Don’t miss

Android Enterprise update puts mobile security first

Android, Don't miss, enterprise, Google, Google Play, mobile devices, News, smartphones, software, Zimperium /

Android Enterprise update puts mobile security first 2025-06-10 at 21:04 By Mirko Zorz Google is rolling out new Android Enterprise features aimed at improving mobile security, IT management, and employee productivity. According to Zimperium’s 2025 Global Mobile Threat Report, attackers are now prioritizing mobile devices over desktops. Many security incidents involve smartphones, often due to […]

React to this headline:

Loading spinner

Android Enterprise update puts mobile security first Read More »

Unpatched Wazuh servers targeted by Mirai botnets (CVE-2025-24016)

Akamai, botnet, Don't miss, Hot stuff, News, PoC, SIEM, vulnerability, Wazuh, XDR /

Unpatched Wazuh servers targeted by Mirai botnets (CVE-2025-24016) 2025-06-10 at 13:31 By Zeljka Zorz Two Mirai botnets are exploiting a critical remote code execution vulnerability (CVE-2025-24016) in the open-source Wazuh XDR/SIEM platform, Akamai researchers have warned. What is Wazuh? Wazuh is a popular open-source security information and event management (SIEM) and extended detection and response

React to this headline:

Loading spinner

Unpatched Wazuh servers targeted by Mirai botnets (CVE-2025-24016) Read More »

The legal questions to ask when your systems go dark

CISO, conferences, cybersecurity, Don't miss, Features, Hot stuff, Incident Response, law, law firms, News, regulation, Span, strategy /

The legal questions to ask when your systems go dark 2025-06-10 at 09:16 By Mirko Zorz At Span Cyber Security Arena, I sat down with Iva Mišković, Partner at the ISO-certified Mišković & Mišković law firm, to discuss the role of legal teams during cyber incidents. She shared why lawyers should assume the worst, coordinate

React to this headline:

Loading spinner

The legal questions to ask when your systems go dark Read More »

AI threats leave SecOps teams burned out and exposed

Artificial Intelligence, cybersecurity, Deep Instinct, Don't miss, News, report, security operations /

AI threats leave SecOps teams burned out and exposed 2025-06-10 at 08:39 By Mirko Zorz Security teams are leaning hard into AI, and fast. A recent survey of 500 senior cybersecurity pros at big U.S. companies found that 86% have ramped up their AI use in the past year. The main reason? They’re trying to

React to this headline:

Loading spinner

AI threats leave SecOps teams burned out and exposed Read More »

Securing agentic AI systems before they go rogue

Artificial Intelligence, CISO, cybersecurity, Don't miss, HiddenLayer, Hot stuff, LLM, News, strategy, tips, Video /

Securing agentic AI systems before they go rogue 2025-06-10 at 08:24 By Help Net Security In this Help Net Security video, Eoin Wickens, Director of Threat Intelligence at HiddenLayer, explores the security risks posed by agentic AI. He breaks down how agentic AI functions, its potential to revolutionize business operations, and the vulnerabilities it introduces,

React to this headline:

Loading spinner

Securing agentic AI systems before they go rogue Read More »

EU launches EU-based, privacy-focused DNS resolution service

content filtering, DNS, Don't miss, ENISA, EU, Hot stuff, News, Privacy, Whalebone /

EU launches EU-based, privacy-focused DNS resolution service 2025-06-09 at 17:38 By Zeljka Zorz DNS4EU, an EU-based DNS resolution service created to strengthen European Union’s digital sovereignty, has become reality. What is DNS? The Domain Name System (DNS) “translates” human-readable domain names into IP addresses and back, and is essential for accessing websites. Most users use

React to this headline:

Loading spinner

EU launches EU-based, privacy-focused DNS resolution service Read More »

Roundcube RCE: Dark web activity signals imminent attacks (CVE-2025-49113)

CERT-PL, Don't miss, exploit, FearsOff, Hot stuff, News, PoC, Roundcube, Shadowserver, vulnerability /

