Why your security strategy is failing before it even starts 2025-11-14 at 09:25 By Mirko Zorz In this Help Net Security interview, Adnan Ahmed, CISO at Ornua, discusses how organizations can build a cybersecurity strategy that aligns with business goals. He explains why many companies stumble by focusing on technology before understanding risk and shares […]
Why your security strategy is failing before it even starts Read More »
Los Alamos researchers warn AI may upend national security 2025-11-14 at 09:25 By Sinisa Markovic For decades, the United States has built its defense posture around predictable timelines for technological progress. That assumption no longer holds, according to researchers at Los Alamos National Laboratory. Their paper argues that AI is advancing so quickly that the
Los Alamos researchers warn AI may upend national security Read More »
Protecting mobile privacy in real time with predictive adversarial defense 2025-11-14 at 09:25 By Sinisa Markovic Mobile sensors are everywhere, quietly recording how users move, tilt, or hold their phones. The same data that powers step counters and activity trackers can also expose personal details such as gender, age, or even identity. A new study
Protecting mobile privacy in real time with predictive adversarial defense Read More »
Fake spam filter alerts are hitting inboxes 2025-11-13 at 19:02 By Zeljka Zorz A new phishing campaign is attempting to trick users into believing they’ve missed important emails, security researchers are warning. The emails The bogus email alerts look like they are coming from the recipient’s email domain, and falsely claim that due to a
Fake spam filter alerts are hitting inboxes Read More »
“Patched” but still exposed: US federal agencies must remediate Cisco flaws (again) 2025-11-13 at 17:14 By Zeljka Zorz CISA has ordered US federal agencies to fully address two actively exploited vulnerabilities (CVE-2025-20333, CVE-2025-20362) in Cisco Adaptive Security Appliances (ASA) and Firepower firewalls. “In CISA’s analysis of agency-reported data, CISA has identified devices marked as ‘patched’
“Patched” but still exposed: US federal agencies must remediate Cisco flaws (again) Read More »
Rhadamanthys infostealer operation disrupted by law enforcement 2025-11-13 at 14:05 By Zeljka Zorz The rumors were true: Operation Endgame, a joint effort between law enforcement and judicial authorities of several European countries, Australia, Canada, the UK and the US, has disrupted the infrastructure supporting the operation of the Rhadamanthys infostealer. “Between 10 and 14 November
Rhadamanthys infostealer operation disrupted by law enforcement Read More »
Healthcare security is broken because its systems can’t talk to each other 2025-11-13 at 09:39 By Mirko Zorz In this Help Net Security interview, Cameron Kracke, CISO at Prime Therapeutics, discusses how the healthcare ecosystem can achieve cohesive security visibility. With hospitals, clinics, telehealth, and cloud partners all in the mix, maintaining visibility remains a
Healthcare security is broken because its systems can’t talk to each other Read More »
Wanna bet? Scammers are playing the odds better than you are 2025-11-13 at 08:52 By Sinisa Markovic Placing a bet has never been this easy, and that’s the problem. The convenience of online gambling is the same thing scammers are cashing in on. Whether it’s a fake app, a “can’t-miss” tipster, or a rigged casino,
Wanna bet? Scammers are playing the odds better than you are Read More »
Google adds Emerging Threats Center to speed detection and response 2025-11-12 at 19:02 By Sinisa Markovic When a new vulnerability hits the news, security teams often scramble to find out if they are at risk. The process of answering that question can take days or weeks, involving manual research, rule-writing, and testing. Google Security Operations
Google adds Emerging Threats Center to speed detection and response Read More »
UK’s new Cyber Security and Resilience Bill targets weak links in critical services 2025-11-12 at 18:17 By Zeljka Zorz The UK government has introduced the Cyber Security and Resilience Bill, a major piece of legislation designed to boost the country’s protection against cyber threats. The new law aims to strengthen the digital defenses of essential
UK’s new Cyber Security and Resilience Bill targets weak links in critical services Read More »
