-middle attack framework 2024-12-23 at 07:37 By Mirko Zorz Evilginx is an open-source man-in-the-middle attack framework designed to phish login credentials and session cookies, enabling attackers to bypass 2FA safeguards. “Back in 2017, I was experimenting with extracting cookies from one browser and importing them into another. I realized this technique could effectively

React to this headline:

Loading spinner

Evilginx: Open-source man-in-the-middle attack framework Read More »

Maximizing the impact of cybercrime intelligence on business resilience

cybercriminals, cybersecurity, Don't miss, Features, Hot stuff, Intel 471, News, opinion, Threat Intelligence /

Maximizing the impact of cybercrime intelligence on business resilience 2024-12-23 at 07:16 By Mirko Zorz In this Help Net Security interview, Jason Passwaters, CEO of Intel 471, discusses how integrating cybercrime intelligence into an organization’s security strategy enables proactive threat management and how measuring intelligence efforts can help mitigate risks before they escalate. Passwaters also

React to this headline:

Loading spinner

Maximizing the impact of cybercrime intelligence on business resilience Read More »

How companies can fight ransomware impersonations

cybercrime, Don't miss, Hot stuff, Ransomware, Skyhigh Security, Video /

How companies can fight ransomware impersonations 2024-12-23 at 06:31 By Help Net Security As these threat actors become increasingly strategic and harder to detect, organizations must take all measures to protect their data, including cybersecurity training. In this Help Net Security video, Rodman Ramezanian, Global Cloud Threat Lead at Skyhigh Security, discusses how companies can

React to this headline:

Loading spinner

How companies can fight ransomware impersonations Read More »

CISA: Use Signal or other secure communications app

Android, CISA, Don't miss, Hot stuff, iPhone, MFA, News, password manager, secure communications, Signal, telecommunications, USA /

CISA: Use Signal or other secure communications app 2024-12-20 at 14:57 By Zeljka Zorz In the wake of the widespread compromise of US telecom giants’ networks by Chinese hackers and the FBI advising Americans to use end-to-end encrypted communications, CISA is advising “highly targeted individuals” – senior government officials and politicians – to lock down

React to this headline:

Loading spinner

CISA: Use Signal or other secure communications app Read More »

Another NetWalker affiliate sentenced to 20 years in prison

cybercriminals, Don't miss, Hot stuff, Justice Department, News, Ransomware /

Another NetWalker affiliate sentenced to 20 years in prison 2024-12-20 at 13:07 By Zeljka Zorz A 30-year old Romanian man was sentenced to 20 years in prison for leveraging the Netwalker ransomware to extort money from victims, the US Department of Justice announced on Thursday. Daniel Christian Hulea, of Jucu de Mijloc, Cluj, Romania, was

React to this headline:

Loading spinner

Another NetWalker affiliate sentenced to 20 years in prison Read More »

Why cybersecurity is critical to energy modernization

cybersecurity, Don't miss, ENCS, energy sector, Features, Hot stuff, IoT, News, opinion, regulation, standards /

Why cybersecurity is critical to energy modernization 2024-12-20 at 07:53 By Mirko Zorz In this Help Net Security interview, Anjos Nijk, Managing Director of the European Network for Cyber security (ENCS), discusses cybersecurity in the energy sector as it modernizes with renewable sources and smart grid technologies. Nijk also addresses the need for international collaboration,

React to this headline:

Loading spinner

Why cybersecurity is critical to energy modernization Read More »

Cryptocurrency hackers stole $2.2 billion from platforms in 2024

Bitcoin, Chainalysis, Cryptocurrency, Don't miss, hacking, Hot stuff, News, North Korea /

Cryptocurrency hackers stole $2.2 billion from platforms in 2024 2024-12-19 at 17:18 By Zeljka Zorz $2.2 billion worth of cryptocurrency was stolen from various platforms in 2024, Chainalysis’ 2025 Crypto Crime Report has revealed. Of that sum, $1.34 billion was stolen by North Korea-affiliated hackers, across 47 hacking incidents (out of 303). Most targeted organizations

React to this headline:

Loading spinner

Cryptocurrency hackers stole $2.2 billion from platforms in 2024 Read More »

CISA orders federal agencies to secure their Microsoft cloud environments

CISA, cloud security, Don't miss, Government, Hot stuff, Microsoft 365, News, Sectigo /

CISA orders federal agencies to secure their Microsoft cloud environments 2024-12-19 at 15:04 By Zeljka Zorz The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a binding operational directive (BOD 25-01) requiring federal civilian agencies to secure their (Microsoft) cloud environments. About the CISA BOD 25-01 directive The Implementing Secure Practices for Cloud Services

React to this headline:

Loading spinner

CISA orders federal agencies to secure their Microsoft cloud environments Read More »

Ukrainian hacker gets prison for infostealer operations

cybercrime, Don't miss, Government, law enforcement, News, USA /

Ukrainian hacker gets prison for infostealer operations 2024-12-19 at 12:03 By Help Net Security Ukrainian national Mark Sokolovsky was sentenced to 60 months in federal prison for one count of conspiracy to commit computer intrusion. According to court documents, he conspired to operate the Raccoon Infostealer as a malware-as-a-service (MaaS). Individuals who deployed Raccoon Infostealer