Roundcube RCE: Dark web activity signals imminent attacks (CVE-2025-49113) 2025-06-09 at 15:18 By Zeljka Zorz With an exploit for a critical Roundcube vulnerability (CVE-2025-49113) being offered for sale on underground forums and a PoC exploit having been made public, attacks exploiting the flaw are incoming and possibly already happening. According to the Shadowserver Foundation, there

React to this headline:

Loading spinner

Roundcube RCE: Dark web activity signals imminent attacks (CVE-2025-49113) Read More »

Balancing cybersecurity and client experience for high-net-worth clients

authentication, CIO, CISO, cybersecurity, Don't miss, Features, financial industry, Hot stuff, LPL Financial, News, regulation, risk /

Balancing cybersecurity and client experience for high-net-worth clients 2025-06-09 at 09:03 By Mirko Zorz In this Help Net Security interview, Renana Friedlich-Barsky, EVP and CISO at LPL Financial, discusses how threat actors are targeting high-net-worth clients and exploiting digital touchpoints in wealth management. She explains why firms must embed security from the start to protect

React to this headline:

Loading spinner

Balancing cybersecurity and client experience for high-net-worth clients Read More »

CISOs, are you ready for cyber threats in biotech?

CISO, cybersecurity, Don't miss, Features, Hot stuff, how-to, News, strategy, tips /

CISOs, are you ready for cyber threats in biotech? 2025-06-09 at 08:35 By Mirko Zorz The threat landscape in the bioeconomy is different from what most CISOs are used to. It includes traditional risks like data breaches, but the consequences are more complex. A compromise of genomic databases, for example, does not just expose personal

React to this headline:

Loading spinner

CISOs, are you ready for cyber threats in biotech? Read More »

fiddleitm: Open-source mitmproxy add-on identifies malicious web traffic

Don't miss, GitHub, News, open source, software /

fiddleitm: Open-source mitmproxy add-on identifies malicious web traffic 2025-06-09 at 08:00 By Mirko Zorz fiddleitm is an open-source tool built on top of mitmproxy that helps find malicious web traffic. It works by checking HTTP requests and responses for known patterns that might point to malware, phishing, or other threats. fiddleitm features “I created fiddleitm

React to this headline:

Loading spinner

fiddleitm: Open-source mitmproxy add-on identifies malicious web traffic Read More »

Millions of Android devices roped into Badbox 2.0 botnet. Is yours among them?

Android, botnet, consumer, Don't miss, FBI, Google, Hot stuff, HUMAN Security, IoT, News, smart home /

Millions of Android devices roped into Badbox 2.0 botnet. Is yours among them? 2025-06-06 at 16:09 By Zeljka Zorz Millions of Internet-of-Things (IoT) devices running the open-source version of the Android operating system are part of the Badbox 2.0 botnet, the FBI has warned. Cyber criminals are using the botnet to perform ad fraud and

React to this headline:

Loading spinner

Millions of Android devices roped into Badbox 2.0 botnet. Is yours among them? Read More »

June 2025 Patch Tuesday forecast: Second time is the charm?

Adobe, apple, cybersecurity, Don't miss, Expert analysis, Google, Hot stuff, Ivanti, Microsoft, Mozilla, News, Patch Tuesday, security update /

June 2025 Patch Tuesday forecast: Second time is the charm? 2025-06-06 at 09:57 By Help Net Security Microsoft has been busy releasing more out-of-band (OOB) patches than usual throughout May. The May Patch Tuesday release of updates was typical in number of vulnerabilities addressed with 41 in both Windows 10 and 11, and their associated

React to this headline:

Loading spinner

June 2025 Patch Tuesday forecast: Second time is the charm? Read More »

Why IAM should be the starting point for AI-driven cybersecurity

Artificial Intelligence, CISO, cybersecurity, Don't miss, Features, Hot stuff, identity management, News, security metrics, Twine Security /

Why IAM should be the starting point for AI-driven cybersecurity 2025-06-06 at 09:03 By Mirko Zorz In this Help Net Security interview, Benny Porat, CEO at Twine Security, discusses applying AI agents to security decisions. He explains why identity and access management (IAM) is the ideal starting point for both augmentation and automation, and shares

React to this headline:

Loading spinner

Why IAM should be the starting point for AI-driven cybersecurity Read More »

