enterprise

From legacy to SaaS: Why complexity is the enemy of enterprise security

access management, authentication, Bridge IT, CISO, cybersecurity, digital transformation, Don't miss, enterprise, Features, Hot stuff, identity verification, MFA, News, SaaS, security awareness, strategy, tips, zero trust /

From legacy to SaaS: Why complexity is the enemy of enterprise security 2025-08-11 at 08:32 By Mirko Zorz In this Help Net Security interview, Robert Buljevic, Technology Consultant at Bridge IT, discusses how the coexistence of legacy systems and SaaS applications is changing the way organizations approach security. He explains why finding the right balance […]

From legacy to SaaS: Why complexity is the enemy of enterprise security Read More »

Microsoft urges admins to plug severe Exchange security hole (CVE-2025-53786)

CISA, cloud security, Don't miss, Email, enterprise, Hot stuff, hybrid IT, Microsoft Exchange, News /

Microsoft urges admins to plug severe Exchange security hole (CVE-2025-53786) 2025-08-07 at 17:40 By Zeljka Zorz “In an Exchange hybrid deployment, an attacker who first gains administrative access to an on-premises Exchange server could potentially escalate privileges within the organization’s connected cloud environment without leaving easily detectable and auditable trace,” Microsoft has announced on Wednesday.

Microsoft urges admins to plug severe Exchange security hole (CVE-2025-53786) Read More »

Open-source server management platform Proxmox VE 9.0 released

Debian, enterprise, Linux, networking, News, open source, Proxmox, servers, software, storage /

Open-source server management platform Proxmox VE 9.0 released 2025-08-06 at 16:17 By Help Net Security Proxmox Virtual Environment (VE) 9.0 introduces advancements in both storage and networking capabilities, addressing critical enterprise demands. A highlight is the long-awaited support for snapshots on thick-provisioned LVM shared storage, improving storage management capabilities especially for enterprise users with Fibre

Open-source server management platform Proxmox VE 9.0 released Read More »

Trend Micro Apex One flaws exploted in the wild (CVE-2025-54948, CVE-2025-54987)

Don't miss, Endpoint Security, enterprise, Hot stuff, News, SMBs, Trend Micro, vulnerability /

Trend Micro Apex One flaws exploted in the wild (CVE-2025-54948, CVE-2025-54987) 2025-08-06 at 15:05 By Zeljka Zorz Unauthenticated command injection vulnerabilities (CVE-2025-54948, CVE-2025-54987) affecting the on-premise version of Trend Micro’s Apex One endpoint security platform are being probed by attackers, the company has warned on Wednesday. Unfortunately for those organizations that use it, a patch

Trend Micro Apex One flaws exploted in the wild (CVE-2025-54948, CVE-2025-54987) Read More »

What’s keeping risk leaders up at night? AI, tariffs, and cost cuts

Compliance, CXO, cyber risk, enterprise, Gartner, News, report, Risk Management, supply chain /

What’s keeping risk leaders up at night? AI, tariffs, and cost cuts 2025-08-04 at 07:10 By Sinisa Markovic Enterprise risk leaders are most concerned about rising tariffs and trade tensions heading into the second half of 2025, according to a new report from Gartner. The firm’s second-quarter Emerging Risk Report, based on a survey of

What’s keeping risk leaders up at night? AI, tariffs, and cost cuts Read More »

Secrets are leaking everywhere, and bots are to blame

bot, cybersecurity, Data leak, enterprise, Entro, News, Non Human Identities, report /

Secrets are leaking everywhere, and bots are to blame 2025-07-31 at 07:30 By Anamarija Pogorelec Secrets like API keys, tokens, and credentials are scattered across messaging apps, spreadsheets, CI/CD logs, and even support tickets. According to Entro Security’s NHI & Secrets Risk Report H1 2025, non-human identities (NHIs), including bots, service accounts, and automation tools,

Secrets are leaking everywhere, and bots are to blame Read More »

Boards shift focus to tech and navigate cautious investors

business continuity, CXO, enterprise, generative AI, News, regulation, report, strategy /