React to this headline:

Loading spinner

Ukrainian hacker gets prison for infostealer operations Read More »

Are threat feeds masking your biggest security blind spot?

attacks, C/side, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, network, News, opinion, threats /

Are threat feeds masking your biggest security blind spot? 2024-12-19 at 07:33 By Help Net Security Security teams that subscribe to threat feeds get lists of known malicious domains, IPs, and file signatures that they can leverage to blacklist and prevent attacks from those sources. The post Are threat feeds masking your biggest security blind

React to this headline:

Loading spinner

Are threat feeds masking your biggest security blind spot? Read More »

Leadership skills for managing cybersecurity during digital transformation

cybersecurity, digital transformation, Don't miss, Features, Hot stuff, News, opinion, Presidio, risk /

Leadership skills for managing cybersecurity during digital transformation 2024-12-19 at 07:03 By Mirko Zorz In this Help Net Security interview, Dan Lohrmann, CISO at Presidio, discusses the need for organizations to rethink their leadership and operational strategies and the cybersecurity risks they have to deal with during digital transformation. The post Leadership skills for managing

React to this headline:

Loading spinner

Leadership skills for managing cybersecurity during digital transformation Read More »

BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356)

BeyondTrust, CVE, Don't miss, enterprise, Hot stuff, News, remote access, vulnerability /

BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356) 2024-12-18 at 11:48 By Zeljka Zorz BeyondTrust has fixed an unauthenticated command injection vulnerability (CVE-2024-12356) in its Privileged Remote Access (PRA) and Remote Support (RS) products that may allow remote code execution, and is urging organizations with on-premise installations to test the patch and implement

React to this headline:

Loading spinner

BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356) Read More »

CISO accountability: Navigating a landscape of responsibility

CISO, collaboration, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, NetSPI, News, opinion /

CISO accountability: Navigating a landscape of responsibility 2024-12-18 at 07:36 By Help Net Security What was once primarily a technical role, CISOs now find themselves accountable for organizational risk, regulatory compliance, and even legal liabilities across the entire organization. However, as cyber threats intensify, it’s clear that overseeing cybersecurity operations enterprise-wide is not feasible for

React to this headline:

Loading spinner

CISO accountability: Navigating a landscape of responsibility Read More »

Key steps to scaling automated compliance while maintaining security

Artificial Intelligence, automation, Compliance, cybersecurity, Data Protection, Don't miss, Features, Hot stuff, Meta, News, opinion, Risk Management, strategy /

Key steps to scaling automated compliance while maintaining security 2024-12-18 at 07:01 By Mirko Zorz In this Help Net Security interview, Vivek Agarwal, Privacy Program Manager at Meta Platforms, shares insights on strategies for reducing time to market, improving vendor onboarding, and updating privacy requirements to ensure compliance across third-party contracts. From leveraging automation and

React to this headline:

Loading spinner

Key steps to scaling automated compliance while maintaining security Read More »

Vanir: Open-source security patch validation for Android

Android, Don't miss, GitHub, Google, Hot stuff, News, open source, patch, software /

Vanir: Open-source security patch validation for Android 2024-12-18 at 06:34 By Help Net Security Google’s open-source tool Vanir enables Android developers to quickly scan custom platform code for missing or applicable security patches. By automating patch validation, Vanir helps OEMs deliver critical security updates faster, enhancing the security of the Android ecosystem. Vanir uses source-code-based

React to this headline:

Loading spinner

Vanir: Open-source security patch validation for Android Read More »

Researchers reveal OT-specific malware in use and in development

Claroty, Don't miss, Forescout, Hot stuff, IIoT, IoT, Malware, malware analysis, News, OT, VirusTotal /

Researchers reveal OT-specific malware in use and in development 2024-12-17 at 16:43 By Zeljka Zorz Malware that’s made specifically to target industrial control systems (ICS), Internet of Things (IoT) and operational technology (OT) control devices is still rare, but in the last few weeks security researchers have identified two salient threats based on samples uploaded

React to this headline:

Loading spinner

Researchers reveal OT-specific malware in use and in development Read More »

Malvertising on steroids serves Lumma infostealer

Don't miss, Guardio, Hot stuff, Infoblox, malvertising, Malware, News /

Malvertising on steroids serves Lumma infostealer 2024-12-17 at 14:30 By Zeljka Zorz A large-scale malvertising campaign distributing the Lumma infostealer malware via intrusive “ads” leading to fake CAPTCHA pages has been tied by researchers to a threat actor abusing the Monetag ad network. The campaign from the users’ perspective Internet users usually land on one

React to this headline:

Loading spinner

Malvertising on steroids serves Lumma infostealer Read More »

The shifting security landscape: 2025 predictions and challenges

Artificial Intelligence, Blancco Technology Group, CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, predictions, quantum computing /

The shifting security landscape: 2025 predictions and challenges 2024-12-17 at 07:33 By Help Net Security As the borderless threat ecosystem poses new challenges for companies and governments worldwide, CISA’s 2025-2026 International Plan aims to address this problem. CISA’s plan calls for integrated cyber defense across borders, addressing the complex, global cybersecurity challenges that businesses, governments

React to this headline:

Loading spinner

The shifting security landscape: 2025 predictions and challenges Read More »

Scroll to Top