Patch Tuesday: Microsoft fixes actively exploited Windows kernel vulnerability (CVE-2025-62215) 2025-11-12 at 14:44 By Zeljka Zorz Microsoft has delivered a rather light load of patches for November 2025 Patch Tuesday: some 60+ vulnerabilities have received a fix, among them an actively exploited Windows Kernel flaw (CVE-2025-62215). CVE-2025-62215 CVE-2025-62215 is a memory corruption issue that stems
Autonomous AI could challenge how we define criminal behavior 2025-11-12 at 10:44 By Sinisa Markovic Whether we ever build AI that thinks like a person is still uncertain. What seems more realistic is a future with more independent machines. These systems already work across many industries and digital environments. Alongside human-to-human and human-to-machine contact, communication
Autonomous AI could challenge how we define criminal behavior Read More »
Shadow AI risk: Navigating the growing threat of ungoverned AI adoption 2025-11-12 at 10:44 By Help Net Security AI is transforming how businesses operate, but it’s also creating new, often hidden risks. As employees and business units eagerly embrace and experiment with AI solutions, many organizations are losing control over where and how AI is
Shadow AI risk: Navigating the growing threat of ungoverned AI adoption Read More »
ProxyBridge: Open-source proxy routing for Windows applications 2025-11-12 at 10:44 By Sinisa Markovic ProxyBridge is a lightweight, open-source tool that lets Windows users route network traffic from specific applications through SOCKS5 or HTTP proxies. It can redirect both TCP and UDP traffic and gives users the option to route, block, or allow connections on a
ProxyBridge: Open-source proxy routing for Windows applications Read More »
When every day is threat assessment day 2025-11-12 at 09:00 By Mirko Zorz In this Help Net Security interview, Paul J. Mocarski, VP & CISO at Sammons Financial Group, discusses how insurance carriers are adapting their cybersecurity strategies. He explains how ongoing threat assessments, AI-driven automation, and third-party risk management help maintain readiness. Mocarski also
When every day is threat assessment day Read More »
CISA: Patch Samsung flaw exploited to deliver spyware (CVE-2025-21042) 2025-11-11 at 17:38 By Zeljka Zorz CISA has added CVE-2025-21042, a vulnerability affecting Samsung mobile devices, to its Known Exploited Vulnerabilities (KEV) catalog, and has ordered US federal civilian agencies to address it by the start of December. “This type of vulnerability is a frequent attack
CISA: Patch Samsung flaw exploited to deliver spyware (CVE-2025-21042) Read More »
Attackers exploited another Gladinet Triofox zero-day (CVE-2025-12480) 2025-11-11 at 14:47 By Zeljka Zorz Attackers have exploited a now-fixed vulnerability (CVE-2025-12480) in the Gladinet Triofox secure file sharing and remote access platform while it was still a zero-day, Mandiant revealed on Monday. CVE-2025-12480 exploitation and attack details Gladinet’s Triofox solution is used by medium and large
Attackers exploited another Gladinet Triofox zero-day (CVE-2025-12480) Read More »
CISOs are cracking under pressure 2025-11-11 at 10:29 By Sinisa Markovic Cybersecurity leaders are hitting their limit. A new report from Nagomi Security shows that most CISOs are stretched thin, dealing with nonstop incidents, too many tools, and growing pressure from their boards. The pressures are so intense that many say they are burned out
CISOs are cracking under pressure Read More »
To get funding, CISOs are mastering the language of money 2025-11-11 at 09:00 By Mirko Zorz In this Help Net Security interview, Chris Wheeler, CISO at Resilience, talks about how CISOs are managing changing cybersecurity budgets. While overall spending is up, many say the increases don’t match their most pressing needs. Wheeler explains how organizations
To get funding, CISOs are mastering the language of money Read More »
Download: Strengthening Identity Security whitepaper 2025-11-10 at 16:00 By Help Net Security Identity threats are escalating. Attackers increasingly exploit compromised credentials, often undetected by organizations, and use social engineering to gain access. Most companies lack visibility into service account activity and don’t have the tools to detect identity-led threats. New identity security solutions are helping
Download: Strengthening Identity Security whitepaper Read More »