Don’t miss

8Base ransomware group leaders arrested, leak site seized

arrest, cybercriminals, Don't miss, Europol, Hot stuff, law enforcement, News, Ransomware /

8Base ransomware group leaders arrested, leak site seized 2025-02-11 at 15:31 By Zeljka Zorz The Thai police has arrested four individuals suspected of being the leaders of the 8Base ransomware group and of stealing approximately $16 million from 1,000+ victims they targeted with the Phobos ransomware. “Officers from Cyber Crime Investigation Bureau, led by Police […]

React to this headline:

Loading spinner

8Base ransomware group leaders arrested, leak site seized Read More »

Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200)

0-day, apple, Don't miss, Hot stuff, iOS, iPad, News, security update /

Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) 2025-02-11 at 12:48 By Zeljka Zorz Users of iPhones and iPads that run iOS/iPadOS 18 and iPadOS 17 are urged to implement the latest updates to plug a security feature bypass vulnerability (CVE-2025-24200) exploited in the wild in “an extremely sophisticated” attack. The vulnerability (CVE-2025-24200)

React to this headline:

Loading spinner

Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) Read More »

Arvest Bank CISO on building a strong cybersecurity culture in banking

Arvest Bank, Banks, cybersecurity, Don't miss, Features, financial industry, Fintech, Hot stuff, News, opinion /

Arvest Bank CISO on building a strong cybersecurity culture in banking 2025-02-11 at 07:31 By Mirko Zorz In this Help Net Security interview, Mike Calvi, CISO at Arvest Bank, discusses building a strong cybersecurity culture within the banking sector. He explains how leadership, effective reporting, and proactive engagement with associates are key in strengthening security.

React to this headline:

Loading spinner

Arvest Bank CISO on building a strong cybersecurity culture in banking Read More »

Review: Inside Cyber Warfare, 3rd Edition

books, cybersecurity, Don't miss, Hot stuff, News, Review, Reviews /

Review: Inside Cyber Warfare, 3rd Edition 2025-02-11 at 07:00 By Mirko Zorz Inside Cyber Warfare, 3rd Edition by Jeffrey Caruso explores how nation-states, corporations, and hackers engage in digital warfare. It offers insights into the intersection of cybersecurity, geopolitics, and emerging technology. About the author Jeffrey Caruso is a globally recognized cybersecurity adviser, author, and

React to this headline:

Loading spinner

Review: Inside Cyber Warfare, 3rd Edition Read More »

How to detect and disable Apple AirTags that might be tracking you

apple, cybersecurity, Don't miss, how-to, News, Privacy /

How to detect and disable Apple AirTags that might be tracking you 2025-02-11 at 06:39 By Help Net Security Apple’s AirTags are a convenient way to track personal items like keys and bags, but they also raise concerns about unwanted tracking and stalking. To help users stay safe, Apple has implemented several anti-stalking protections, including

React to this headline:

Loading spinner

How to detect and disable Apple AirTags that might be tracking you Read More »

Malicious ML models found on Hugging Face Hub

Artificial Intelligence, Don't miss, Hot stuff, Hugging Face, JFrog, machine learning, News, ReversingLabs, software development, supply chain attacks /

Malicious ML models found on Hugging Face Hub 2025-02-10 at 15:52 By Zeljka Zorz Researchers have spotted two machine learning (ML) models containing malicious code on Hugging Face Hub, the popular online repository for datasets and pre-trained models. Once one of them is downloaded and executed on the developer’s machine, the malicious payload checks if

React to this headline:

Loading spinner

Malicious ML models found on Hugging Face Hub Read More »

February 2025 Patch Tuesday forecast: New directions for AI development

Don't miss, Expert analysis, Expert corner, Hot stuff, Ivanti, Microsoft, News, Patch Tuesday, predictions /

February 2025 Patch Tuesday forecast: New directions for AI development 2025-02-10 at 08:02 By Help Net Security The new year has started with a whirlwind of activity, and one of the hottest topics in the news is the increasing emphasis on AI. DeepSeek ad Stargate DeepSeek took the world by storm as millions of copies