Boards shift focus to tech and navigate cautious investors 2025-07-30 at 07:00 By Anamarija Pogorelec Corporate boards are adjusting to a more uncertain proxy landscape, according to EY’s 2025 Proxy Season Review. The report highlights four key 2025 proxy season trends shaping governance this year: more oversight of technology, fewer shareholder proposals (especially on sustainability),

Boards shift focus to tech and navigate cautious investors Read More »

Fighting AI with AI: How Darwinium is reshaping fraud defense

Artificial Intelligence, authentication, automation, Black Hat USA 2025, CISO, cybersecurity, Darwinium, Don't miss, enterprise, Features, fraud, Hot stuff, LLMs, News, opinion, strategy, tips /

Fighting AI with AI: How Darwinium is reshaping fraud defense 2025-07-29 at 16:07 By Mirko Zorz AI agents are showing up in more parts of the customer journey, from product discovery to checkout. And fraudsters are also putting them to work, often with alarming success. In response, cyberfraud prevention leader Darwinium is launching two AI-powered

Fighting AI with AI: How Darwinium is reshaping fraud defense Read More »

Why behavioral intelligence is becoming the bank fraud team’s best friend

BioCatch, cybersecurity, Don't miss, enterprise, Features, financial industry, fraud, Hot stuff, News, social engineering, social media /

Why behavioral intelligence is becoming the bank fraud team’s best friend 2025-07-29 at 09:03 By Mirko Zorz In this Help Net Security interview, Seth Ruden, Senior Director of Global Advisory at BioCatch, discusses how financial institutions are addressing fraud. He explains how banks are using behavioral biometrics, device fingerprinting, and network intelligence to enhance fraud

Why behavioral intelligence is becoming the bank fraud team’s best friend Read More »

Microsoft rolls out Windows 11 “quick recovery” feature

automation, consumer, Don't miss, enterprise, Hot stuff, News, SMBs, Windows /

Microsoft rolls out Windows 11 “quick recovery” feature 2025-07-23 at 18:31 By Zeljka Zorz With the latest Windows 11 update, Microsoft is saying goodbye to the infamous “Blue Screen of Death” and has enabled the quick machine recovery feature by default for Home users. “For nearly four decades, the blue screen shown during an unexpected

Microsoft rolls out Windows 11 “quick recovery” feature Read More »

Critical CrushFTP vulnerability exploited. Have you been targeted? (CVE-2025-54309)

CrushFTP, Don't miss, enterprise, exploit, file-sharing, Hot stuff, News, Rapid7, Shadowserver, SMBs, vulnerability /

Critical CrushFTP vulnerability exploited. Have you been targeted? (CVE-2025-54309) 2025-07-21 at 15:42 By Zeljka Zorz Unknown attackers have exploited a vulnerability (CVE-2025‑54309) in the CrushFTP enterprise file-transfer server solution to gain administrative access to vulnerable deployments. It’s currently unclear what the attackers are using this access for, but data theft looks most likely. According to

Critical CrushFTP vulnerability exploited. Have you been targeted? (CVE-2025-54309) Read More »

Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)

Cisco, communication, Don't miss, enterprise, Hot stuff, News, SMBs, vulnerability /

Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309) 2025-07-03 at 14:19 By Zeljka Zorz Cisco has found a backdoor account in yet another of its software solutions: CVE-2025-20309, stemming from default credentials for the root account, could allow unauthenticated remote attackers to log into a vulnerable Cisco Unified Communications Manager (Unified CM) and

Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309) Read More »

Cybersecurity essentials for the future: From hype to what works

access management, CISO, cyber resilience, cyber risk, cybersecurity, DirectDefense, Don't miss, enterprise, Features, Hot stuff, News, Risk Management, Secure Code Warrior, strategy, tips /

Cybersecurity essentials for the future: From hype to what works 2025-07-02 at 09:03 By Mirko Zorz Cybersecurity never stands still. One week it’s AI-powered attacks, the next it’s a new data breach, regulation, or budget cut. With all that noise, it’s easy to get distracted. But at the end of the day, the goal stays

Cybersecurity essentials for the future: From hype to what works Read More »

CitrixBleed 2 might be actively exploited (CVE-2025-5777)

Censys, Citrix, Don't miss, enterprise, Hot stuff, NetScaler, News, ReliaQuest, vulnerability /

CitrixBleed 2 might be actively exploited (CVE-2025-5777) 2025-06-30 at 15:47 By Zeljka Zorz While Citrix has observed some instances where CVE-2025-6543 has been exploited on vulnerable NetScaler networking appliances, the company still says that they don’t have evidence of exploitation for CVE-2025-5349 or CVE-2025-5777, both of which have been patched earlier this month. CVE-2025-5777, in

CitrixBleed 2 might be actively exploited (CVE-2025-5777) Read More »

Europe’s AI strategy: Smart caution or missed opportunity?