Protecting patient data starts with knowing where it’s stored

BitSight, CISO, data, data security, Don't miss, healthcare, Main Line Health, News, Smart Meter, tips /

Protecting patient data starts with knowing where it’s stored 2025-06-06 at 08:31 By Sinisa Markovic Patient data is often stored or processed outside the country where it was collected. When that happens, the data falls under the laws of the country where it resides. Depending on those laws, local governments may have legal access to

React to this headline:

Loading spinner

Protecting patient data starts with knowing where it’s stored Read More »

Ransomware and USB attacks are hammering OT systems

CISO, critical infrastructure, cybersecurity, Don't miss, Honeywell, ICS/SCADA, News, report /

Ransomware and USB attacks are hammering OT systems 2025-06-06 at 08:02 By Mirko Zorz Ransomware, trojans, and malware delivered through USB devices are putting growing pressure on industrial systems, according to the Honeywell 2025 Cyber Threat Report, which draws on data from monitoring tools deployed across industrial sites around the world. The findings highlight persistent

React to this headline:

Loading spinner

Ransomware and USB attacks are hammering OT systems Read More »

Meta open-sources AI tool to automatically classify sensitive documents

Artificial Intelligence, cybersecurity, data loss prevention, Data Protection, Don't miss, GitHub, Hot stuff, Meta, News, open source, software /

Meta open-sources AI tool to automatically classify sensitive documents 2025-06-05 at 09:17 By Mirko Zorz Meta has released an open source AI tool called Automated Sensitive Document Classification. It was originally built for internal use and is designed to find sensitive information in documents and apply security labels automatically. The tool uses customizable classification rules

React to this headline:

Loading spinner

Meta open-sources AI tool to automatically classify sensitive documents Read More »

Why SAP security updates are a struggle for large enterprises

CISO, cybersecurity, Don't miss, how-to, News, Pathlock, SAP, security update, strategy, tips, Video /

Why SAP security updates are a struggle for large enterprises 2025-06-05 at 07:33 By Help Net Security In this Help Net Security video, Jonathan Stross, SAP Security Analyst at Pathlock, examines why managing SAP security updates is so complex for enterprises. From highly customized, interconnected environments to the pressure of real-time patching, Strauss highlights why

React to this headline:

Loading spinner

Why SAP security updates are a struggle for large enterprises Read More »

Attackers fake IT support calls to steal Salesforce data

data theft, Don't miss, enterprise, extortion, Google, Hot stuff, News, Salesforce, social engineering, vishing /

Attackers fake IT support calls to steal Salesforce data 2025-06-04 at 17:47 By Zeljka Zorz Over the past several months, a threat group has been actively breaching organizations’ Salesforce instances and exfiltrating customer and business data, Google Threat Intelligence Group (GTIG) has warned. The attackers in question – currently tracked as UNC6040 – are masters

React to this headline:

Loading spinner

Attackers fake IT support calls to steal Salesforce data Read More »

Google fixes Chrome zero-day with in-the-wild exploit (CVE-2025-5419)

0-day, Chrome, Don't miss, Google, Hot stuff, Microsoft Edge, News /

Google fixes Chrome zero-day with in-the-wild exploit (CVE-2025-5419) 2025-06-04 at 14:17 By Zeljka Zorz Google has fixed two Chrome vulnerabilities, including a zero-day flaw (CVE-2025-5419) with an in-the-wild exploit. About CVE-2025-5419 CVE-2025-5419 is a high-severity out of bounds read and write vulnerability in V8, the JavaScript and WebAssembly engine developed by Google for the Chromium

React to this headline:

Loading spinner

Google fixes Chrome zero-day with in-the-wild exploit (CVE-2025-5419) Read More »

How to manage your cyber risk in a modern attack surface

attacks, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, Outpost24, Risk Management /

How to manage your cyber risk in a modern attack surface 2025-06-04 at 09:01 By Help Net Security According to research, 62% of organizations said their attack surface grew over the past year. It’s no coincidence that 76% of organizations also reported a cyberattack due to an exposed asset in 2024, as expanding digital footprints

React to this headline:

Loading spinner

How to manage your cyber risk in a modern attack surface Read More »

Scroll to Top