React to this headline:

Loading spinner

February 2025 Patch Tuesday forecast: New directions for AI development Read More »

Security validation: The new standard for cyber resilience

cyber resilience, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, Pentera, security controls /

Security validation: The new standard for cyber resilience 2025-02-10 at 07:37 By Help Net Security Security validation has officially turned a corner. Once considered a “nice-to-have” it’s now a top priority for security leaders worldwide. This shift has been accelerated by frameworks like Gartner’s Continuous Threat Exposure Management (CTEM), introduced in 2022, which emphasizes the

React to this headline:

Loading spinner

Security validation: The new standard for cyber resilience Read More »

Political campaigns struggle to balance AI personalization and voter privacy

Artificial Intelligence, cybersecurity, Data Protection, Don't miss, EU, Features, Hot stuff, IFSH, News, opinion, Privacy, regulation /

Political campaigns struggle to balance AI personalization and voter privacy 2025-02-10 at 07:05 By Mirko Zorz In this Help Net Security interview, Mateusz Łabuz, researcher at the IFSH, discusses the balance between using AI for personalized political campaigns and protecting voter privacy. Łabuz also discusses the potential of AI in fact-checking, the regulatory landscape, and

React to this headline:

Loading spinner

Political campaigns struggle to balance AI personalization and voter privacy Read More »

Beelzebub: Open-source honeypot framework

Don't miss, GitHub, honeypots, News, open source, software /

Beelzebub: Open-source honeypot framework 2025-02-10 at 06:30 By Mirko Zorz Beelzebub is an open-source honeypot framework engineered to create a secure environment for detecting and analyzing cyber threats. It features a low-code design for seamless deployment and leverages AI to emulate the behavior of a high-interaction honeypot. “I created Beelzebub because my research activities require

React to this headline:

Loading spinner

Beelzebub: Open-source honeypot framework Read More »

Evolving uses of tokenization to protect data

Bluefin, Compliance, cybersecurity, Data Protection, Don't miss, Hot stuff, Privacy, standards, strategy, tokenization, Video /

Evolving uses of tokenization to protect data 2025-02-10 at 06:04 By Help Net Security Tokenization replaces sensitive data, such as credit card numbers or personal identifiers, with unique, non-sensitive tokens with no exploitable value. This method helps protect sensitive information by ensuring that the actual data is never stored or transmitted, reducing the risk of

React to this headline:

Loading spinner

Evolving uses of tokenization to protect data Read More »

Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys

Don't miss, Hot stuff, IIS server, Malware, Microsoft, News, web application security, web shell /

Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys 2025-02-07 at 14:22 By Zeljka Zorz A ViewState code injection attack spotted by Microsoft threat researchers in December 2024 could be easily replicated by other attackers, the company warned. “In the course of investigating, remediating, and building protections against this activity, we observed an insecure

React to this headline:

Loading spinner

Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys Read More »

Self-sovereign identity could transform fraud prevention, but…

AuthenticID, cybersecurity, Don't miss, Expert analysis, Expert corner, fraud, Hot stuff, identity, identity verification, opinion, Privacy /

Self-sovereign identity could transform fraud prevention, but… 2025-02-07 at 10:03 By Help Net Security The way we manage digital identity is fundamentally broken. The root of the problem lies in traditional, centralized identity models, where a single organization holds and controls a user’s credentials, creating an attractive target for attackers. The bigger the database, the

React to this headline:

Loading spinner

Self-sovereign identity could transform fraud prevention, but… Read More »

Ghidra 11.3 released: New features, performance improvements, bug fixes

Don't miss, GitHub, News, NSA, open source, software /

Ghidra 11.3 released: New features, performance improvements, bug fixes 2025-02-07 at 07:53 By Help Net Security NSA’s Research Directorate released version 11.3 of Ghidra, an open-source software reverse engineering (SRE) framework. It offers advanced analysis tools, enabling users to dissect and examine compiled code across multiple platforms, including Windows, macOS, and Linux. Ghidra 11.3 is