Accenture, Artificial Intelligence, Aunoo AI, CXO, cyber resilience, Data Protection, Don't miss, enterprise, EU, Europe, Features, Hot stuff, investment, Lakera, News, predictions, report, Verax AI /

Europe’s AI strategy: Smart caution or missed opportunity? 2025-06-30 at 08:03 By Mirko Zorz Europe is banking on AI to help solve its economic problems. Productivity is stalling, and tech adoption is slow. Global competitors, especially the U.S., are pulling ahead. A new report from Accenture says AI could help reverse that trend, but only

Europe’s AI strategy: Smart caution or missed opportunity? Read More »

Why AI agents could be the next insider threat

Artificial Intelligence, BeyondID, CISO, cybersecurity, Don't miss, enterprise, Hot stuff, Insider Threat, News, strategy, tips, Video /

Why AI agents could be the next insider threat 2025-06-30 at 07:37 By Help Net Security In this Help Net Security video, Arun Shrestha, CEO of BeyondID, explains how AI agents, now embedded in daily operations, are often over-permissioned, under-monitored, and invisible to identity governance systems. With a special focus on the healthcare sector, Shrestha

Why AI agents could be the next insider threat Read More »

Windows 10: How to get security updates for free until 2026

consumer, Don't miss, enterprise, Hot stuff, Microsoft, News, security update, SMBs, Windows /

Windows 10: How to get security updates for free until 2026 2025-06-25 at 14:45 By Zeljka Zorz Users who want to stick with Windows 10 beyond its planned end-of-support date but still receive security updates, can enroll into the Windows 10 Extended Security Updates (ESU) program, Microsoft has confirmed on Tuesday. Microsoft’s (self-evident) long-term goal

Windows 10: How to get security updates for free until 2026 Read More »

Critical Citrix NetScaler bug fixed, upgrade ASAP! (CVE-2025-5777)

Citrix, Don't miss, enterprise, Hot stuff, NetScaler, News, security update, vulnerability /

Critical Citrix NetScaler bug fixed, upgrade ASAP! (CVE-2025-5777) 2025-06-23 at 14:14 By Zeljka Zorz Citrix has fixed a critical vulnerability (CVE-2025-5777) in NetScaler ADC and NetScaler Gateway reminiscent of the infamous and widely exploited CitrixBleed flaw. The vulnerabilities have been privately disclosed and there is no indication that they are under active exploitation. Nevertheless, the

Critical Citrix NetScaler bug fixed, upgrade ASAP! (CVE-2025-5777) Read More »

Android Enterprise update puts mobile security first

Android, Don't miss, enterprise, Google, Google Play, mobile devices, News, smartphones, software, Zimperium /

Android Enterprise update puts mobile security first 2025-06-10 at 21:04 By Mirko Zorz Google is rolling out new Android Enterprise features aimed at improving mobile security, IT management, and employee productivity. According to Zimperium’s 2025 Global Mobile Threat Report, attackers are now prioritizing mobile devices over desktops. Many security incidents involve smartphones, often due to

Android Enterprise update puts mobile security first Read More »

Attackers fake IT support calls to steal Salesforce data

data theft, Don't miss, enterprise, extortion, Google, Hot stuff, News, Salesforce, social engineering, vishing /

Attackers fake IT support calls to steal Salesforce data 2025-06-04 at 17:47 By Zeljka Zorz Over the past several months, a threat group has been actively breaching organizations’ Salesforce instances and exfiltrating customer and business data, Google Threat Intelligence Group (GTIG) has warned. The attackers in question – currently tracked as UNC6040 – are masters

Attackers fake IT support calls to steal Salesforce data Read More »

Scroll to Top