React to this headline:

Loading spinner

Ghidra 11.3 released: New features, performance improvements, bug fixes Read More »

Ransomware payments plummet as more victims refuse to pay

Chainalysis, Cisco, Don't miss, extortion, Hot stuff, News, Ransomware, Rapid7, trends /

Ransomware payments plummet as more victims refuse to pay 2025-02-06 at 15:49 By Zeljka Zorz Chainalysis’ latest report on how the ransomware landscape changed from 2023 to 2024 shows a promising trend: An increasing number of victims refuses to pay the ransom. The total volume of ransom payments decreased year-over-year by approximately 35%, the blockchain

React to this headline:

Loading spinner

Ransomware payments plummet as more victims refuse to pay Read More »

The overlooked risks of poor data hygiene in AI-driven organizations

access control, Artificial Intelligence, cybersecurity, Data Protection, Don't miss, Features, Hot stuff, News, opinion, Pangea, strategy /

The overlooked risks of poor data hygiene in AI-driven organizations 2025-02-06 at 07:03 By Mirko Zorz In this Help Net Security interview, Oliver Friedrichs, CEO at Pangea, discusses why strong data hygiene is more important than ever as companies integrate AI into their operations. With AI-driven applications handling sensitive enterprise data, poor access controls and

React to this headline:

Loading spinner

The overlooked risks of poor data hygiene in AI-driven organizations Read More »

How to customize Safari for private browsing on iOS

apple, cybersecurity, Don't miss, how-to, News, Privacy, private browsing, Safari /

How to customize Safari for private browsing on iOS 2025-02-06 at 06:04 By Help Net Security Apple’s Safari browser includes several features aimed at enhancing privacy while browsing the web. Two of the most notable privacy features are Intelligent Tracking Prevention (ITP) and Private Browsing mode. Intelligent Tracking Prevention (ITP) Intelligent Tracking Prevention (ITP) is

React to this headline:

Loading spinner

How to customize Safari for private browsing on iOS Read More »

Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968)

0-day, cybercriminals, data theft, distribution sector, Don't miss, exploit, Hot stuff, Intezer, manufacturing sector, News, Solis Security, SQL injection, web shell /

Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968) 2025-02-05 at 18:49 By Zeljka Zorz XE Group, a cybercriminal outfit that has been active for over a decade, has been quietly exploiting zero-day vulnerabilities (CVE-2025-25181, CVE-2024-57968) in VeraCore software, a popular solution for warehouse management and order fulfillment. According to Intezer and Solis Security

React to this headline:

Loading spinner

Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968) Read More »

Swap EOL Zyxel routers, upgrade Netgear ones!

access point, Don't miss, Hot stuff, Netgear, News, router, security update, VulnCheck, vulnerability, Zyxel /

Swap EOL Zyxel routers, upgrade Netgear ones! 2025-02-05 at 16:18 By Zeljka Zorz There will be no patches for EOL Zyxel routers under attack via CVE-2024-40891, the company has confirmed. Meanwhile, Netgear has issued patches for critical flaws affecting its routers and wireless access points. Zyxel vulnerability: Exploited, no patches CVE-2024-40891, a command injection vulnerability

React to this headline:

Loading spinner

Swap EOL Zyxel routers, upgrade Netgear ones! Read More »

Crypto-stealing iOS, Android malware found on App Store, Google Play

Android, App store, Cryptocurrency, Don't miss, ESET, Google Play, Hot stuff, iOS, Kaspersky, Malware, News /

Crypto-stealing iOS, Android malware found on App Store, Google Play 2025-02-05 at 13:25 By Zeljka Zorz A number of iOS and Android apps on Apple’s and Google’s official app stores contain a software development kit (SDK) that allows them to exfiltrate cryptowallets’ seed recovery phrases, Kaspersky researchers have found. “The infected apps in Google Play

React to this headline:

Loading spinner

Crypto-stealing iOS, Android malware found on App Store, Google Play Read More »

Scroll to Top